Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3138322e302e32302e302f32322d3232203d3e203233363933.roa
File: 3138322e302e32302e302f32322d3232203d3e203233363933.roa (raw, json)
Hash identifier: OPQ9sfuHHjRpFtI3pVhESYXYHZ6DzoCImlQzFDEYqCQ=
Subject key identifier: C2:E7:D5:BB:5F:5A:8C:80:73:F0:88:C3:6B:68:5C:5D:54:2E:DE:6C
Certificate issuer: /CN=66442B8563B5A590ED84F72A8C7B97A16B9C9F3A
Certificate serial: 7E6E80AABF649218913DAF928AED1F2A97D3F7AD
Authority key identifier: 66:44:2B:85:63:B5:A5:90:ED:84:F7:2A:8C:7B:97:A1:6B:9C:9F:3A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3138322e302e32302e302f32322d3232203d3e203233363933.roa
Signing time: Mon 11 Nov 2024 03:53:53 +0000
ROA not before: Mon 11 Nov 2024 03:48:53 +0000
ROA not after: Mon 10 Nov 2025 03:53:53 +0000
asID: 23693
IP address blocks: 182.0.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 11 Nov 2024 13:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6e:80:aa:bf:64:92:18:91:3d:af:92:8a:ed:1f:2a:97:d3:f7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66442B8563B5A590ED84F72A8C7B97A16B9C9F3A
Validity
Not Before: Nov 11 03:48:53 2024 GMT
Not After : Nov 10 03:53:53 2025 GMT
Subject: CN=C2E7D5BB5F5A8C8073F088C36B685C5D542EDE6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:82:a8:b1:8f:eb:78:d2:87:fe:c2:9e:c3:06:
d0:16:4e:3d:f0:34:9c:1f:72:f9:d2:fd:14:c2:21:
6e:f3:3a:ff:2e:2a:d1:27:1c:38:0d:ab:af:2a:6a:
4c:e2:25:fb:81:d1:00:1d:4f:d1:8c:aa:d5:1f:03:
37:01:21:5a:41:02:9b:ab:d1:e6:fb:58:f5:bb:cb:
c0:5d:46:64:8f:7f:2c:c8:5c:ff:cb:fd:96:fc:6b:
23:d0:94:8f:d6:0c:8c:41:a5:11:62:6e:ed:8a:19:
5b:4b:75:a6:b1:85:5b:a9:dd:36:77:20:49:72:7a:
03:63:27:57:94:97:4e:0a:94:dc:86:84:8f:3f:24:
62:e2:b0:75:a0:7a:69:86:ac:12:12:38:7b:0e:35:
10:51:b4:9d:e0:57:36:4c:2d:ba:7b:30:b5:4f:9f:
bf:13:ae:fd:79:aa:2f:73:d3:71:09:1e:9a:ec:2d:
1a:8f:30:39:97:69:bd:01:49:3e:86:ac:c5:d8:9a:
03:15:09:16:aa:84:33:a7:94:d8:4c:ec:11:b2:1d:
7a:92:4d:63:37:a5:3d:be:d0:ad:78:47:5a:b5:76:
a6:09:0a:a6:5a:1d:7e:ee:1d:c9:9f:b9:6f:f5:d8:
28:5f:c5:e9:ee:d8:fe:04:13:76:4a:e0:1e:91:2f:
43:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E7:D5:BB:5F:5A:8C:80:73:F0:88:C3:6B:68:5C:5D:54:2E:DE:6C
X509v3 Authority Key Identifier:
keyid:66:44:2B:85:63:B5:A5:90:ED:84:F7:2A:8C:7B:97:A1:6B:9C:9F:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3138322e302e32302e302f32322d3232203d3e203233363933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
182.0.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:8b:a9:b2:e4:23:31:87:cb:80:4b:eb:71:8c:0a:10:6a:a4:
e1:cb:40:19:7b:e4:32:a7:8b:72:ec:25:1d:90:3d:7c:bb:b5:
40:0f:cc:1e:aa:92:97:ec:fb:a7:e6:af:54:81:c4:d4:6e:71:
6c:05:e1:da:4d:b6:0d:49:02:a5:0b:00:b3:92:88:62:9a:fb:
93:d8:7e:0b:db:9d:99:c1:28:b3:27:79:0a:3a:c9:0a:25:86:
7d:76:03:f6:7b:be:22:44:74:2c:a6:42:5a:a3:bb:c4:43:54:
99:ea:4c:aa:65:e8:b3:2c:0a:8c:6f:fc:06:59:bd:63:89:96:
f0:9c:b2:93:b1:28:7a:76:b8:19:b4:36:a4:9c:69:83:d3:f7:
44:50:92:84:15:ba:99:b1:f1:da:3d:31:26:d2:16:ba:2b:32:
71:67:0d:e5:5b:a3:04:7c:f7:11:52:ad:7f:b9:73:b4:ba:ed:
d4:59:30:90:95:52:d3:1b:59:9c:d2:4c:f2:63:6f:ce:e4:ff:
e2:a8:f8:be:04:4d:ee:7b:9e:08:b1:1f:e5:45:9f:5a:6e:05:
c5:11:61:53:bb:5c:c2:97:3e:8e:a5:35:6b:eb:2e:7d:24:b7:
a0:1d:15:c3:b8:a0:01:4b:1c:aa:0e:5d:da:f0:df:dc:c3:dc:
fc:4d:f4:15
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUfm6Aqr9kkhiRPa+Siu0fKpfT960wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjY0NDJCODU2M0I1QTU5MEVEODRGNzJBOEM3Qjk3QTE2
QjlDOUYzQTAeFw0yNDExMTEwMzQ4NTNaFw0yNTExMTAwMzUzNTNaMDMxMTAvBgNV
BAMTKEMyRTdENUJCNUY1QThDODA3M0YwODhDMzZCNjg1QzVENTQyRURFNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDugqixj+t40of+wp7DBtAWTj3w
NJwfcvnS/RTCIW7zOv8uKtEnHDgNq68qakziJfuB0QAdT9GMqtUfAzcBIVpBApur
0eb7WPW7y8BdRmSPfyzIXP/L/Zb8ayPQlI/WDIxBpRFibu2KGVtLdaaxhVup3TZ3
IElyegNjJ1eUl04KlNyGhI8/JGLisHWgemmGrBISOHsONRBRtJ3gVzZMLbp7MLVP
n78Trv15qi9z03EJHprsLRqPMDmXab0BST6GrMXYmgMVCRaqhDOnlNhM7BGyHXqS
TWM3pT2+0K14R1q1dqYJCqZaHX7uHcmfuW/12Chfxenu2P4EE3ZK4B6RL0M1AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUwufVu19ajIBz8IjDa2hcXVQu3mwwHwYDVR0j
BBgwFoAUZkQrhWO1pZDthPcqjHuXoWucnzowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzI4ZjI0ZS1kYzdmLTQ1NjItYTUxZC1lMmUzOGMzNjc3ZDEvMC82NjQ0MkI4NTYz
QjVBNTkwRUQ4NEY3MkE4QzdCOTdBMTZCOUM5RjNBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjY0NDJCODU2M0I1QTU5MEVEODRGNzJBOEM3Qjk3QTE2QjlD
OUYzQS5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMyOGYyNGUtZGM3Zi00NTYyLWE1
MWQtZTJlMzhjMzY3N2QxLzAvMzEzODMyMmUzMDJlMzIzMDJlMzAyZjMyMzIyZDMy
MzIyMDNkM2UyMDMyMzMzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK2ABQwDQYJKoZIhvcNAQEL
BQADggEBAD+LqbLkIzGHy4BL63GMChBqpOHLQBl75DKni3LsJR2QPXy7tUAPzB6q
kpfs+6fmr1SBxNRucWwF4dpNtg1JAqULALOSiGKa+5PYfgvbnZnBKLMneQo6yQol
hn12A/Z7viJEdCymQlqju8RDVJnqTKpl6LMsCoxv/AZZvWOJlvCcspOxKHp2uBm0
NqScaYPT90RQkoQVupmx8do9MSbSFrorMnFnDeVbowR89xFSrX+5c7S67dRZMJCV
UtMbWZzSTPJjb87k/+Ko+L4ETe57ngixH+VFn1puBcURYVO7XMKXPo6lNWvrLn0k
t6AdFcO4oAFLHKoOXdrw39zD3PxN9BU=
-----END CERTIFICATE-----
Generated at Mon Nov 11 14:44:07 2024 by rpki-client on console-fra.rpki-client.org