Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/Braw1hTl-wIii4cEk0dEzfg89qw.roa
File: Braw1hTl-wIii4cEk0dEzfg89qw.roa (raw, json)
Hash identifier: H6cBoPRSdUiMPjF0Te+XpyX1VaGxb/HFBI0gUsy12AY=
Subject key identifier: 06:B6:B0:D6:14:E5:FB:02:22:8B:87:04:93:47:44:CD:F8:3C:F6:AC
Certificate issuer: /CN=43a438813750133e55001bf89670a0db3ae5be1f
Certificate serial: 01856C65DB9D4903D3AE92B9EE95EAFFAE3C
Authority key identifier: 43:A4:38:81:37:50:13:3E:55:00:1B:F8:96:70:A0:DB:3A:E5:BE:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/Braw1hTl-wIii4cEk0dEzfg89qw.roa
Signing time: Sun 01 Jan 2023 08:14:52 +0000
ROA not before: Sun 01 Jan 2023 08:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41778
IP address blocks: 194.50.177.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:db:9d:49:03:d3:ae:92:b9:ee:95:ea:ff:ae:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43a438813750133e55001bf89670a0db3ae5be1f
Validity
Not Before: Jan 1 08:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06b6b0d614e5fb02228b8704934744cdf83cf6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4f:a5:24:2e:7d:f2:5f:f5:db:26:0a:4e:70:
cd:38:ff:6f:84:ce:7d:c6:d8:60:76:d9:d1:71:5b:
86:bc:17:84:24:b6:d5:bd:aa:e1:d0:e3:7b:cf:b9:
17:b7:10:21:bc:2a:26:28:e6:6b:e5:85:89:40:06:
25:f4:c0:4c:69:c3:c3:a3:f5:ac:e3:81:e7:8e:9f:
92:94:95:f8:7e:b6:b7:0d:1d:68:35:46:c0:3a:8a:
df:0b:00:6e:c5:f7:33:f6:67:3f:9a:d8:c0:1f:5e:
da:d4:5b:b8:4b:ff:6b:d2:da:1c:de:ad:a3:85:4c:
42:73:81:22:0a:3f:24:ae:d8:6e:d4:d6:5b:01:07:
ac:47:f6:1f:49:fb:33:79:0e:c4:3d:00:09:7c:af:
7b:b5:91:db:e0:d8:fb:c6:75:d0:b8:54:16:22:3a:
a5:d8:0c:d7:25:66:49:cd:cc:d8:4b:76:46:e9:70:
8f:ed:95:d8:fa:a1:39:ec:e7:e6:a9:57:3c:86:17:
ca:5e:c7:09:67:fa:ed:ee:10:2d:4d:37:84:fb:89:
4c:88:6e:1e:55:1a:02:68:3f:e2:28:79:bf:2d:75:
48:a7:67:f2:66:55:22:6f:d1:a1:cb:8a:92:9f:40:
a3:d3:a9:c6:73:c6:74:c6:b8:98:8a:3a:89:9e:26:
1c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B6:B0:D6:14:E5:FB:02:22:8B:87:04:93:47:44:CD:F8:3C:F6:AC
X509v3 Authority Key Identifier:
keyid:43:A4:38:81:37:50:13:3E:55:00:1B:F8:96:70:A0:DB:3A:E5:BE:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/Braw1hTl-wIii4cEk0dEzfg89qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.177.0/24
Signature Algorithm: sha256WithRSAEncryption
05:65:63:c0:2f:60:0a:6d:fb:f7:ff:50:c2:2d:b8:a8:b2:2a:
1d:0b:ce:67:2d:9a:92:e5:17:ce:ea:31:a5:9e:b5:47:d3:da:
1b:0b:07:7e:4e:0f:c8:d9:bd:63:c4:9d:0f:5f:56:f8:ff:84:
71:46:e5:7b:1b:c0:59:0f:28:5b:85:7a:ab:12:5b:b6:c0:a5:
26:68:af:e6:ae:60:80:65:5f:c4:53:39:5a:64:a8:ba:e9:bb:
3b:74:7a:56:f5:be:9d:3f:84:14:c7:c9:7a:a3:b8:72:aa:84:
e1:d4:24:3f:70:32:f1:73:ab:0c:62:9d:e4:8f:d2:d6:ac:ef:
64:47:fd:2f:0d:16:95:0d:c9:06:61:89:8f:37:1c:31:ae:43:
73:6a:81:91:64:34:f5:c1:cb:d6:c4:ff:a4:cb:31:5b:b1:b2:
a4:b8:d4:c5:8d:0a:06:01:cf:cb:3c:19:75:1a:d6:4a:8f:b3:
c1:c3:39:3e:ed:13:a2:e3:38:97:41:4f:5e:3d:c7:3e:bc:fe:
e6:26:3b:2e:06:c7:f0:50:e3:4e:27:55:85:be:6b:62:9f:c2:
47:89:ca:b4:15:a6:96:34:bd:32:78:a6:4d:c3:35:e3:ee:a9:
63:02:6d:31:1d:5b:a8:73:58:1e:97:cc:bd:2a:a6:f6:92:35:
7e:b6:b8:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZdudSQPTrpK57pXq/648MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYTQzODgxMzc1MDEzM2U1NTAwMWJmODk2NzBhMGRiM2Fl
NWJlMWYwHhcNMjMwMTAxMDgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI2YjBkNjE0ZTVmYjAyMjI4Yjg3MDQ5MzQ3NDRjZGY4M2NmNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE+lJC598l/12yYKTnDNOP9vhM59
xthgdtnRcVuGvBeEJLbVvarh0ON7z7kXtxAhvComKOZr5YWJQAYl9MBMacPDo/Ws
44Hnjp+SlJX4fra3DR1oNUbAOorfCwBuxfcz9mc/mtjAH17a1Fu4S/9r0toc3q2j
hUxCc4EiCj8krthu1NZbAQesR/YfSfszeQ7EPQAJfK97tZHb4Nj7xnXQuFQWIjql
2AzXJWZJzczYS3ZG6XCP7ZXY+qE57OfmqVc8hhfKXscJZ/rt7hAtTTeE+4lMiG4e
VRoCaD/iKHm/LXVIp2fyZlUib9Ghy4qSn0Cj06nGc8Z0xriYijqJniYcyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAa2sNYU5fsCIouHBJNHRM34PPasMB8GA1UdIwQY
MBaAFEOkOIE3UBM+VQAb+JZwoNs65b4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZRNGdUZFFFejVWQUJ2NGxuQ2cyenJsdmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81Y2I0NzMtMzVhMS00NzI3LTg3NzMt
YTBkNmYwZWViNWMyLzEvQnJhdzFoVGwtd0lpaTRjRWswZEV6Zmc4OXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81Y2I0NzMtMzVhMS00NzI3LTg3NzMtYTBkNmYwZWViNWMy
LzEvUTZRNGdUZFFFejVWQUJ2NGxuQ2cyenJsdmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjKxMA0G
CSqGSIb3DQEBCwUAA4IBAQAFZWPAL2AKbfv3/1DCLbiosiodC85nLZqS5RfO6jGl
nrVH09obCwd+Tg/I2b1jxJ0PX1b4/4RxRuV7G8BZDyhbhXqrElu2wKUmaK/mrmCA
ZV/EUzlaZKi66bs7dHpW9b6dP4QUx8l6o7hyqoTh1CQ/cDLxc6sMYp3kj9LWrO9k
R/0vDRaVDckGYYmPNxwxrkNzaoGRZDT1wcvWxP+kyzFbsbKkuNTFjQoGAc/LPBl1
GtZKj7PBwzk+7ROi4ziXQU9ePcc+vP7mJjsuBsfwUONOJ1WFvmtin8JHicq0FaaW
NL0yeKZNwzXj7qljAm0xHVuoc1gel8y9Kqb2kjV+trhE
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:16 2024 by rpki-client on console-ams.rpki-client.org