Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/3135372e32302e39352e302f32342d3234203d3e20313532343038.roa
File: 3135372e32302e39352e302f32342d3234203d3e20313532343038.roa (raw, json)
Hash identifier: 4hOLuGVtQR0LG3o9nsm64ZxyS5fiIDQV9Zjjx9ENHQ4=
Subject key identifier: 17:09:A2:95:39:6B:B3:AD:96:18:25:99:F0:C1:BA:84:F1:A8:ED:D1
Certificate issuer: /CN=FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC
Certificate serial: 48E8D5AC46EB824E0F2AB31FA16C5BFE427FCE1E
Authority key identifier: FD:18:E3:EC:B5:F2:28:5C:07:51:C4:8E:AF:23:EF:21:0B:A8:FD:CC
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/3135372e32302e39352e302f32342d3234203d3e20313532343038.roa
Signing time: Thu 21 Mar 2024 02:04:40 +0000
ROA not before: Thu 21 Mar 2024 01:59:40 +0000
ROA not after: Thu 20 Mar 2025 02:04:40 +0000
asID: 152408
IP address blocks: 157.20.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 01:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e8:d5:ac:46:eb:82:4e:0f:2a:b3:1f:a1:6c:5b:fe:42:7f:ce:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC
Validity
Not Before: Mar 21 01:59:40 2024 GMT
Not After : Mar 20 02:04:40 2025 GMT
Subject: CN=1709A295396BB3AD96182599F0C1BA84F1A8EDD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:68:a3:30:b5:55:a3:ec:95:02:af:6b:3f:ca:
50:94:15:34:40:5b:68:3a:da:a3:3b:bc:3e:96:7a:
d8:7b:05:4a:2f:b6:a7:99:9e:f5:5c:08:d5:c4:4e:
1c:ef:6f:35:c7:6d:23:00:94:5e:74:f2:54:a1:74:
79:22:a9:ed:0a:75:d8:74:f6:72:f0:4e:43:7e:fd:
a8:67:dc:7b:dc:c6:7b:a8:a9:c0:12:e1:27:d3:80:
bb:48:ed:10:56:31:95:9b:b6:b6:a2:b0:20:83:e6:
be:2d:fe:1f:ae:3d:68:17:de:63:b0:df:55:ef:0a:
dd:c5:37:e6:8b:73:b9:95:03:39:0c:50:53:e9:b6:
a8:af:9d:6d:3e:1b:c3:9b:e4:44:d8:3c:e6:e9:f6:
71:a3:4b:80:1e:2b:28:1d:a3:55:7e:83:21:be:c4:
c7:90:7f:be:28:51:5f:16:66:2a:db:15:5a:ed:17:
8c:0b:5b:ce:36:78:db:70:a2:00:3c:ab:0f:5e:0d:
66:df:84:08:7a:31:3a:b4:3f:7c:44:97:d1:5c:7e:
b0:e1:23:89:b3:69:31:d7:23:bc:0c:76:58:3d:cd:
67:e5:12:8e:b8:a9:8b:0e:fc:96:22:ea:56:0e:69:
94:55:b9:41:92:f4:28:d8:96:b9:19:5a:25:b3:47:
6e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:09:A2:95:39:6B:B3:AD:96:18:25:99:F0:C1:BA:84:F1:A8:ED:D1
X509v3 Authority Key Identifier:
keyid:FD:18:E3:EC:B5:F2:28:5C:07:51:C4:8E:AF:23:EF:21:0B:A8:FD:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/3135372e32302e39352e302f32342d3234203d3e20313532343038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.95.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:5e:30:ea:55:26:01:37:ea:bb:36:44:53:10:77:8d:27:35:
47:13:4a:fe:6f:6b:42:72:3b:72:e7:b3:81:77:40:19:f2:91:
be:42:65:bb:8e:2f:86:0c:be:34:a7:f3:c0:84:52:b9:24:5f:
14:3e:f1:c0:98:16:9f:59:d6:66:9f:60:54:4d:29:37:e4:1f:
52:21:e6:37:9f:52:25:01:f2:76:55:3c:35:28:f7:74:20:00:
6c:31:d9:1b:f5:ce:61:88:83:54:a4:5f:c7:48:e6:f4:24:4c:
4e:0f:5c:3a:fa:32:d3:e0:da:39:f8:e4:45:46:79:1a:28:b9:
fa:b9:14:92:f7:af:74:18:64:82:72:1d:3b:7a:77:45:61:69:
72:a4:a2:94:96:7a:fc:e2:78:1f:48:f9:0a:b1:26:16:a4:78:
fd:0a:82:97:9a:af:94:16:24:2e:9a:09:5e:f2:32:fa:c6:35:
43:b3:d5:a5:70:fa:db:61:c1:c1:93:50:08:07:c7:91:0b:a6:
d1:b8:13:2a:0e:db:0f:a1:56:da:de:e9:d3:a7:52:fb:73:b4:
cd:3d:b2:11:88:c4:28:41:06:ed:4e:ba:aa:b5:f8:86:8b:99:
b2:36:15:81:5b:ce:28:9d:08:7a:86:29:02:d4:94:e0:ec:ad:
8a:34:61:bf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUSOjVrEbrgk4PKrMfoWxb/kJ/zh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkQxOEUzRUNCNUYyMjg1QzA3NTFDNDhFQUYyM0VGMjEw
QkE4RkRDQzAeFw0yNDAzMjEwMTU5NDBaFw0yNTAzMjAwMjA0NDBaMDMxMTAvBgNV
BAMTKDE3MDlBMjk1Mzk2QkIzQUQ5NjE4MjU5OUYwQzFCQTg0RjFBOEVERDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZaKMwtVWj7JUCr2s/ylCUFTRA
W2g62qM7vD6Weth7BUovtqeZnvVcCNXEThzvbzXHbSMAlF508lShdHkiqe0Kddh0
9nLwTkN+/ahn3HvcxnuoqcAS4SfTgLtI7RBWMZWbtraisCCD5r4t/h+uPWgX3mOw
31XvCt3FN+aLc7mVAzkMUFPptqivnW0+G8Ob5ETYPObp9nGjS4AeKygdo1V+gyG+
xMeQf74oUV8WZirbFVrtF4wLW842eNtwogA8qw9eDWbfhAh6MTq0P3xEl9FcfrDh
I4mzaTHXI7wMdlg9zWflEo64qYsO/JYi6lYOaZRVuUGS9CjYlrkZWiWzR24PAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUFwmilTlrs62WGCWZ8MG6hPGo7dEwHwYDVR0j
BBgwFoAU/Rjj7LXyKFwHUcSOryPvIQuo/cwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
YWUxM2JhYy05MWMxLTQ2M2ItODMzMy02NGVlYzZkMjc5N2UvMC9GRDE4RTNFQ0I1
RjIyODVDMDc1MUM0OEVBRjIzRUYyMTBCQThGRENDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvRkQxOEUzRUNCNUYyMjg1QzA3NTFDNDhFQUYyM0VGMjEwQkE4
RkRDQy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RhZTEzYmFjLTkxYzEtNDYzYi04
MzMzLTY0ZWVjNmQyNzk3ZS8wLzMxMzUzNzJlMzIzMDJlMzkzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMjM0MzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UXzANBgkqhkiG
9w0BAQsFAAOCAQEAml4w6lUmATfquzZEUxB3jSc1RxNK/m9rQnI7cuezgXdAGfKR
vkJlu44vhgy+NKfzwIRSuSRfFD7xwJgWn1nWZp9gVE0pN+QfUiHmN59SJQHydlU8
NSj3dCAAbDHZG/XOYYiDVKRfx0jm9CRMTg9cOvoy0+DaOfjkRUZ5Gii5+rkUkvev
dBhkgnIdO3p3RWFpcqSilJZ6/OJ4H0j5CrEmFqR4/QqCl5qvlBYkLpoJXvIy+sY1
Q7PVpXD622HBwZNQCAfHkQum0bgTKg7bD6FW2t7p06dS+3O0zT2yEYjEKEEG7U66
qrX4houZsjYVgVvOKJ0IeoYpAtSU4OytijRhvw==
-----END CERTIFICATE-----
Generated at Fri Jun 21 02:28:46 2024 by rpki-client on console-fra.rpki-client.org