Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/3130332e31312e3130362e302f32342d3234203d3e203538343832.roa
File: 3130332e31312e3130362e302f32342d3234203d3e203538343832.roa (raw, json)
Hash identifier: cPQxkRbYm6Bo7MNN5+VG7KYJgSzyhPpJLdeOsTLN/Nc=
Subject key identifier: 68:AA:DA:84:D7:4B:43:4D:7A:F3:B6:39:CE:AA:60:CF:B8:B6:BF:EB
Certificate issuer: /CN=4C44F6F543BDBB858D3656D41A36660407672BDE
Certificate serial: 17EEA0953D1E66878F9150DB6B7F90B29AB961A5
Authority key identifier: 4C:44:F6:F5:43:BD:BB:85:8D:36:56:D4:1A:36:66:04:07:67:2B:DE
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4C44F6F543BDBB858D3656D41A36660407672BDE.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/3130332e31312e3130362e302f32342d3234203d3e203538343832.roa
Signing time: Tue 26 Dec 2023 10:00:34 +0000
ROA not before: Tue 26 Dec 2023 09:55:34 +0000
ROA not after: Tue 24 Dec 2024 10:00:34 +0000
asID: 58482
IP address blocks: 103.11.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 09:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:ee:a0:95:3d:1e:66:87:8f:91:50:db:6b:7f:90:b2:9a:b9:61:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4C44F6F543BDBB858D3656D41A36660407672BDE
Validity
Not Before: Dec 26 09:55:34 2023 GMT
Not After : Dec 24 10:00:34 2024 GMT
Subject: CN=68AADA84D74B434D7AF3B639CEAA60CFB8B6BFEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:c2:ef:a8:99:6a:f8:02:39:12:d3:4f:21:
0a:83:c6:df:88:7f:f4:07:48:af:ae:b9:ca:e2:45:
57:ed:f1:ce:a6:5a:e7:b2:43:65:25:a5:ec:ea:bb:
8b:62:a4:54:c8:88:58:9f:26:44:5b:1a:10:aa:72:
ff:a9:ef:eb:1d:1f:dd:b5:d5:42:53:7a:37:57:e2:
5d:8e:73:8d:8e:65:31:12:b3:b7:2a:42:66:7a:58:
7a:43:f0:58:c9:dd:75:07:ac:11:a3:26:00:d4:51:
a3:4e:5f:31:4e:8d:7c:bb:3a:e8:0b:7d:9c:7a:77:
24:b6:57:82:a3:14:ca:ff:17:50:31:03:b2:cb:e1:
d5:14:9c:0d:1c:e7:a2:4f:91:67:15:65:60:c5:e4:
29:99:4b:6b:4d:aa:23:01:8d:c3:e8:9c:d0:12:1c:
b4:3c:09:cd:1a:0e:34:b8:0b:6f:6f:ed:39:e4:26:
1c:8f:54:1d:03:d5:e4:57:ff:66:c0:20:c6:a6:49:
8a:39:d3:a7:2a:a5:1c:44:c0:e0:67:a4:98:02:80:
bf:fb:36:36:48:da:d6:09:10:ea:20:21:f5:ff:26:
d2:0c:7b:05:03:a0:03:cd:92:97:28:56:aa:4d:c0:
88:34:41:34:0a:d0:92:88:97:06:77:aa:0e:e2:a4:
cf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AA:DA:84:D7:4B:43:4D:7A:F3:B6:39:CE:AA:60:CF:B8:B6:BF:EB
X509v3 Authority Key Identifier:
keyid:4C:44:F6:F5:43:BD:BB:85:8D:36:56:D4:1A:36:66:04:07:67:2B:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4C44F6F543BDBB858D3656D41A36660407672BDE.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/3130332e31312e3130362e302f32342d3234203d3e203538343832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.11.106.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:d5:dd:3b:cf:40:da:99:39:41:b1:d0:2f:33:5c:d1:d9:eb:
ce:09:61:ce:a8:6a:a4:b5:8b:27:36:0a:7a:ad:9a:d5:c5:b8:
0e:85:f2:f2:fe:39:2c:a9:8e:67:57:a1:8e:43:ff:0a:dc:cc:
80:13:92:ce:23:ef:f2:02:da:b1:88:39:c7:85:90:bf:23:3b:
49:00:e2:d6:83:fb:7e:22:35:6e:75:bd:85:db:cf:19:e3:51:
ef:7e:cc:dd:a0:ee:cf:ca:3e:ad:2b:0f:5a:ae:55:6d:20:87:
86:db:8b:14:56:11:bc:15:b5:ce:e3:d6:a7:99:6c:ee:1b:a2:
16:ac:03:f3:60:da:0c:43:65:cc:7d:87:e0:ab:02:91:14:63:
ce:ca:82:ad:a4:cf:9b:78:bc:5c:41:ae:1b:33:b0:90:2d:d9:
8e:fd:fa:77:9e:d0:63:14:5d:5d:4c:10:38:85:3d:e4:fc:16:
ce:03:29:39:2f:19:80:eb:06:2d:67:79:1f:b4:d8:ce:50:4f:
d9:6a:a0:ba:d7:3f:43:c8:ec:51:66:e1:dc:76:5e:8a:05:0b:
29:61:3e:8c:8a:e4:15:f4:b1:cb:de:60:7f:fd:53:35:bf:da:
5f:2c:a8:27:a6:61:7e:77:a9:5b:ea:66:63:d5:b0:cf:bb:34:
29:51:1e:14
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUF+6glT0eZoePkVDba3+Qspq5YaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEM0NEY2RjU0M0JEQkI4NThEMzY1NkQ0MUEzNjY2MDQw
NzY3MkJERTAeFw0yMzEyMjYwOTU1MzRaFw0yNDEyMjQxMDAwMzRaMDMxMTAvBgNV
BAMTKDY4QUFEQTg0RDc0QjQzNEQ3QUYzQjYzOUNFQUE2MENGQjhCNkJGRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAisLvqJlq+AI5EtNPIQqDxt+I
f/QHSK+uucriRVft8c6mWueyQ2Ulpezqu4tipFTIiFifJkRbGhCqcv+p7+sdH921
1UJTejdX4l2Oc42OZTESs7cqQmZ6WHpD8FjJ3XUHrBGjJgDUUaNOXzFOjXy7OugL
fZx6dyS2V4KjFMr/F1AxA7LL4dUUnA0c56JPkWcVZWDF5CmZS2tNqiMBjcPonNAS
HLQ8Cc0aDjS4C29v7TnkJhyPVB0D1eRX/2bAIMamSYo506cqpRxEwOBnpJgCgL/7
NjZI2tYJEOogIfX/JtIMewUDoAPNkpcoVqpNwIg0QTQK0JKIlwZ3qg7ipM/zAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUaKrahNdLQ01687Y5zqpgz7i2v+swHwYDVR0j
BBgwFoAUTET29UO9u4WNNlbUGjZmBAdnK94wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NWYyYzY2Yy0xZjg3LTRkOTgtYTQ2Ny0zMjE4YjY0NWIzYWMvMC80QzQ0RjZGNTQz
QkRCQjg1OEQzNjU2RDQxQTM2NjYwNDA3NjcyQkRFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEM0NEY2RjU0M0JEQkI4NThEMzY1NkQ0MUEzNjY2MDQwNzY3
MkJERS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg1ZjJjNjZjLTFmODctNGQ5OC1h
NDY3LTMyMThiNjQ1YjNhYy8wLzMxMzAzMzJlMzEzMTJlMzEzMDM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM0MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcLajANBgkqhkiG
9w0BAQsFAAOCAQEAttXdO89A2pk5QbHQLzNc0dnrzglhzqhqpLWLJzYKeq2a1cW4
DoXy8v45LKmOZ1ehjkP/CtzMgBOSziPv8gLasYg5x4WQvyM7SQDi1oP7fiI1bnW9
hdvPGeNR737M3aDuz8o+rSsPWq5VbSCHhtuLFFYRvBW1zuPWp5ls7huiFqwD82Da
DENlzH2H4KsCkRRjzsqCraTPm3i8XEGuGzOwkC3Zjv36d57QYxRdXUwQOIU95PwW
zgMpOS8ZgOsGLWd5H7TYzlBP2Wqgutc/Q8jsUWbh3HZeigULKWE+jIrkFfSxy95g
f/1TNb/aXyyoJ6ZhfnepW+pmY9Wwz7s0KVEeFA==
-----END CERTIFICATE-----
Generated at Sun Sep 22 12:05:03 2024 by rpki-client on console-fra.rpki-client.org