Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/683B6F2A594B11EF9AD77AAE762E951A.roa
File: 683B6F2A594B11EF9AD77AAE762E951A.roa (raw, json)
Hash identifier: zzi9rP6QsTmQaCwbh4awv7q/z4pBYzcpfKxqeMfgo4w=
Subject key identifier: 9A:23:60:66:9E:4D:76:7F:20:05:6C:B1:C5:A1:E9:80:19:C5:16:D2
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: FA
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/683B6F2A594B11EF9AD77AAE762E951A.roa
Signing time: Tue 13 Aug 2024 08:09:48 +0000
ROA not before: Tue 13 Aug 2024 08:09:45 +0000
ROA not after: Sat 01 Aug 2026 08:09:45 +0000
asID: 327921
IP address blocks: 154.73.128.0/24 maxlen: 24
154.73.129.0/24 maxlen: 24
154.73.130.0/24 maxlen: 24
154.73.131.0/24 maxlen: 24
154.73.132.0/24 maxlen: 24
154.73.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 10:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250 (0xfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Aug 13 08:09:45 2024 GMT
Not After : Aug 1 08:09:45 2026 GMT
Subject: CN=66bb14cc-1e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:e9:fb:ce:c6:d0:47:23:45:f7:0e:b4:59:
c7:92:24:b9:72:4d:44:ba:2a:16:e4:6c:8d:ae:60:
68:50:bd:7b:e8:dc:ef:1e:ea:f6:4e:05:55:fe:00:
c6:6a:60:b1:8a:fe:aa:99:fe:a0:48:cf:34:db:70:
9e:d0:5c:46:37:b4:38:5e:d2:c8:ef:94:3d:74:63:
46:05:7a:c7:1e:4f:f7:c7:ba:cc:96:a1:2e:66:85:
e2:cc:85:df:1e:8d:aa:43:db:67:91:b1:b2:e4:4d:
96:8d:ed:9f:1d:de:09:d5:69:54:3f:6f:0a:69:b6:
be:30:7f:9a:a1:11:69:48:ec:43:8a:e5:56:06:19:
b5:bb:b0:ff:ea:5a:88:ad:80:c2:72:e9:00:7c:89:
d1:8b:4a:7e:23:d8:aa:c4:ce:42:bc:2e:48:50:43:
f1:87:b5:5d:ce:b0:bd:66:a1:87:54:77:3e:40:8c:
63:f1:5f:8b:27:3d:3a:5f:7e:5a:a2:43:0d:b3:ac:
ad:3c:71:53:bf:c8:99:e0:4e:4f:dd:f3:3a:ba:03:
86:b2:b0:0b:51:8d:dc:35:4e:41:41:6c:b5:f1:f6:
1d:90:2b:ef:0f:72:c7:99:e5:07:bb:74:ce:76:54:
aa:7e:2c:f7:14:a9:33:3e:21:ae:8a:34:23:02:38:
c0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:23:60:66:9E:4D:76:7F:20:05:6C:B1:C5:A1:E9:80:19:C5:16:D2
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/683B6F2A594B11EF9AD77AAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.128.0-154.73.132.255
154.73.134.0/24
Signature Algorithm: sha256WithRSAEncryption
42:2b:c7:97:1c:d8:89:12:01:f0:f1:57:b7:e3:16:ce:96:a7:
91:ce:9c:e8:49:e6:e7:e4:d0:b8:f7:a0:1e:aa:16:c6:a6:a1:
9c:88:82:59:bf:9a:8a:6f:21:41:b6:3a:4b:f4:47:8a:2b:ac:
ae:a5:a1:03:e1:72:c0:a9:ad:6c:23:6b:5a:35:ec:70:f7:dd:
78:a5:57:87:56:dd:39:82:a0:36:7d:c3:b9:8d:10:6d:9d:9a:
d2:9f:da:e4:d9:b6:a4:d8:8f:d7:73:fe:7a:d1:3a:e7:42:bc:
90:80:f6:b4:76:ce:c6:ae:6a:05:13:c5:a7:29:fd:b3:84:5b:
5e:54:64:ed:10:c6:d3:96:20:7d:59:a7:f1:9c:68:c0:a3:20:
f4:40:a5:56:b5:6a:8f:77:88:0c:3e:fe:7f:d6:23:e7:53:b1:
38:99:04:a5:12:64:f5:4e:36:da:2b:64:05:e2:19:69:fd:11:
da:2c:2f:3a:57:2b:1c:4f:d5:31:d1:fe:ea:39:24:98:04:4a:
73:67:fa:eb:b7:b7:f7:c5:c5:27:d6:05:90:77:61:cb:7b:0b:
5e:fa:a6:d6:11:36:07:37:cb:99:07:30:17:42:4e:4d:2b:e2:
ff:fb:3c:fd:72:14:db:0a:45:a2:95:c2:ec:1c:ef:83:51:a6:
34:6b:84:34
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAPowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzNBNThBRjExMC8GA1UEBRMoRTE1RjUwREREMjhFMDJGRDZFNjk2NkQ1OTE4RDFC
MEJCRjQ2ODRFODAeFw0yNDA4MTMwODA5NDVaFw0yNjA4MDEwODA5NDVaMBgxFjAU
BgNVBAMTDTY2YmIxNGNjLTFlNmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCj5On7zsbQRyNF9w60WceSJLlyTUS6KhbkbI2uYGhQvXvo3O8e6vZOBVX+
AMZqYLGK/qqZ/qBIzzTbcJ7QXEY3tDhe0sjvlD10Y0YFesceT/fHusyWoS5mheLM
hd8ejapD22eRsbLkTZaN7Z8d3gnVaVQ/bwpptr4wf5qhEWlI7EOK5VYGGbW7sP/q
WoitgMJy6QB8idGLSn4j2KrEzkK8LkhQQ/GHtV3OsL1moYdUdz5AjGPxX4snPTpf
flqiQw2zrK08cVO/yJngTk/d8zq6A4aysAtRjdw1TkFBbLXx9h2QK+8PcseZ5Qe7
dM52VKp+LPcUqTM+Ia6KNCMCOMBTAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUmiNg
Zp5Ndn8gBWyxxaHpgBnFFtIwHwYDVR0jBBgwFoAU4V9Q3dKOAv1uaWbVkY0bC79G
hOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3NTQxMkU2LzRWOVEz
ZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzRWOVEzZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3
NTQxMkU2LzY4M0I2RjJBNTk0QjExRUY5QUQ3N0FBRTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEB5pJgAMEAJpJhAMEAJpJ
hjANBgkqhkiG9w0BAQsFAAOCAQEAQivHlxzYiRIB8PFXt+MWzpankc6c6Enm5+TQ
uPegHqoWxqahnIiCWb+aim8hQbY6S/RHiiusrqWhA+FywKmtbCNrWjXscPfdeKVX
h1bdOYKgNn3DuY0QbZ2a0p/a5Nm2pNiP13P+etE650K8kID2tHbOxq5qBRPFpyn9
s4RbXlRk7RDG05YgfVmn8ZxowKMg9EClVrVqj3eIDD7+f9Yj51OxOJkEpRJk9U42
2itkBeIZaf0R2iwvOlcrHE/VMdH+6jkkmARKc2f667e398XFJ9YFkHdhy3sLXvqm
1hE2BzfLmQcwF0JOTSvi//s8/XIU2wpFopXC7Bzvg1GmNGuENA==
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:46:54 2024 by rpki-client on console-ams.rpki-client.org