Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3134342e302f32312d3231203d3e203130323137.roa
File: 3131392e31312e3134342e302f32312d3231203d3e203130323137.roa (raw, json)
Hash identifier: q3dwqkBew/E8w/T+VlgNHXnUB3mZpwGuaoMymd72H0c=
Subject key identifier: 17:02:AD:73:CD:F2:0C:EA:C6:9E:0A:EF:8D:04:03:61:3A:87:D9:35
Certificate issuer: /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial: 672F352E04CA98D3BA16908112DCFD528E0764DE
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3134342e302f32312d3231203d3e203130323137.roa
Signing time: Wed 22 Nov 2023 08:40:08 +0000
ROA not before: Wed 22 Nov 2023 08:35:08 +0000
ROA not after: Wed 20 Nov 2024 08:40:08 +0000
asID: 10217
IP address blocks: 119.11.144.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:2f:35:2e:04:ca:98:d3:ba:16:90:81:12:dc:fd:52:8e:07:64:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Validity
Not Before: Nov 22 08:35:08 2023 GMT
Not After : Nov 20 08:40:08 2024 GMT
Subject: CN=1702AD73CDF20CEAC69E0AEF8D0403613A87D935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:21:da:7b:66:69:6f:ff:b2:aa:49:10:b6:a2:
b5:8d:e3:7e:30:28:61:5f:00:cf:89:77:86:e6:68:
c2:d2:e9:a5:f1:90:e1:fd:4e:9f:f3:26:5a:8b:a3:
df:da:ec:e3:6d:01:fa:f5:aa:25:0b:2c:7e:a8:30:
03:5c:ca:18:d7:90:6b:d5:2f:f9:df:75:3c:7f:ce:
bf:48:90:d1:6e:68:06:9d:e5:14:36:37:35:64:58:
da:86:e8:1f:92:6c:64:39:9d:9f:c4:ec:68:17:2b:
c1:dc:31:8f:98:02:ed:47:52:46:7e:4b:79:c0:6e:
bb:0a:28:63:40:f9:be:ca:a6:0f:c6:24:cb:5f:d3:
91:01:29:f7:a5:35:e2:dc:b8:dc:8e:11:66:e5:94:
0c:fd:1c:8a:f3:c7:3f:ff:43:a5:06:aa:c5:7d:a3:
78:63:7d:35:17:9e:ef:3e:ed:23:9e:99:1b:f4:18:
e8:06:22:b0:f1:56:9f:1a:c2:54:71:6b:50:2f:39:
f1:e8:59:0c:bb:d3:91:ed:6a:1f:a8:1e:53:5a:e0:
b6:e7:2f:78:9a:91:fe:d1:fe:09:21:44:d6:af:f1:
f9:b0:b3:ac:7a:7a:35:6b:1e:24:43:8c:db:bb:0c:
df:f7:c0:8f:b2:43:e6:f7:3e:44:9e:49:12:cb:6d:
2f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:02:AD:73:CD:F2:0C:EA:C6:9E:0A:EF:8D:04:03:61:3A:87:D9:35
X509v3 Authority Key Identifier:
keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3134342e302f32312d3231203d3e203130323137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
119.11.144.0/21
Signature Algorithm: sha256WithRSAEncryption
74:7d:3c:ab:1c:c6:0f:99:67:3d:f6:b4:9e:29:ab:36:66:d9:
36:39:15:e2:0c:f3:44:f5:fe:16:31:60:85:2f:fb:92:97:9f:
c4:71:6c:46:2a:07:bb:ef:a3:45:21:cf:9a:0f:be:57:01:7c:
4a:d4:92:1d:ba:28:cb:33:89:13:b4:1d:aa:4f:04:1d:7e:56:
c9:f2:11:19:e5:61:cc:99:c6:2c:d2:a9:3a:57:4b:7f:b6:94:
e3:7b:c6:8f:2c:aa:3a:ac:c1:e4:18:43:77:81:4b:f4:e4:94:
c0:06:ab:9e:3d:07:5c:e4:31:65:e7:66:b0:17:dd:c1:bc:3a:
46:95:d7:05:3c:12:76:fc:52:44:a4:3d:48:ad:93:3a:2c:7b:
a4:ae:01:96:d5:2a:0b:b9:e1:31:d9:44:7f:17:44:c2:94:7b:
57:12:b1:bd:ae:82:9e:9c:c6:ae:c7:07:c5:e7:10:64:e6:25:
3f:80:b2:12:fc:34:8f:38:61:76:fc:24:46:6b:f1:45:8f:55:
8f:3d:7b:1b:2b:1f:f4:36:56:06:63:fb:8e:a8:79:a9:73:f9:
77:61:f4:94:cf:5c:03:31:2e:97:37:cc:f2:b6:97:25:d8:6c:
ea:9f:6f:1b:92:06:04:87:f7:ec:a6:a4:d4:0b:cc:54:8d:b2:
80:cb:8c:20
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUZy81LgTKmNO6FpCBEtz9Uo4HZN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzExMjIwODM1MDhaFw0yNDExMjAwODQwMDhaMDMxMTAvBgNV
BAMTKDE3MDJBRDczQ0RGMjBDRUFDNjlFMEFFRjhEMDQwMzYxM0E4N0Q5MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDIdp7Zmlv/7KqSRC2orWN434w
KGFfAM+Jd4bmaMLS6aXxkOH9Tp/zJlqLo9/a7ONtAfr1qiULLH6oMANcyhjXkGvV
L/nfdTx/zr9IkNFuaAad5RQ2NzVkWNqG6B+SbGQ5nZ/E7GgXK8HcMY+YAu1HUkZ+
S3nAbrsKKGNA+b7Kpg/GJMtf05EBKfelNeLcuNyOEWbllAz9HIrzxz//Q6UGqsV9
o3hjfTUXnu8+7SOemRv0GOgGIrDxVp8awlRxa1AvOfHoWQy705Htah+oHlNa4Lbn
L3iakf7R/gkhRNav8fmws6x6ejVrHiRDjNu7DN/3wI+yQ+b3PkSeSRLLbS8DAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUFwKtc83yDOrGngrvjQQDYTqH2TUwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMxMzEzOTJlMzEzMTJlMzEzNDM0MmUzMDJmMzIz
MTJkMzIzMTIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cLkDANBgkqhkiG
9w0BAQsFAAOCAQEAdH08qxzGD5lnPfa0nimrNmbZNjkV4gzzRPX+FjFghS/7kpef
xHFsRioHu++jRSHPmg++VwF8StSSHbooyzOJE7Qdqk8EHX5WyfIRGeVhzJnGLNKp
OldLf7aU43vGjyyqOqzB5BhDd4FL9OSUwAarnj0HXOQxZedmsBfdwbw6RpXXBTwS
dvxSRKQ9SK2TOix7pK4BltUqC7nhMdlEfxdEwpR7VxKxva6CnpzGrscHxecQZOYl
P4CyEvw0jzhhdvwkRmvxRY9Vjz17Gysf9DZWBmP7jqh5qXP5d2H0lM9cAzEulzfM
8raXJdhs6p9vG5IGBIf37Kak1AvMVI2ygMuMIA==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org