Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/TVu2ReMyMEaVmlEwXwLnVmXNRmQ.roa
File: TVu2ReMyMEaVmlEwXwLnVmXNRmQ.roa (raw, json)
Hash identifier: 5ykGvqHioPqqmgbdgRmLCVbzFJa/fPVBKIi3Xj+4gpw=
Subject key identifier: 4D:5B:B6:45:E3:32:30:46:95:9A:51:30:5F:02:E7:56:65:CD:46:64
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 01AD
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/TVu2ReMyMEaVmlEwXwLnVmXNRmQ.roa
Signing time: Wed 27 Dec 2023 02:12:39 +0000
ROA not before: Wed 27 Dec 2023 02:12:39 +0000
ROA not after: Thu 10 Oct 2024 06:10:11 +0000
asID: 63567
IP address blocks: 43.248.176.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429 (0x1ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Dec 27 02:12:39 2023 GMT
Not After : Oct 10 06:10:11 2024 GMT
Subject: CN=4D5BB645E3323046959A51305F02E75665CD4664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:32:51:64:0f:4a:01:24:99:25:13:98:02:8f:
8d:3f:16:f7:0e:07:19:de:1d:dc:61:d4:c4:11:4e:
4b:34:dd:c0:e3:d7:5a:7c:02:b5:9e:91:32:82:41:
54:2b:57:a3:da:3c:03:ee:9b:7f:4e:f4:ca:20:5f:
f5:93:be:32:e6:43:a0:fa:43:78:32:ae:54:b5:60:
98:07:9d:99:a1:93:d8:56:57:cc:ff:bc:ca:af:4f:
32:14:26:84:ed:57:dc:6b:15:4c:4a:78:97:11:91:
1b:1e:ea:fc:81:11:9f:76:7c:30:d9:67:e7:e0:5e:
08:26:c1:68:28:74:ad:46:e9:f5:43:6e:7c:ad:bf:
09:0c:e8:42:95:52:b0:c8:72:d1:be:f8:d7:de:f1:
55:4c:07:3d:68:2f:74:6d:ff:62:64:95:fe:66:a0:
b5:74:6d:02:65:70:67:5b:ee:21:c0:79:3d:15:50:
df:8b:bb:d9:0c:c3:53:8f:c8:db:51:2a:46:41:f7:
79:1e:9c:48:44:35:a2:61:46:87:70:b2:64:84:e1:
3a:8c:1e:46:a8:33:9a:72:c0:e3:07:fb:db:b0:11:
cb:24:20:10:46:80:a7:0f:8c:64:91:54:f0:1b:fd:
1b:98:69:c5:f7:0f:8b:dd:58:98:f2:a5:ca:13:c0:
2f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5B:B6:45:E3:32:30:46:95:9A:51:30:5F:02:E7:56:65:CD:46:64
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/TVu2ReMyMEaVmlEwXwLnVmXNRmQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.176.0/20
Signature Algorithm: sha256WithRSAEncryption
24:37:aa:d2:72:5c:5e:8b:21:e6:44:c5:5b:c7:46:33:49:58:
15:91:c4:57:e4:27:1e:26:35:c2:85:4d:44:d0:43:e6:9d:8f:
b2:b8:ff:24:08:aa:46:d6:04:79:c9:c6:56:4a:89:5e:a7:69:
71:e8:b9:fa:b1:eb:89:48:3a:d3:d5:89:05:95:4a:87:e5:6a:
13:65:7b:84:d5:b2:06:49:44:8b:14:c0:d8:4b:2f:9f:c4:f9:
a5:7d:b0:f6:b9:63:0c:63:37:2f:9d:d4:5a:dc:81:4d:0a:02:
49:7b:78:d3:5a:b3:cb:6f:97:a3:29:8b:af:39:b8:54:e1:b3:
b0:e3:d1:c2:b2:fe:43:05:77:dc:0a:08:6c:4b:00:f4:d0:7b:
1c:14:f9:0b:c4:01:47:f4:c5:dd:91:30:70:cc:55:f7:6f:9c:
7b:e7:f5:f9:f4:cc:b6:34:b7:ba:d5:80:e9:42:6b:54:10:6a:
54:a3:49:e1:76:b0:62:25:1a:65:4e:27:26:26:92:0a:83:60:
f8:6c:83:0f:09:3b:31:b5:33:b5:af:9a:58:fe:7a:5a:14:32:
7c:c6:69:14:e2:4f:37:60:24:25:fe:0b:c0:04:9a:20:f1:28:
4a:35:ca:71:ef:1c:17:68:98:fa:cb:5d:0e:d1:ea:6c:7e:42:
e2:53:4e:34
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yMzEyMjcw
MjEyMzlaFw0yNDEwMTAwNjEwMTFaMDMxMTAvBgNVBAMTKDRENUJCNjQ1RTMzMjMw
NDY5NTlBNTEzMDVGMDJFNzU2NjVDRDQ2NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0MlFkD0oBJJklE5gCj40/FvcOBxneHdxh1MQRTks03cDj11p8
ArWekTKCQVQrV6PaPAPum39O9MogX/WTvjLmQ6D6Q3gyrlS1YJgHnZmhk9hWV8z/
vMqvTzIUJoTtV9xrFUxKeJcRkRse6vyBEZ92fDDZZ+fgXggmwWgodK1G6fVDbnyt
vwkM6EKVUrDIctG++Nfe8VVMBz1oL3Rt/2Jklf5moLV0bQJlcGdb7iHAeT0VUN+L
u9kMw1OPyNtRKkZB93kenEhENaJhRodwsmSE4TqMHkaoM5pywOMH+9uwEcskIBBG
gKcPjGSRVPAb/RuYacX3D4vdWJjypcoTwC9nAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTVu2ReMyMEaVmlEwXwLnVmXNRmQwHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL1RWdTJSZU15TUVhVm1s
RXdYd0xuVm1YTlJtUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQr+LAwDQYJKoZIhvcNAQELBQADggEBACQ3qtJyXF6LIeZExVvHRjNJWBWRxFfk
Jx4mNcKFTUTQQ+adj7K4/yQIqkbWBHnJxlZKiV6naXHoufqx64lIOtPViQWVSofl
ahNle4TVsgZJRIsUwNhLL5/E+aV9sPa5YwxjNy+d1FrcgU0KAkl7eNNas8tvl6Mp
i685uFThs7Dj0cKy/kMFd9wKCGxLAPTQexwU+QvEAUf0xd2RMHDMVfdvnHvn9fn0
zLY0t7rVgOlCa1QQalSjSeF2sGIlGmVOJyYmkgqDYPhsgw8JOzG1M7Wvmlj+eloU
MnzGaRTiTzdgJCX+C8AEmiDxKEo1ynHvHBdomPrLXQ7R6mx+QuJTTjQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 05:18:59 2023 by rpki-client on console-fra.rpki-client.org