Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/PKFzytxEV4X_KfoFiKFPA20-9qg.roa
File: PKFzytxEV4X_KfoFiKFPA20-9qg.roa (raw, json)
Hash identifier: t9bzwZI8CdJ6uvMW/gDIAnQw/kvWkOANtEMIBrZXyDI=
Subject key identifier: 3C:A1:73:CA:DC:44:57:85:FF:29:FA:05:88:A1:4F:03:6D:3E:F6:A8
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1470
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/PKFzytxEV4X_KfoFiKFPA20-9qg.roa
Signing time: Tue 14 Nov 2023 14:10:49 +0000
ROA not before: Tue 14 Nov 2023 14:10:49 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 4808
IP address blocks: 180.184.24.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5232 (0x1470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Nov 14 14:10:49 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=3CA173CADC445785FF29FA0588A14F036D3EF6A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9b:28:e2:3a:cd:0b:34:0b:24:49:26:61:dd:
bf:72:aa:09:d0:43:fb:2e:48:cd:fd:a6:6a:9a:d4:
e1:69:83:47:d9:c1:3d:a3:c6:37:ef:cf:71:88:96:
f3:f5:f0:10:ec:d2:09:80:90:56:74:4f:4f:d1:81:
1f:aa:8a:98:64:d2:63:48:c2:ba:d3:c4:f7:4b:4f:
c3:d0:71:5c:0f:0e:ad:b7:c0:3a:0a:85:34:ed:a2:
e0:3f:5b:cb:34:e1:f4:4d:a9:38:b2:ab:b9:90:50:
65:72:14:c1:97:b5:40:00:66:62:34:74:fe:ae:a7:
76:85:c2:64:f1:84:0f:c3:9a:93:85:82:c7:ff:cd:
f2:27:77:40:60:aa:53:f6:a2:6e:d3:ff:82:a7:4e:
ed:ae:c0:65:be:8c:61:5d:3b:a0:7c:9d:93:e6:db:
6a:81:27:64:b5:44:19:4d:ec:92:d0:7d:18:f2:d2:
da:fa:24:4e:97:07:f3:36:b5:11:1f:eb:aa:cc:33:
07:e9:02:a2:87:f2:af:57:99:f8:47:45:a3:86:41:
d7:89:c2:61:8f:6d:e7:98:6a:ce:76:15:55:4d:76:
82:50:f5:ef:9b:c3:1e:e0:2b:ee:56:27:42:0d:19:
42:3a:4a:40:ac:14:01:45:6b:23:98:85:5b:bd:9e:
45:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:73:CA:DC:44:57:85:FF:29:FA:05:88:A1:4F:03:6D:3E:F6:A8
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/PKFzytxEV4X_KfoFiKFPA20-9qg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.184.24.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:cc:1a:f7:14:f9:d9:c7:74:a4:b2:e1:6a:24:92:9d:63:7c:
c3:83:d8:b6:10:02:7c:23:db:c1:a9:ac:13:c3:2b:07:14:cb:
cf:8f:79:c7:1e:93:0d:7f:02:7a:e0:90:44:4d:7d:3b:11:90:
df:3b:d0:28:43:d6:4b:25:68:0f:cb:3c:aa:db:65:3d:1a:ec:
65:79:ca:34:ac:1b:cb:78:dd:b2:0d:f5:10:4d:11:22:04:f7:
5e:ec:89:86:f6:2a:b9:9b:15:b5:9f:5b:1e:f8:af:08:ef:ba:
17:b3:20:b7:a4:af:f6:ba:a2:35:bd:a0:c4:c3:b4:a8:67:7b:
12:a7:c2:9e:59:52:1e:62:24:1d:53:5f:48:10:86:35:5b:e0:
45:5b:b6:ae:a9:d1:17:0b:e6:78:ad:7b:3e:57:c1:fb:1d:27:
2c:1b:3c:8a:31:13:c6:ce:97:50:71:46:04:7a:40:f5:26:43:
96:c8:5a:d4:2f:3b:84:20:fd:ba:c9:af:7f:6d:a5:c9:49:fb:
2b:96:91:35:d6:da:71:73:c1:51:c7:3f:17:0f:37:76:85:b9:
67:2e:81:09:f2:7e:13:79:89:41:e6:6e:b5:06:88:b2:9d:c4:
5d:35:f8:05:87:f3:28:5a:08:6c:02:c6:47:3d:ce:df:9b:0d:
47:90:1b:45
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yMzExMTQx
NDEwNDlaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDNDQTE3M0NBREM0NDU3
ODVGRjI5RkEwNTg4QTE0RjAzNkQzRUY2QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDamyjiOs0LNAskSSZh3b9yqgnQQ/suSM39pmqa1OFpg0fZwT2j
xjfvz3GIlvP18BDs0gmAkFZ0T0/RgR+qiphk0mNIwrrTxPdLT8PQcVwPDq23wDoK
hTTtouA/W8s04fRNqTiyq7mQUGVyFMGXtUAAZmI0dP6up3aFwmTxhA/DmpOFgsf/
zfInd0BgqlP2om7T/4KnTu2uwGW+jGFdO6B8nZPm22qBJ2S1RBlN7JLQfRjy0tr6
JE6XB/M2tREf66rMMwfpAqKH8q9XmfhHRaOGQdeJwmGPbeeYas52FVVNdoJQ9e+b
wx7gK+5WJ0INGUI6SkCsFAFFayOYhVu9nkXFAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUPKFzytxEV4X/KfoFiKFPA20+9qgwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvUEtGenl0eEVWNFhf
S2ZvRmlLRlBBMjAtOXFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAp8wa9xT52cd0pLLhaiSSnWN8w4PY
thACfCPbwamsE8MrBxTLz495xx6TDX8CeuCQRE19OxGQ3zvQKEPWSyVoD8s8qttl
PRrsZXnKNKwby3jdsg31EE0RIgT3XuyJhvYquZsVtZ9bHvivCO+6F7Mgt6Sv9rqi
Nb2gxMO0qGd7EqfCnllSHmIkHVNfSBCGNVvgRVu2rqnRFwvmeK17PlfB+x0nLBs8
ijETxs6XUHFGBHpA9SZDlsha1C87hCD9usmvf22lyUn7K5aRNdbacXPBUcc/Fw83
doW5Zy6BCfJ+E3mJQeZutQaIsp3EXTX4BYfzKFoIbALGRz3O35sNR5AbRQ==
-----END CERTIFICATE-----
Generated at Thu Dec 7 10:57:24 2023 by rpki-client on console-fra.rpki-client.org