Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/_CibR25tz_pse_yed6_NGWvky5A.roa
File: _CibR25tz_pse_yed6_NGWvky5A.roa (raw, json)
Hash identifier: 6JonzpIkcHegg5T8trxiH8yg+df2P4BHugk5WNgvbDY=
Subject key identifier: FC:28:9B:47:6E:6D:CF:FA:6C:7B:FC:9E:77:AF:CD:19:6B:E4:CB:90
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AD0010D769ADD3AC3FFE72B02A569
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/_CibR25tz_pse_yed6_NGWvky5A.roa
Signing time: Mon 02 Jan 2023 17:15:06 +0000
ROA not before: Mon 02 Jan 2023 17:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202583
IP address blocks: 185.250.92.0/22 maxlen: 24
185.72.0.0/22 maxlen: 24
157.97.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:d0:01:0d:76:9a:dd:3a:c3:ff:e7:2b:02:a5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc289b476e6dcffa6c7bfc9e77afcd196be4cb90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:aa:69:ba:ec:05:b3:90:15:72:90:53:27:03:
10:ca:d5:7c:74:ef:15:ea:95:ea:39:51:bb:3f:59:
13:74:6b:da:c7:1f:5e:7e:15:bd:f1:01:c7:6d:53:
90:99:ac:a1:13:0d:9d:c5:6e:b2:c0:b9:1c:d5:13:
c7:73:23:06:4b:c0:a9:b2:41:a7:f6:00:93:e5:b5:
9f:d4:96:d5:2c:14:d7:ca:9a:8a:e4:4d:18:ca:f5:
41:b9:64:89:6f:d8:4b:96:eb:8d:fd:6b:92:d4:e0:
49:c7:9b:1e:91:db:04:50:c8:6b:2a:3a:04:3e:61:
8f:02:2f:18:4b:cd:c2:3c:cd:9a:3b:a9:8f:3c:5e:
48:4c:1b:ef:c2:9a:ff:fb:f6:5b:d1:7a:46:22:97:
b7:2c:16:ed:12:f6:4f:e3:cc:44:4a:9d:1c:6e:8a:
80:40:8e:8f:9e:82:c9:db:13:ae:63:17:cb:69:3b:
16:84:79:24:f7:7e:0c:d7:50:6c:72:6f:8b:46:4b:
1e:2c:5c:92:7c:b8:ec:03:58:3f:7c:7b:43:8b:01:
fb:e8:e4:e5:60:f7:14:01:e9:5b:25:a6:f8:08:cb:
bc:70:b9:1a:35:18:e3:d2:26:80:11:fa:4e:7f:46:
f2:2c:dd:b2:63:b2:dc:58:73:b3:54:e4:b4:6d:0e:
46:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:28:9B:47:6E:6D:CF:FA:6C:7B:FC:9E:77:AF:CD:19:6B:E4:CB:90
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/_CibR25tz_pse_yed6_NGWvky5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.176.0/21
185.72.0.0/22
185.250.92.0/22
Signature Algorithm: sha256WithRSAEncryption
35:52:3f:8f:0d:c4:f6:38:b4:0d:bc:ea:ff:85:40:f1:80:31:
f0:45:fc:8e:2a:1c:f8:ae:eb:f4:21:8f:9c:a0:7f:fa:eb:ef:
b4:82:86:4c:71:0c:1e:7b:01:08:20:52:37:3a:ed:ff:3c:61:
ec:18:fa:aa:93:3c:72:e1:6b:15:00:1c:f5:a1:3b:13:df:06:
a1:93:73:35:43:c2:bc:19:e1:cc:9a:be:52:80:98:ea:a3:e7:
d4:83:0e:47:fc:47:e9:9a:ac:24:29:20:4b:88:ba:d8:37:9f:
62:04:ee:2c:fb:c1:a8:35:2c:31:42:aa:38:1b:72:c2:3f:be:
c0:fd:ab:47:73:fe:67:6e:55:42:ea:3c:36:fa:82:f1:5d:d2:
b7:a0:b5:0c:92:67:f5:22:18:81:3e:9f:91:c9:94:c5:b5:69:
32:7d:4c:7d:78:71:22:de:01:33:6f:2f:45:06:66:da:ca:19:
87:b9:92:f1:8c:42:8e:f1:ce:de:e3:81:b7:ff:93:e7:f1:9c:
eb:54:39:31:41:39:ba:aa:f1:99:69:3e:3a:37:06:46:65:7e:
5c:92:01:73:9e:49:23:5a:f7:ab:49:64:0f:4a:bf:4a:55:76:
17:25:63:fe:6f:2d:68:94:3b:81:c0:c8:17:a8:83:24:ff:46:
c3:f7:42:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzetABDXaa3TrD/+crAqVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI4OWI0NzZlNmRjZmZhNmM3YmZjOWU3N2FmY2QxOTZiZTRjYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnappuuwFs5AVcpBTJwMQytV8dO8V
6pXqOVG7P1kTdGvaxx9efhW98QHHbVOQmayhEw2dxW6ywLkc1RPHcyMGS8CpskGn
9gCT5bWf1JbVLBTXypqK5E0YyvVBuWSJb9hLluuN/WuS1OBJx5sekdsEUMhrKjoE
PmGPAi8YS83CPM2aO6mPPF5ITBvvwpr/+/Zb0XpGIpe3LBbtEvZP48xESp0cboqA
QI6PnoLJ2xOuYxfLaTsWhHkk934M11Bscm+LRkseLFySfLjsA1g/fHtDiwH76OTl
YPcUAelbJab4CMu8cLkaNRjj0iaAEfpOf0byLN2yY7LcWHOzVOS0bQ5GjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPwom0dubc/6bHv8nnevzRlr5MuQMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvX0NpYlIyNXR6X3BzZV95ZWQ2X05HV3ZreTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDnWGwAwQC
uUgAAwQCufpcMA0GCSqGSIb3DQEBCwUAA4IBAQA1Uj+PDcT2OLQNvOr/hUDxgDHw
RfyOKhz4ruv0IY+coH/66++0goZMcQweewEIIFI3Ou3/PGHsGPqqkzxy4WsVABz1
oTsT3wahk3M1Q8K8GeHMmr5SgJjqo+fUgw5H/EfpmqwkKSBLiLrYN59iBO4s+8Go
NSwxQqo4G3LCP77A/atHc/5nblVC6jw2+oLxXdK3oLUMkmf1IhiBPp+RyZTFtWky
fUx9eHEi3gEzby9FBmbayhmHuZLxjEKO8c7e44G3/5Pn8ZzrVDkxQTm6qvGZaT46
NwZGZX5ckgFznkkjWverSWQPSr9KVXYXJWP+by1olDuBwMgXqIMk/0bD90Im
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org