Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/62af8352-cd65-4db7-b0cb-048b45e7a4bf/0/3130332e39342e3233382e302f32342d3234203d3e20313333383030.roa
File: 3130332e39342e3233382e302f32342d3234203d3e20313333383030.roa (raw, json)
Hash identifier: 2Zmbd7+EzsfXbQBvhrJceaMP0wfZ7/W3J9uS71ZLFD4=
Subject key identifier: 99:EC:3D:F9:EF:CA:7D:F9:77:14:CD:23:15:D9:6A:44:9C:B2:95:34
Certificate issuer: /CN=5CDA120200D28E4FC66FECD60F5AFCC57E79E642
Certificate serial: 160F58F7D5682AD114D5C38782E5C37BF124F070
Authority key identifier: 5C:DA:12:02:00:D2:8E:4F:C6:6F:EC:D6:0F:5A:FC:C5:7E:79:E6:42
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5CDA120200D28E4FC66FECD60F5AFCC57E79E642.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/62af8352-cd65-4db7-b0cb-048b45e7a4bf/0/3130332e39342e3233382e302f32342d3234203d3e20313333383030.roa
Signing time: Tue 18 Feb 2025 04:15:02 +0000
ROA not before: Tue 18 Feb 2025 04:10:02 +0000
ROA not after: Tue 17 Feb 2026 04:15:02 +0000
asID: 133800
IP address blocks: 103.94.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 00:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:0f:58:f7:d5:68:2a:d1:14:d5:c3:87:82:e5:c3:7b:f1:24:f0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5CDA120200D28E4FC66FECD60F5AFCC57E79E642
Validity
Not Before: Feb 18 04:10:02 2025 GMT
Not After : Feb 17 04:15:02 2026 GMT
Subject: CN=99EC3DF9EFCA7DF97714CD2315D96A449CB29534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c1:2d:67:6b:21:59:bd:30:1c:01:20:0f:fb:
95:d6:a2:bc:98:69:82:6e:48:08:f0:cc:15:72:9e:
2f:0e:b2:64:ac:48:e6:09:e8:0f:34:ad:76:f3:c4:
d0:c1:97:41:bd:19:57:48:9d:af:04:70:6d:a1:f6:
0f:dd:ea:e9:c6:ee:1f:3b:fa:ba:7c:3a:f8:d3:06:
d5:28:c9:98:69:c1:f4:bd:b2:a4:25:f1:64:fa:ad:
39:f0:fc:b2:81:7f:02:6e:b9:35:03:ff:a9:97:76:
a3:d3:ee:98:e0:ec:e2:5c:e8:7f:65:d2:5d:5d:d0:
db:1b:1d:e8:85:bd:0d:b8:ef:36:d9:f4:3c:11:74:
fc:b5:cb:a9:d2:ee:d7:ee:5d:b2:13:84:0d:5f:3b:
88:13:c1:52:79:2a:fb:fc:a9:4c:ca:60:05:89:73:
e8:ba:42:04:fb:b8:80:de:81:d2:5e:43:16:eb:93:
27:a8:22:db:be:b0:f7:a3:46:65:6e:33:e3:5b:ff:
76:e1:ef:18:5a:9c:5f:b6:7d:a5:7b:e5:c3:3c:57:
5c:1c:9d:a2:8e:20:46:6e:45:1c:90:bc:f9:04:2e:
0d:13:03:41:7c:f5:a9:6e:5f:4f:c3:56:ce:0d:d7:
1e:2c:61:db:7e:95:7b:a1:a0:ae:0b:f6:c0:2d:d0:
85:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EC:3D:F9:EF:CA:7D:F9:77:14:CD:23:15:D9:6A:44:9C:B2:95:34
X509v3 Authority Key Identifier:
keyid:5C:DA:12:02:00:D2:8E:4F:C6:6F:EC:D6:0F:5A:FC:C5:7E:79:E6:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/62af8352-cd65-4db7-b0cb-048b45e7a4bf/0/5CDA120200D28E4FC66FECD60F5AFCC57E79E642.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5CDA120200D28E4FC66FECD60F5AFCC57E79E642.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/62af8352-cd65-4db7-b0cb-048b45e7a4bf/0/3130332e39342e3233382e302f32342d3234203d3e20313333383030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.94.238.0/24
Signature Algorithm: sha256WithRSAEncryption
39:43:c8:bc:a9:55:ba:a8:e3:96:0d:de:8e:a1:c6:1a:87:26:
bd:8d:43:a5:93:54:08:35:e0:eb:e4:cb:3e:45:ba:71:7e:db:
4a:d3:98:95:05:e4:2c:41:cb:21:18:19:df:9a:23:85:41:23:
91:fa:b6:d8:be:0c:f8:72:da:7a:e2:ab:05:82:6a:af:2a:07:
c9:f2:09:36:59:92:b3:67:76:6d:68:6b:ad:51:f8:af:5b:da:
c0:cd:77:85:b6:d1:f1:5c:03:13:64:f7:5a:7f:b9:03:dc:d1:
5d:fb:87:52:cc:ae:c6:55:e8:b4:88:a0:67:d8:6d:6a:b1:53:
79:a1:38:e8:e2:3c:a7:b8:6b:d4:d8:38:f7:2c:d7:e5:82:0c:
ba:ca:8a:e3:85:8a:5b:26:05:1e:aa:79:1e:49:d5:a7:ae:35:
9b:48:00:8a:31:a9:1d:7d:b7:27:7a:b5:e6:24:4e:4b:2b:ee:
f3:4c:98:1e:4f:5e:c7:de:5f:a1:c1:04:95:ad:fe:42:37:b8:
de:4c:a5:f4:d9:31:10:ef:f0:f9:07:f1:59:9d:28:38:74:20:
b7:3b:7c:ab:48:41:33:98:b7:dc:52:c1:94:c5:6b:8d:91:fe:
21:b5:8d:e0:4a:3d:f5:49:f1:d9:6d:d2:1f:fc:f5:6d:de:a2:
65:3b:90:c2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFg9Y99VoKtEU1cOHguXDe/Ek8HAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUNEQTEyMDIwMEQyOEU0RkM2NkZFQ0Q2MEY1QUZDQzU3
RTc5RTY0MjAeFw0yNTAyMTgwNDEwMDJaFw0yNjAyMTcwNDE1MDJaMDMxMTAvBgNV
BAMTKDk5RUMzREY5RUZDQTdERjk3NzE0Q0QyMzE1RDk2QTQ0OUNCMjk1MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDowS1nayFZvTAcASAP+5XWoryY
aYJuSAjwzBVyni8OsmSsSOYJ6A80rXbzxNDBl0G9GVdIna8EcG2h9g/d6unG7h87
+rp8OvjTBtUoyZhpwfS9sqQl8WT6rTnw/LKBfwJuuTUD/6mXdqPT7pjg7OJc6H9l
0l1d0NsbHeiFvQ247zbZ9DwRdPy1y6nS7tfuXbIThA1fO4gTwVJ5Kvv8qUzKYAWJ
c+i6QgT7uIDegdJeQxbrkyeoItu+sPejRmVuM+Nb/3bh7xhanF+2faV75cM8V1wc
naKOIEZuRRyQvPkELg0TA0F89aluX0/DVs4N1x4sYdt+lXuhoK4L9sAt0IXjAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUmew9+e/Kffl3FM0jFdlqRJyylTQwHwYDVR0j
BBgwFoAUXNoSAgDSjk/Gb+zWD1r8xX555kIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MmFmODM1Mi1jZDY1LTRkYjctYjBjYi0wNDhiNDVlN2E0YmYvMC81Q0RBMTIwMjAw
RDI4RTRGQzY2RkVDRDYwRjVBRkNDNTdFNzlFNjQyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNUNEQTEyMDIwMEQyOEU0RkM2NkZFQ0Q2MEY1QUZDQzU3RTc5
RTY0Mi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYyYWY4MzUyLWNkNjUtNGRiNy1i
MGNiLTA0OGI0NWU3YTRiZi8wLzMxMzAzMzJlMzkzNDJlMzIzMzM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMzMzgzMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ17uMA0GCSqG
SIb3DQEBCwUAA4IBAQA5Q8i8qVW6qOOWDd6OocYahya9jUOlk1QINeDr5Ms+Rbpx
fttK05iVBeQsQcshGBnfmiOFQSOR+rbYvgz4ctp64qsFgmqvKgfJ8gk2WZKzZ3Zt
aGutUfivW9rAzXeFttHxXAMTZPdaf7kD3NFd+4dSzK7GVei0iKBn2G1qsVN5oTjo
4jynuGvU2Dj3LNflggy6yorjhYpbJgUeqnkeSdWnrjWbSACKMakdfbcnerXmJE5L
K+7zTJgeT17H3l+hwQSVrf5CN7jeTKX02TEQ7/D5B/FZnSg4dCC3O3yrSEEzmLfc
UsGUxWuNkf4htY3gSj31SfHZbdIf/PVt3qJlO5DC
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:30 2025 by rpki-client