Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3131342e3132302e3132382e302f31392d3139203d3e203233363933.roa
File: 3131342e3132302e3132382e302f31392d3139203d3e203233363933.roa (raw, json)
Hash identifier: k4GTUWzv2R5gpdE/xj3SKWD63Ar4c5YJJrZl7cF5sVo=
Subject key identifier: 3F:B4:AD:7A:A6:00:2E:C6:94:FD:2C:5C:40:3F:2B:2E:07:8A:1F:8C
Certificate issuer: /CN=66442B8563B5A590ED84F72A8C7B97A16B9C9F3A
Certificate serial: 49C973F37F7B62A47D81E9A6EE016CEB7C4C91AC
Authority key identifier: 66:44:2B:85:63:B5:A5:90:ED:84:F7:2A:8C:7B:97:A1:6B:9C:9F:3A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3131342e3132302e3132382e302f31392d3139203d3e203233363933.roa
Signing time: Mon 11 Nov 2024 08:15:45 +0000
ROA not before: Mon 11 Nov 2024 08:10:45 +0000
ROA not after: Mon 10 Nov 2025 08:15:45 +0000
asID: 23693
IP address blocks: 114.120.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 11 Nov 2024 13:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c9:73:f3:7f:7b:62:a4:7d:81:e9:a6:ee:01:6c:eb:7c:4c:91:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66442B8563B5A590ED84F72A8C7B97A16B9C9F3A
Validity
Not Before: Nov 11 08:10:45 2024 GMT
Not After : Nov 10 08:15:45 2025 GMT
Subject: CN=3FB4AD7AA6002EC694FD2C5C403F2B2E078A1F8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1b:fc:d4:c4:ac:d8:44:22:77:7d:a8:13:92:
0e:d0:28:f2:ed:26:d1:4c:31:f2:02:4b:bf:e9:cc:
da:a1:cf:c3:ac:e8:59:38:04:c4:ea:ad:97:e1:72:
2f:15:17:a1:8a:38:2c:2a:15:68:cb:87:42:1a:a8:
a9:b0:4e:59:ee:1e:26:48:66:40:55:ff:3c:d8:6c:
9a:0a:05:d7:aa:c1:ff:d3:79:00:b4:0d:4c:13:21:
2a:50:4a:41:25:83:c4:04:7e:52:3a:ed:6d:26:de:
49:d4:2f:d9:9b:94:b9:3e:76:29:cc:67:11:f1:03:
b7:bd:1c:79:fa:d6:eb:43:1c:e4:b5:b4:a3:9b:8a:
75:f5:57:9d:e1:ab:21:9f:7f:62:ec:5c:de:27:bb:
0a:93:2e:e2:a5:86:c8:70:dc:d8:c6:fa:54:50:13:
18:08:a2:47:d0:52:85:75:45:11:a7:4d:ca:11:aa:
c5:7a:a8:60:ea:3a:cb:ff:f2:61:99:88:ee:7f:9b:
d8:de:f0:de:dd:09:52:43:3f:24:cf:91:87:9b:e6:
7f:8d:d2:e1:f8:05:54:be:8f:da:cf:a2:64:23:fd:
90:b9:d9:06:66:0c:6e:93:34:68:92:a5:90:e2:b3:
90:eb:9b:b3:6e:ae:49:17:47:87:8f:f9:a9:6a:b9:
27:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B4:AD:7A:A6:00:2E:C6:94:FD:2C:5C:40:3F:2B:2E:07:8A:1F:8C
X509v3 Authority Key Identifier:
keyid:66:44:2B:85:63:B5:A5:90:ED:84:F7:2A:8C:7B:97:A1:6B:9C:9F:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3131342e3132302e3132382e302f31392d3139203d3e203233363933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.120.128.0/19
Signature Algorithm: sha256WithRSAEncryption
95:b3:50:c6:4c:d4:80:34:72:c1:d7:3d:39:3f:cc:34:82:1d:
72:6a:15:bb:d7:27:1d:7e:e0:38:06:fd:88:05:30:f4:8f:7d:
4b:de:4f:66:4e:95:fa:fb:ee:15:31:56:fe:af:aa:4c:60:65:
c3:f3:6e:4d:13:b7:07:be:9b:5f:20:de:d3:04:5f:9c:fa:eb:
d5:b2:b5:c0:4b:d1:aa:23:07:b9:67:50:45:2c:f3:64:b4:4b:
6c:c7:5b:d6:6f:6e:bd:42:57:20:0a:31:b1:04:7a:7f:d0:f8:
84:de:c3:42:2a:6d:8b:3f:fb:6b:be:1d:b8:f0:d9:cd:4f:45:
21:9f:36:6c:22:62:76:d7:49:db:1d:6c:56:aa:48:92:5e:53:
4f:c4:94:8b:28:27:68:32:61:2b:40:f8:d8:7e:c6:bb:f0:fb:
51:ea:25:ea:fe:e3:c8:b4:c6:5c:58:d2:c2:9d:43:26:18:e3:
ab:45:e9:c9:d3:16:ea:60:b1:b2:a1:fa:2b:4c:52:22:a8:a8:
26:2f:99:8c:42:49:47:b2:70:54:84:d0:2e:d8:7c:2b:18:90:
c2:4d:4b:f2:41:a6:8c:b5:74:09:15:5d:0b:89:9a:5f:95:e9:
3e:24:df:53:1f:24:e7:0d:63:21:51:5c:9a:07:76:96:7d:0f:
e2:f7:96:74
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUSclz8397YqR9gemm7gFs63xMkawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjY0NDJCODU2M0I1QTU5MEVEODRGNzJBOEM3Qjk3QTE2
QjlDOUYzQTAeFw0yNDExMTEwODEwNDVaFw0yNTExMTAwODE1NDVaMDMxMTAvBgNV
BAMTKDNGQjRBRDdBQTYwMDJFQzY5NEZEMkM1QzQwM0YyQjJFMDc4QTFGOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyG/zUxKzYRCJ3fagTkg7QKPLt
JtFMMfICS7/pzNqhz8Os6Fk4BMTqrZfhci8VF6GKOCwqFWjLh0IaqKmwTlnuHiZI
ZkBV/zzYbJoKBdeqwf/TeQC0DUwTISpQSkElg8QEflI67W0m3knUL9mblLk+dinM
ZxHxA7e9HHn61utDHOS1tKObinX1V53hqyGff2LsXN4nuwqTLuKlhshw3NjG+lRQ
ExgIokfQUoV1RRGnTcoRqsV6qGDqOsv/8mGZiO5/m9je8N7dCVJDPyTPkYeb5n+N
0uH4BVS+j9rPomQj/ZC52QZmDG6TNGiSpZDis5Drm7NurkkXR4eP+alquSdxAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUP7SteqYALsaU/SxcQD8rLgeKH4wwHwYDVR0j
BBgwFoAUZkQrhWO1pZDthPcqjHuXoWucnzowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzI4ZjI0ZS1kYzdmLTQ1NjItYTUxZC1lMmUzOGMzNjc3ZDEvMC82NjQ0MkI4NTYz
QjVBNTkwRUQ4NEY3MkE4QzdCOTdBMTZCOUM5RjNBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjY0NDJCODU2M0I1QTU5MEVEODRGNzJBOEM3Qjk3QTE2QjlD
OUYzQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMzMjhmMjRlLWRjN2YtNDU2Mi1h
NTFkLWUyZTM4YzM2NzdkMS8wLzMxMzEzNDJlMzEzMjMwMmUzMTMyMzgyZTMwMmYz
MTM5MmQzMTM5MjAzZDNlMjAzMjMzMzYzOTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFcniAMA0GCSqG
SIb3DQEBCwUAA4IBAQCVs1DGTNSANHLB1z05P8w0gh1yahW71ycdfuA4Bv2IBTD0
j31L3k9mTpX6++4VMVb+r6pMYGXD825NE7cHvptfIN7TBF+c+uvVsrXAS9GqIwe5
Z1BFLPNktEtsx1vWb269QlcgCjGxBHp/0PiE3sNCKm2LP/trvh248NnNT0UhnzZs
ImJ210nbHWxWqkiSXlNPxJSLKCdoMmErQPjYfsa78PtR6iXq/uPItMZcWNLCnUMm
GOOrRenJ0xbqYLGyoforTFIiqKgmL5mMQklHsnBUhNAu2HwrGJDCTUvyQaaMtXQJ
FV0LiZpflek+JN9THyTnDWMhUVyaB3aWfQ/i95Z0
-----END CERTIFICATE-----
Generated at Mon Nov 11 14:44:07 2024 by rpki-client on console-fra.rpki-client.org