Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1E5CEEE2D7D711EEB74A3BC5775412E6.roa
File: 1E5CEEE2D7D711EEB74A3BC5775412E6.roa (raw, json)
Hash identifier: iNhJINrv9WlnfLO179CuKJMK3kqT0b4/z7CX+rTcYXY=
Subject key identifier: 1E:44:B0:A4:41:CC:E5:29:F5:37:FC:40:7C:A2:B9:23:CC:50:FC:1B
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 0F97
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1E5CEEE2D7D711EEB74A3BC5775412E6.roa
Signing time: Fri 01 Mar 2024 14:22:22 +0000
ROA not before: Fri 01 Mar 2024 14:22:19 +0000
ROA not after: Mon 02 Mar 2026 14:22:19 +0000
asID: 834
IP address blocks: 102.129.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 10:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3991 (0xf97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Mar 1 14:22:19 2024 GMT
Not After : Mar 2 14:22:19 2026 GMT
Subject: CN=65e1e49e-29ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c4:f2:0d:2c:f4:9c:54:63:68:c2:1d:08:6d:
76:df:a2:80:b0:f4:c4:7e:de:54:d1:ea:38:b2:bf:
72:81:ce:7d:df:b8:6a:45:16:2b:10:99:43:09:15:
c8:f7:b9:21:e7:77:03:b3:eb:f8:87:58:cb:cb:51:
19:64:7d:85:92:62:70:29:85:1f:28:59:3a:63:da:
57:92:77:e3:1b:fe:ac:44:8d:01:e1:42:9d:b3:a2:
ae:76:95:f9:38:d1:fe:2d:e2:16:b1:06:1b:1b:d8:
f8:52:60:f7:05:dc:e4:da:58:54:b3:fe:51:29:a6:
99:5e:b5:7f:b7:a3:c6:62:37:01:b0:22:ba:d0:bb:
f4:89:a2:cf:25:9f:00:6d:64:9f:87:8e:eb:50:c2:
4f:93:84:68:3c:74:fa:4e:1b:1d:46:e5:b4:bc:38:
77:27:80:df:25:54:fa:17:0d:c4:bc:96:79:61:0e:
eb:e0:93:ff:76:88:b4:5b:be:44:1f:c4:89:93:c1:
6a:22:27:da:2f:3d:99:77:04:06:a6:76:cb:d0:19:
31:eb:3c:6f:d6:b3:1d:87:f5:1f:8b:e2:cd:31:dd:
20:63:f1:d1:6e:27:be:04:74:d3:d3:1b:a6:97:0a:
32:ef:74:f0:7f:24:04:d6:36:91:3d:64:11:9f:2d:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:44:B0:A4:41:CC:E5:29:F5:37:FC:40:7C:A2:B9:23:CC:50:FC:1B
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1E5CEEE2D7D711EEB74A3BC5775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.199.0/24
Signature Algorithm: sha256WithRSAEncryption
58:bb:47:ea:86:56:74:3e:4e:2f:09:65:d0:59:35:ee:72:66:
17:69:60:44:85:32:01:a3:30:22:0e:8e:39:c6:79:55:9d:b6:
5b:b5:73:5e:a9:c6:83:55:f6:f7:cf:c0:ad:93:93:2b:b8:bd:
dc:ec:88:7d:72:f7:66:35:97:fd:a0:06:5f:e0:94:51:c1:79:
cf:ad:88:44:78:4b:a4:dd:44:72:9a:3d:91:46:4d:3b:10:bf:
56:59:7e:d4:87:0a:c9:1e:a3:fc:e5:33:59:b6:01:95:db:47:
ac:0e:68:c4:6f:36:a0:5d:27:33:d1:b9:7b:16:8b:44:2b:7c:
2e:b4:9b:45:f5:e4:40:9c:25:d1:9b:64:ae:8e:c1:2c:cb:06:
8d:a2:1b:76:ab:07:3c:c6:82:e1:cf:53:ef:5a:01:d5:7e:9b:
65:a5:d7:37:92:73:be:b1:b2:35:a7:fd:67:2c:61:75:be:ca:
82:a5:d0:8b:10:09:c7:f0:31:8a:32:e9:5e:a1:1e:39:70:2b:
66:bf:12:0c:01:8f:73:c6:fd:b8:61:5e:8a:74:5b:23:b8:47:
79:4e:da:27:e8:01:dd:9d:46:cd:06:06:bd:2f:05:e7:12:d6:
da:aa:1b:d3:4d:d1:ab:f0:46:26:55:4c:43:7f:32:f5:8c:1f:
c0:e3:2f:eb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD5cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAzMDExNDIyMTlaFw0yNjAzMDIxNDIyMTlaMBgxFjAU
BgNVBAMTDTY1ZTFlNDllLTI5ZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNxPINLPScVGNowh0IbXbfooCw9MR+3lTR6jiyv3KBzn3fuGpFFisQmUMJ
Fcj3uSHndwOz6/iHWMvLURlkfYWSYnAphR8oWTpj2leSd+Mb/qxEjQHhQp2zoq52
lfk40f4t4haxBhsb2PhSYPcF3OTaWFSz/lEpppletX+3o8ZiNwGwIrrQu/SJos8l
nwBtZJ+HjutQwk+ThGg8dPpOGx1G5bS8OHcngN8lVPoXDcS8lnlhDuvgk/92iLRb
vkQfxImTwWoiJ9ovPZl3BAamdsvQGTHrPG/Wsx2H9R+L4s0x3SBj8dFuJ74EdNPT
G6aXCjLvdPB/JATWNpE9ZBGfLaKXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHkSw
pEHM5Sn1N/xAfKK5I8xQ/BswHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzFFNUNFRUUyRDdENzExRUVCNzRBM0JDNTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgccwDQYJKoZIhvcNAQEL
BQADggEBAFi7R+qGVnQ+Ti8JZdBZNe5yZhdpYESFMgGjMCIOjjnGeVWdtlu1c16p
xoNV9vfPwK2Tkyu4vdzsiH1y92Y1l/2gBl/glFHBec+tiER4S6TdRHKaPZFGTTsQ
v1ZZftSHCskeo/zlM1m2AZXbR6wOaMRvNqBdJzPRuXsWi0QrfC60m0X15ECcJdGb
ZK6OwSzLBo2iG3arBzzGguHPU+9aAdV+m2Wl1zeSc76xsjWn/WcsYXW+yoKl0IsQ
CcfwMYoy6V6hHjlwK2a/EgwBj3PG/bhhXop0WyO4R3lO2ifoAd2dRs0GBr0vBecS
1tqqG9NN0avwRiZVTEN/MvWMH8DjL+s=
-----END CERTIFICATE-----
Generated at Tue Mar 5 15:06:29 2024 by rpki-client on console-fra.rpki-client.org