Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/B9533A72F0FE11EBA1157B3FD8A014CE.roa
File: B9533A72F0FE11EBA1157B3FD8A014CE.roa (raw, json)
Hash identifier: UG31E0mNkRJ2jFWqof+AHji4pjH9AHZ8LVRNjy1A2xU=
Subject key identifier: 97:B8:23:E6:CE:F5:93:2A:DF:04:9A:A7:DE:63:5B:36:F3:3B:12:39
Certificate issuer: /CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Certificate serial: 02
Authority key identifier: 31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/B9533A72F0FE11EBA1157B3FD8A014CE.roa
Signing time: Fri 30 Jul 2021 06:24:21 +0000
ROA not before: Fri 30 Jul 2021 06:24:15 +0000
ROA not after: Thu 31 Jul 2031 06:24:15 +0000
asID: 37236
IP address blocks: 41.79.240.0/22 maxlen: 24
154.119.224.0/19 maxlen: 24
2c0f:f010::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Dec 2022 16:47:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Validity
Not Before: Jul 30 06:24:15 2021 GMT
Not After : Jul 31 06:24:15 2031 GMT
Subject: CN=61039b15-8de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:f2:c5:20:b6:61:04:9a:0d:7e:fd:74:9c:
0c:07:1c:66:8d:22:92:bc:47:54:47:5b:fe:04:95:
01:94:e0:a1:87:2d:66:b1:06:00:64:a9:c8:26:51:
42:79:71:14:0e:4a:c4:f2:0e:b0:14:95:ae:a1:59:
19:8f:af:f0:80:76:52:45:9a:1d:aa:3f:69:7d:08:
47:fb:72:2a:da:6d:29:77:e5:bd:3e:63:01:48:b9:
54:dc:5b:22:96:dd:c4:72:6c:4f:13:4e:0b:14:e4:
9e:f1:32:51:c4:df:82:1c:38:c7:ab:f1:5a:39:b5:
6f:74:9e:64:d6:c3:99:ee:41:f3:c3:6a:c9:a3:1e:
78:7d:cf:99:41:2c:51:83:a2:a8:ae:98:92:24:01:
90:25:41:a9:27:f0:1a:54:6d:90:d1:24:67:86:d9:
a3:fa:c4:1d:55:73:b7:7a:10:a4:8d:e2:d4:c7:e1:
08:82:03:4f:be:35:a8:48:f4:11:13:d4:a9:96:3e:
6d:58:40:2d:59:a5:8d:aa:92:98:a7:d7:2a:1a:b2:
94:31:16:16:65:89:d5:b1:13:ef:4c:84:10:93:53:
60:fe:4b:3f:10:fe:6d:23:20:56:06:3c:e4:61:89:
5d:1d:54:b1:cc:32:f8:d4:61:ab:8e:33:6d:ee:48:
25:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B8:23:E6:CE:F5:93:2A:DF:04:9A:A7:DE:63:5B:36:F3:3B:12:39
X509v3 Authority Key Identifier:
keyid:31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/B9533A72F0FE11EBA1157B3FD8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.240.0/22
154.119.224.0/19
IPv6:
2c0f:f010::/32
Signature Algorithm: sha256WithRSAEncryption
98:5b:db:e0:75:4d:51:d6:40:6f:5e:86:fc:a2:4d:15:03:98:
bf:71:be:fe:52:cc:59:08:b2:19:30:4d:b4:0b:69:bb:0b:d4:
57:ad:b4:19:2f:14:c0:b8:26:48:f4:d5:d8:43:bd:12:e0:9b:
61:b3:cf:60:48:a9:f9:3d:79:8e:f5:35:31:9e:7e:d7:da:d8:
5c:94:a9:84:03:7c:f0:cb:00:43:3a:f6:fe:4b:1d:0d:a8:f5:
36:19:37:15:18:e0:db:ef:a3:8f:b1:1f:12:d8:a2:2e:21:a0:
c9:f3:94:55:9c:81:dd:d9:31:3c:6f:5a:6b:c0:84:81:83:11:
9e:a9:39:ab:ac:c5:40:b9:02:0d:28:ad:3e:c1:f1:45:42:4d:
d5:97:c2:d0:42:c3:6b:b8:3f:60:6e:ef:31:63:9a:6a:68:6b:
13:68:38:92:22:54:64:9c:21:ba:bb:f1:67:12:50:3f:b1:3a:
c0:5c:0f:95:fb:e5:64:c3:f2:56:61:28:6f:cf:d2:cf:8a:86:
34:d0:8b:95:c6:4b:ce:44:a8:b6:4f:28:6b:d8:b5:1d:85:e7:
d2:22:ae:86:03:93:2a:ff:5d:7f:89:f2:95:fb:1e:ff:7d:75:
16:75:4a:c4:30:ed:39:d7:34:cd:58:f6:c4:6e:5c:ab:61:7d:
fd:84:8a:be
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
MTJEMkFGMTEwLwYDVQQFEygzMUJBNUFDRTU3QkYxREFGQkE4OEREQUVGNDJFQzhG
MTUxNUUxM0MyMB4XDTIxMDczMDA2MjQxNVoXDTMxMDczMTA2MjQxNVowGDEWMBQG
A1UEAwwNNjEwMzliMTUtOGRlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqF8sUgtmEEmg1+/XScDAccZo0ikrxHVEdb/gSVAZTgoYctZrEGAGSpyCZR
QnlxFA5KxPIOsBSVrqFZGY+v8IB2UkWaHao/aX0IR/tyKtptKXflvT5jAUi5VNxb
IpbdxHJsTxNOCxTknvEyUcTfghw4x6vxWjm1b3SeZNbDme5B88NqyaMeeH3PmUEs
UYOiqK6YkiQBkCVBqSfwGlRtkNEkZ4bZo/rEHVVzt3oQpI3i1MfhCIIDT741qEj0
ERPUqZY+bVhALVmljaqSmKfXKhqylDEWFmWJ1bET70yEEJNTYP5LPxD+bSMgVgY8
5GGJXR1Uscwy+NRhq44zbe5IJdMCAwEAAaOCArowggK2MB0GA1UdDgQWBBSXuCPm
zvWTKt8EmqfeY1s28zsSOTAfBgNVHSMEGDAWgBQxulrOV78dr7qI3a70LsjxUV4T
wjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzEyRDIvRkZBMjUxNDRGMEZEMTFFQkE4NUI2NDNFRDhBMDE0Q0UvTWJwYXps
ZV9IYS02aU4ydTlDN0k4VkZlRThJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTWJwYXpsZV9IYS02aU4ydTlDN0k4VkZlRThJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzEyRDIvRkZBMjUxNDRGMEZEMTFFQkE4NUI2NDNFRDhB
MDE0Q0UvQjk1MzNBNzJGMEZFMTFFQkExMTU3QjNGRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAilP8AMEBZp34DANBAIAAjAH
AwUALA/wEDANBgkqhkiG9w0BAQsFAAOCAQEAmFvb4HVNUdZAb16G/KJNFQOYv3G+
/lLMWQiyGTBNtAtpuwvUV620GS8UwLgmSPTV2EO9EuCbYbPPYEip+T15jvU1MZ5+
19rYXJSphAN88MsAQzr2/ksdDaj1Nhk3FRjg2++jj7EfEtiiLiGgyfOUVZyB3dkx
PG9aa8CEgYMRnqk5q6zFQLkCDSitPsHxRUJN1ZfC0ELDa7g/YG7vMWOaamhrE2g4
kiJUZJwhurvxZxJQP7E6wFwPlfvlZMPyVmEob8/Sz4qGNNCLlcZLzkSotk8oa9i1
HYXn0iKuhgOTKv9df4nylfse/311FnVKxDDtOdc0zVj2xG5cq2F9/YSKvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org