Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PANRS0lfeDwuDRSaqWdcfAHUMYc.roa
File: PANRS0lfeDwuDRSaqWdcfAHUMYc.roa (raw, json)
Hash identifier: ICl1eG2ARgkBfNUJRgclPtKn+X0zjXUpUaFDeFNJ4II=
Subject key identifier: 3C:03:51:4B:49:5F:78:3C:2E:0D:14:9A:A9:67:5C:7C:01:D4:31:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C8D52FAFAF8214D95D93D87906F85AA89
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PANRS0lfeDwuDRSaqWdcfAHUMYc.roa
Signing time: Thu 21 Dec 2023 17:01:14 +0000
ROA not before: Thu 21 Dec 2023 17:01:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136359
IP address blocks: 103.212.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:52:fa:fa:f8:21:4d:95:d9:3d:87:90:6f:85:aa:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 21 17:01:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c03514b495f783c2e0d149aa9675c7c01d43187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9e:2f:0b:44:f7:b6:38:84:61:b7:cf:c3:12:
4e:2a:04:60:c2:f9:b1:42:44:db:b1:1f:bc:8b:b8:
d5:46:a7:28:d9:1b:62:a0:f6:f0:25:bb:bd:39:f6:
91:0b:22:b2:ec:5c:9a:bb:72:68:97:b0:d2:b9:fd:
a6:49:6e:3e:94:92:0a:36:6a:f2:75:b2:c2:e0:e1:
41:07:6b:93:ce:2f:58:ce:bf:85:af:ce:e9:0f:b9:
2b:fa:68:68:41:41:76:24:cf:3b:27:07:e5:29:c2:
f2:72:9e:6a:de:69:ef:f2:c5:e3:c2:81:46:fd:ae:
35:ef:8b:ae:96:07:5b:c4:d2:60:af:28:26:28:eb:
f9:5a:5d:1a:c1:92:c4:b7:32:e2:a6:3e:a6:c1:c2:
cd:85:74:50:fd:56:f0:d6:ea:42:f7:3c:f6:fc:8d:
bc:41:a6:fc:32:da:05:ee:59:9f:33:b9:0d:60:f6:
43:c4:b5:ac:7c:e3:a4:a2:62:aa:12:5a:d9:b8:6f:
74:6b:09:f2:c5:a1:76:71:7a:69:7e:91:b6:05:c8:
c9:ef:41:5c:53:d8:65:e5:ed:72:00:c8:cd:a7:d1:
89:a5:4f:a1:7e:6c:e7:3e:fc:99:96:de:86:0a:bb:
c0:b6:1d:7f:40:7f:b9:00:53:65:16:d9:3b:17:2c:
dd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:03:51:4B:49:5F:78:3C:2E:0D:14:9A:A9:67:5C:7C:01:D4:31:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PANRS0lfeDwuDRSaqWdcfAHUMYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.212.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:1e:00:be:98:e4:9b:9c:9f:d5:ff:67:d1:78:0b:8b:62:ec:
07:34:b1:3e:dc:5f:65:b4:c1:0d:ad:7c:0a:90:38:1e:05:0e:
dc:55:1a:61:12:2c:74:da:22:06:a3:95:ea:fd:a9:61:3e:e9:
5c:23:1e:3a:ec:e0:d3:d9:2b:70:7e:1d:cd:91:12:6a:20:9c:
5f:bc:d3:df:d6:36:88:ec:91:e1:ba:97:3e:26:93:63:6a:66:
12:c8:5f:87:62:4e:a3:57:23:39:23:38:61:4c:fa:a4:d0:c9:
8e:81:0f:72:0a:ef:ce:57:97:eb:96:29:23:ac:60:8c:fc:36:
05:5b:98:8c:b5:47:0b:aa:4e:08:ba:37:6b:8d:ae:75:12:f6:
43:dd:41:2b:6b:a8:31:69:c8:22:97:ca:9f:53:80:1f:5d:03:
3b:bf:25:7b:6e:90:3c:ef:44:69:f2:2d:78:fa:fa:40:01:e8:
63:79:88:99:54:01:1d:41:f5:fd:07:eb:4e:5e:4f:51:79:2b:
48:26:f5:07:89:c4:7d:d9:ce:31:a0:cd:11:1b:fa:80:9e:de:
34:d7:bd:ba:db:60:43:f3:c4:4e:a5:5c:8a:6c:27:74:b5:e5:
c0:0c:f2:39:66:74:67:ab:1a:f7:12:a9:db:c0:73:0f:1f:2b:
c7:72:4e:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyNUvr6+CFNldk9h5BvhaqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjIxMTcwMTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzAzNTE0YjQ5NWY3ODNjMmUwZDE0OWFhOTY3NWM3YzAxZDQzMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ4vC0T3tjiEYbfPwxJOKgRgwvmx
QkTbsR+8i7jVRqco2RtioPbwJbu9OfaRCyKy7Fyau3Jol7DSuf2mSW4+lJIKNmry
dbLC4OFBB2uTzi9Yzr+Fr87pD7kr+mhoQUF2JM87JwflKcLycp5q3mnv8sXjwoFG
/a4174uulgdbxNJgrygmKOv5Wl0awZLEtzLipj6mwcLNhXRQ/Vbw1upC9zz2/I28
Qab8MtoF7lmfM7kNYPZDxLWsfOOkomKqElrZuG90awnyxaF2cXppfpG2BcjJ70Fc
U9hl5e1yAMjNp9GJpU+hfmznPvyZlt6GCrvAth1/QH+5AFNlFtk7FyzdpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwDUUtJX3g8Lg0UmqlnXHwB1DGHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUEFOUlMwbGZlRHd1RFJTYXFXZGNmQUhVTVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9RRMA0G
CSqGSIb3DQEBCwUAA4IBAQAeHgC+mOSbnJ/V/2fReAuLYuwHNLE+3F9ltMENrXwK
kDgeBQ7cVRphEix02iIGo5Xq/alhPulcIx467ODT2Stwfh3NkRJqIJxfvNPf1jaI
7JHhupc+JpNjamYSyF+HYk6jVyM5IzhhTPqk0MmOgQ9yCu/OV5frlikjrGCM/DYF
W5iMtUcLqk4Iujdrja51EvZD3UEra6gxacgil8qfU4AfXQM7vyV7bpA870Rp8i14
+vpAAehjeYiZVAEdQfX9B+tOXk9ReStIJvUHicR92c4xoM0RG/qAnt40172622BD
88ROpVyKbCd0teXADPI5ZnRnqxr3EqnbwHMPHyvHck7A
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org