Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Pif_gP8QwOeNk7M6Fc2REKPKxz8.roa
File: Pif_gP8QwOeNk7M6Fc2REKPKxz8.roa (raw, json)
Hash identifier: /rmWAKs0N0RDgnB74EchBYImkEE3fzgedns++JRicQc=
Subject key identifier: 3E:27:FF:80:FF:10:C0:E7:8D:93:B3:3A:15:CD:91:10:A3:CA:C7:3F
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01856ED4BED2BBE6841464F8D7F695B6DA9E
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Pif_gP8QwOeNk7M6Fc2REKPKxz8.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211091
IP address blocks: 45.154.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:be:d2:bb:e6:84:14:64:f8:d7:f6:95:b6:da:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e27ff80ff10c0e78d93b33a15cd9110a3cac73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:28:26:45:53:31:87:e6:f9:f8:d6:18:e4:
52:df:a0:39:2b:3d:d6:f3:4b:e6:fa:7a:f1:c2:51:
50:1a:2f:bd:b0:e5:b9:a5:9a:72:3d:d8:a1:4c:32:
d0:a2:21:89:e6:d5:6c:1d:dc:ec:47:82:c3:e3:f7:
f1:51:d4:bf:e2:13:79:40:5d:e0:1b:55:fc:17:00:
0d:69:86:44:3f:e7:f9:70:ca:32:1a:18:94:01:50:
f1:79:5a:ba:f2:b5:8c:ed:37:65:f0:2f:4a:3f:07:
08:1b:78:96:f3:85:ce:05:7b:de:4d:30:e8:46:e5:
04:67:82:cb:29:93:28:a8:80:6e:5e:4c:02:6d:dd:
24:5f:a9:e6:be:50:3e:23:f7:60:34:c6:af:bf:f0:
40:db:f3:05:48:a5:d5:cd:bf:6b:7a:4f:4f:29:e8:
73:cf:30:19:66:1c:84:2d:29:87:0e:74:76:83:0e:
ed:54:f9:22:1e:48:23:f6:79:28:38:fb:ea:9f:71:
1a:84:e0:26:91:33:60:50:4a:00:af:9b:ef:07:ba:
d5:a3:ab:58:6a:14:76:1d:c7:c8:73:5c:82:fc:eb:
f1:cf:c5:fd:26:de:17:54:8f:66:bd:4d:ba:fc:2c:
ea:b9:80:2a:71:23:a0:17:cb:5c:14:ba:98:da:41:
cf:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:27:FF:80:FF:10:C0:E7:8D:93:B3:3A:15:CD:91:10:A3:CA:C7:3F
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Pif_gP8QwOeNk7M6Fc2REKPKxz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.159.0/24
Signature Algorithm: sha256WithRSAEncryption
56:d0:c0:f8:1f:64:30:40:e0:fb:a1:2e:73:7e:b2:3d:3c:91:
bf:99:84:65:d1:b1:0e:04:3d:15:31:8d:9c:2f:b4:05:03:ce:
5b:66:dd:3f:5e:e0:5a:0b:b2:0c:e4:60:4a:3f:ef:0e:fa:12:
0d:4d:8d:8c:7c:67:09:af:10:14:bd:9c:72:aa:77:ec:3f:d7:
56:2b:93:4c:e2:2d:97:09:6b:ff:f2:d7:4a:5a:a4:d8:d3:cc:
ee:c1:4b:e3:6d:c9:39:9e:7f:53:8d:d0:48:3a:bd:80:cf:52:
4e:11:87:74:3d:7c:89:73:f0:a9:1f:64:76:ea:f4:62:95:34:
d4:d5:33:09:0b:2d:88:a2:fa:ea:76:e2:33:0f:7a:2f:ce:a5:
d8:ae:ac:67:2a:e1:00:aa:06:4f:14:59:2f:2d:15:c9:73:c2:
5b:87:92:69:e3:8c:b6:7d:12:30:ce:30:d1:b0:b4:cb:07:0f:
08:41:21:be:80:31:79:e5:64:01:99:5b:3e:d0:90:f7:3c:07:
c3:c2:e1:c6:af:7f:c8:a3:aa:5b:22:98:ce:e5:c6:8c:3b:17:
99:eb:8d:5f:fe:06:b4:1b:a7:77:cd:1f:8f:91:60:dc:b1:9f:
a7:da:61:cf:0b:24:f3:9c:4c:ce:c0:7c:4f:4a:09:03:12:27:
e4:1d:ac:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1L7Su+aEFGT41/aVttqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI3ZmY4MGZmMTBjMGU3OGQ5M2IzM2ExNWNkOTExMGEzY2FjNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAMoJkVTMYfm+fjWGORS36A5Kz3W
80vm+nrxwlFQGi+9sOW5pZpyPdihTDLQoiGJ5tVsHdzsR4LD4/fxUdS/4hN5QF3g
G1X8FwANaYZEP+f5cMoyGhiUAVDxeVq68rWM7Tdl8C9KPwcIG3iW84XOBXveTTDo
RuUEZ4LLKZMoqIBuXkwCbd0kX6nmvlA+I/dgNMavv/BA2/MFSKXVzb9rek9PKehz
zzAZZhyELSmHDnR2gw7tVPkiHkgj9nkoOPvqn3EahOAmkTNgUEoAr5vvB7rVo6tY
ahR2HcfIc1yC/Ovxz8X9Jt4XVI9mvU26/CzquYAqcSOgF8tcFLqY2kHPzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4n/4D/EMDnjZOzOhXNkRCjysc/MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvUGlmX2dQOFF3T2VOazdNNkZjMlJFS1BLeHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZqfMA0G
CSqGSIb3DQEBCwUAA4IBAQBW0MD4H2QwQOD7oS5zfrI9PJG/mYRl0bEOBD0VMY2c
L7QFA85bZt0/XuBaC7IM5GBKP+8O+hINTY2MfGcJrxAUvZxyqnfsP9dWK5NM4i2X
CWv/8tdKWqTY08zuwUvjbck5nn9TjdBIOr2Az1JOEYd0PXyJc/CpH2R26vRilTTU
1TMJCy2IovrqduIzD3ovzqXYrqxnKuEAqgZPFFkvLRXJc8Jbh5Jp44y2fRIwzjDR
sLTLBw8IQSG+gDF55WQBmVs+0JD3PAfDwuHGr3/Io6pbIpjO5caMOxeZ641f/ga0
G6d3zR+PkWDcsZ+n2mHPCyTznEzOwHxPSgkDEifkHaxA
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:23 2024 by rpki-client on console-fra.rpki-client.org