Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3132342e3131322e302f32322d3234203d3e2036313334.roa
File: 34352e3132342e3131322e302f32322d3234203d3e2036313334.roa (raw, json)
Hash identifier: ZPXU91MiHAK2HFHazuXSQ3uJtzhiqSsuP2pQqAz1zqk=
Subject key identifier: 84:EF:95:6A:51:46:91:ED:EA:2C:83:53:A8:68:26:55:96:45:2B:F9
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 5F26F4E050BA2A9186F5711026F5CBFB6B086C8D
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3132342e3131322e302f32322d3234203d3e2036313334.roa
Signing time: Wed 06 Dec 2023 17:32:50 +0000
ROA not before: Wed 06 Dec 2023 17:27:50 +0000
ROA not after: Wed 04 Dec 2024 17:32:50 +0000
asID: 6134
IP address blocks: 45.124.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 05:52:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:26:f4:e0:50:ba:2a:91:86:f5:71:10:26:f5:cb:fb:6b:08:6c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Validity
Not Before: Dec 6 17:27:50 2023 GMT
Not After : Dec 4 17:32:50 2024 GMT
Subject: CN=84EF956A514691EDEA2C8353A868265596452BF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bc:4d:6f:a3:68:eb:71:ef:40:7e:62:cf:9d:
e9:ef:bd:42:ed:9b:e3:6b:bb:72:08:f7:cd:a4:ea:
4b:c4:6b:05:c8:34:6e:2e:f8:38:9f:c5:44:77:55:
d0:b1:6e:19:72:e6:15:bc:bc:f2:49:35:bb:cc:ff:
cb:85:63:4c:a6:e0:8e:1f:84:65:c7:5b:2e:21:55:
8b:b7:52:68:81:3d:5f:ed:03:78:3e:47:1d:89:96:
1d:2b:69:16:4b:77:59:d1:70:c3:47:cf:1b:df:39:
e6:ba:9b:14:22:0a:70:dc:5a:ca:f3:a2:1f:4d:4a:
3d:b7:13:43:9d:29:69:b2:58:d7:ce:6f:67:38:7f:
68:d3:c4:21:66:1d:3b:a6:f2:9b:12:63:a1:dd:c6:
c3:8f:ac:90:be:2a:c6:78:fa:f6:46:5f:a3:9b:6f:
63:8a:8d:66:22:28:ee:61:6a:eb:c7:9e:9c:bf:34:
2a:8c:ae:fb:dc:de:f3:06:b9:42:ad:bb:5c:1a:8a:
4d:cf:e5:37:95:06:09:09:2e:72:1f:41:ea:07:0b:
5b:f5:cf:ff:91:8d:7d:78:c7:ee:cd:58:fb:0b:a6:
35:8a:55:5a:8d:13:26:3f:9b:1f:a9:66:39:c1:21:
b9:a7:5a:e1:63:54:6b:b2:63:57:fa:53:d1:a6:e6:
e8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EF:95:6A:51:46:91:ED:EA:2C:83:53:A8:68:26:55:96:45:2B:F9
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3132342e3131322e302f32322d3234203d3e2036313334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.124.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:55:9d:25:ea:49:a4:e5:0f:78:4c:09:a1:4a:bf:5d:77:1c:
4d:2d:68:c4:21:2a:94:8c:80:b7:78:92:c4:e5:e6:a1:67:01:
fa:55:d5:55:ac:6b:07:4c:3e:2c:ff:44:46:7b:0c:2c:b9:82:
f8:8d:c7:1b:d3:05:23:e9:8e:36:29:69:f8:58:17:8a:ac:54:
67:5e:47:9a:ab:37:7b:5c:49:f9:7b:e7:de:a4:15:5a:05:9c:
84:94:38:bd:ed:4d:63:83:5f:08:fc:ce:b7:1d:36:87:e6:29:
1c:05:22:b6:19:5f:2f:ea:9c:43:97:90:02:5f:50:96:47:c6:
a3:0b:00:d5:5c:0f:57:fc:2f:78:6e:00:02:09:3c:02:72:fd:
ad:e1:20:bd:06:1e:6f:e1:9e:d0:b7:eb:19:4d:6c:e0:fa:ef:
a9:97:bc:66:b1:4c:cd:26:a5:9a:d9:88:3d:b4:0e:d1:ca:2c:
83:4a:5c:6c:76:f0:97:b5:87:73:69:3f:5b:c8:d1:45:78:4c:
2f:7e:74:39:db:91:16:e9:24:81:a2:74:e8:69:a9:8d:38:4d:
05:bf:54:75:c8:53:14:4b:43:81:cf:7b:27:59:1e:a2:d9:74:
35:50:3d:c5:f0:ac:d7:83:87:20:a6:18:5e:28:22:a7:1d:58:
44:9e:6c:26
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIUXyb04FC6KpGG9XEQJvXL+2sIbI0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTIzMTIwNjE3Mjc1MFoX
DTI0MTIwNDE3MzI1MFowMzExMC8GA1UEAxMoODRFRjk1NkE1MTQ2OTFFREVBMkM4
MzUzQTg2ODI2NTU5NjQ1MkJGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOS8TW+jaOtx70B+Ys+d6e+9Qu2b42u7cgj3zaTqS8RrBcg0bi74OJ/FRHdV
0LFuGXLmFby88kk1u8z/y4VjTKbgjh+EZcdbLiFVi7dSaIE9X+0DeD5HHYmWHStp
Fkt3WdFww0fPG9855rqbFCIKcNxayvOiH01KPbcTQ50pabJY185vZzh/aNPEIWYd
O6bymxJjod3Gw4+skL4qxnj69kZfo5tvY4qNZiIo7mFq68eenL80Koyu+9ze8wa5
Qq27XBqKTc/lN5UGCQkuch9B6gcLW/XP/5GNfXjH7s1Y+wumNYpVWo0TJj+bH6lm
OcEhuada4WNUa7JjV/pT0abm6PcCAwEAAaOCAegwggHkMB0GA1UdDgQWBBSE75Vq
UUaR7eosg1OoaCZVlkUr+TAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMjM0MmUzMTMxMzIyZTMwMmYzMjMy
MmQzMjM0MjAzZDNlMjAzNjMxMzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi18cDANBgkqhkiG9w0B
AQsFAAOCAQEAf1WdJepJpOUPeEwJoUq/XXccTS1oxCEqlIyAt3iSxOXmoWcB+lXV
VaxrB0w+LP9ERnsMLLmC+I3HG9MFI+mONilp+FgXiqxUZ15Hmqs3e1xJ+Xvn3qQV
WgWchJQ4ve1NY4NfCPzOtx02h+YpHAUithlfL+qcQ5eQAl9QlkfGowsA1VwPV/wv
eG4AAgk8AnL9reEgvQYeb+Ge0LfrGU1s4PrvqZe8ZrFMzSalmtmIPbQO0cosg0pc
bHbwl7WHc2k/W8jRRXhML350OduRFukkgaJ06GmpjThNBb9UdchTFEtDgc97J1ke
otl0NVA9xfCs14OHIKYYXigipx1YRJ5sJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:24 2024 by rpki-client on console-fra.rpki-client.org