Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/2A4464E6C03111EEA3246187775412E6.roa
File: 2A4464E6C03111EEA3246187775412E6.roa (raw, json)
Hash identifier: N47Fxj2YlYSSrffp/T8Od0uPtCESftRtWisK0ZT/mnM=
Subject key identifier: 9A:15:6B:56:DB:15:FA:DC:9E:D6:E3:70:B0:CA:76:07:52:90:48:18
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: 28
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/2A4464E6C03111EEA3246187775412E6.roa
Signing time: Wed 31 Jan 2024 12:06:29 +0000
ROA not before: Wed 31 Jan 2024 12:06:25 +0000
ROA not after: Fri 31 Jan 2025 12:06:25 +0000
asID: 327752
IP address blocks: 154.73.128.0/24 maxlen: 24
154.73.129.0/24 maxlen: 24
154.73.130.0/24 maxlen: 24
154.73.131.0/24 maxlen: 24
154.73.132.0/24 maxlen: 24
154.73.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 07:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Jan 31 12:06:25 2024 GMT
Not After : Jan 31 12:06:25 2025 GMT
Subject: CN=65ba37c5-62bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2e:c4:a0:89:6a:ed:30:63:bd:72:c3:a5:b9:
16:93:7b:6f:29:6c:bf:e1:b0:95:93:55:fe:fa:bf:
46:c4:b0:c9:09:1f:3e:91:22:cf:e2:09:35:93:ad:
5b:dc:8f:d7:6c:64:f7:14:cd:ec:31:4d:38:4c:9e:
38:f2:76:f1:7f:e8:3e:4a:e4:09:ba:04:46:c1:37:
37:f0:0b:ea:fc:6f:26:36:20:55:e8:94:93:a4:e1:
4c:d0:3f:2c:e5:7a:7b:bb:4a:f2:0f:ef:9e:18:c2:
36:22:82:fd:92:d1:d2:35:33:5b:5d:22:48:5f:6a:
77:85:69:5c:aa:64:e7:d2:1e:ea:5f:ab:00:c4:44:
c9:ef:c5:41:fd:bb:62:9a:1f:da:3d:2b:dc:27:af:
9a:4f:9f:1d:03:ef:ad:20:e8:fd:91:c1:1c:26:e5:
91:af:30:42:d6:0c:7f:e2:8d:04:c9:a4:ff:f9:06:
94:1f:4c:0a:fb:89:dc:6f:bc:22:4c:67:cf:8b:0e:
34:76:42:e4:94:3b:b7:e6:23:58:0c:34:1c:e0:27:
ba:ef:15:d8:a1:6b:ea:a6:38:bf:f0:cf:ca:7d:99:
b1:c8:85:88:2d:c3:09:ba:bf:b3:cf:69:88:7d:98:
7e:69:14:1b:91:6e:7f:98:f9:83:90:fa:b0:df:3f:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:15:6B:56:DB:15:FA:DC:9E:D6:E3:70:B0:CA:76:07:52:90:48:18
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/2A4464E6C03111EEA3246187775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.128.0-154.73.132.255
154.73.134.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:7b:16:48:c3:f7:4e:e5:83:9b:62:ac:d2:a3:27:1e:c0:7d:
0f:4f:c1:03:cb:0c:dd:b0:ea:73:78:51:6a:80:18:12:10:9d:
2c:5f:50:eb:20:de:5a:de:75:92:f0:47:d2:35:93:56:6b:2f:
da:ac:93:26:22:a2:86:17:2a:4d:56:ee:ea:44:7d:83:b3:b3:
2e:f3:c3:fc:7b:fa:bd:24:e8:42:d0:21:40:e8:8c:b5:89:42:
e3:20:a1:63:73:cb:ff:75:1a:28:19:a1:4d:f2:9c:e1:fe:cc:
d4:89:8e:28:a0:69:f1:92:c6:2a:0b:1d:74:d3:fa:30:14:0f:
2c:93:d9:02:89:30:e3:6a:d1:54:64:6d:11:40:86:18:34:c2:
65:57:cf:5b:cb:d1:18:ec:e2:d3:3f:a2:d1:20:4b:4c:d6:2e:
80:36:eb:e9:49:9d:da:20:44:53:6d:4f:b9:fb:eb:f2:ac:3b:
bb:c1:06:4a:fc:b3:9f:5e:0a:3f:7f:e1:3d:b8:7f:f7:c9:36:
19:3e:6b:1e:51:8a:8c:78:5e:b8:f1:98:66:f2:fc:0c:e4:b2:
21:09:c3:40:e9:7b:69:f4:2a:bb:9c:7e:35:64:0e:07:42:40:
2f:55:1f:22:88:5b:aa:d3:f9:78:ba:af:90:f8:f0:6b:94:50:
9c:cb:7f:7d
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
M0E1OEFGMTEwLwYDVQQFEyhFMTVGNTBEREQyOEUwMkZENkU2OTY2RDU5MThEMUIw
QkJGNDY4NEU4MB4XDTI0MDEzMTEyMDYyNVoXDTI1MDEzMTEyMDYyNVowGDEWMBQG
A1UEAxMNNjViYTM3YzUtNjJiYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4uxKCJau0wY71yw6W5FpN7bylsv+GwlZNV/vq/RsSwyQkfPpEiz+IJNZOt
W9yP12xk9xTN7DFNOEyeOPJ28X/oPkrkCboERsE3N/AL6vxvJjYgVeiUk6ThTNA/
LOV6e7tK8g/vnhjCNiKC/ZLR0jUzW10iSF9qd4VpXKpk59Ie6l+rAMREye/FQf27
Ypof2j0r3Cevmk+fHQPvrSDo/ZHBHCblka8wQtYMf+KNBMmk//kGlB9MCvuJ3G+8
Ikxnz4sONHZC5JQ7t+YjWAw0HOAnuu8V2KFr6qY4v/DPyn2ZsciFiC3DCbq/s89p
iH2YfmkUG5Fuf5j5g5D6sN8/qG8CAwEAAaOCArMwggKvMB0GA1UdDgQWBBSaFWtW
2xX63J7W43CwynYHUpBIGDAfBgNVHSMEGDAWgBThX1Dd0o4C/W5pZtWRjRsLv0aE
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1NDEyRTYvNFY5UTNk
S09BdjF1YVdiVmtZMGJDNzlHaE9nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNFY5UTNkS09BdjF1YVdiVmtZMGJDNzlHaE9nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1
NDEyRTYvMkE0NDY0RTZDMDMxMTFFRUEzMjQ2MTg3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQHmkmAAwQAmkmEAwQAmkmG
MA0GCSqGSIb3DQEBCwUAA4IBAQAuexZIw/dO5YObYqzSoycewH0PT8EDywzdsOpz
eFFqgBgSEJ0sX1DrIN5a3nWS8EfSNZNWay/arJMmIqKGFypNVu7qRH2Ds7Mu88P8
e/q9JOhC0CFA6Iy1iULjIKFjc8v/dRooGaFN8pzh/szUiY4ooGnxksYqCx100/ow
FA8sk9kCiTDjatFUZG0RQIYYNMJlV89by9EY7OLTP6LRIEtM1i6ANuvpSZ3aIERT
bU+5++vyrDu7wQZK/LOfXgo/f+E9uH/3yTYZPmseUYqMeF648Zhm8vwM5LIhCcNA
6Xtp9Cq7nH41ZA4HQkAvVR8iiFuq0/l4uq+Q+PBrlFCcy399
-----END CERTIFICATE-----
Generated at Tue Aug 13 09:17:56 2024 by rpki-client on console-ams.rpki-client.org