Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/_MZPw4OZukZ236zR1iY_26z5KFs.roa
File: _MZPw4OZukZ236zR1iY_26z5KFs.roa (raw, json)
Hash identifier: RaMFguEIFnLetrLFpZQg++eW6LVYzYhqEfhuw6I21Lo=
Subject key identifier: FC:C6:4F:C3:83:99:BA:46:76:DF:AC:D1:D6:26:3F:DB:AC:F9:28:5B
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 01857082A7FE5ED41CB4382C40455FBFDE3D
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/_MZPw4OZukZ236zR1iY_26z5KFs.roa
Signing time: Mon 02 Jan 2023 03:24:48 +0000
ROA not before: Mon 02 Jan 2023 03:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 152.88.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:a7:fe:5e:d4:1c:b4:38:2c:40:45:5f:bf:de:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Jan 2 03:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcc64fc38399ba4676dfacd1d6263fdbacf9285b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:47:26:64:19:ba:f5:8f:fa:1f:65:81:70:
05:76:37:9f:76:9d:a7:df:5c:0c:12:0e:ed:ef:dd:
3d:ee:ae:7f:29:dd:84:f7:5a:9f:97:1f:17:46:58:
ac:5f:cb:ce:b4:d9:00:b4:43:cd:cb:25:1d:3b:ac:
eb:73:1b:0e:00:72:cf:8c:44:bf:45:f0:c2:09:22:
8c:df:cc:9c:54:23:8e:d8:b8:35:48:76:58:e0:3e:
e1:fb:9c:be:7c:51:b1:96:fa:c7:d2:1a:63:1b:f9:
81:16:48:06:b0:33:07:06:90:2c:62:d6:19:6c:40:
47:05:98:67:e4:1b:13:ae:11:1b:95:77:b3:0b:bc:
a2:26:71:60:95:e0:ed:e0:59:36:b4:e0:d8:25:6e:
5f:2f:e7:fb:04:e4:4c:34:b6:7d:36:89:8a:9d:d2:
da:d0:c6:24:0e:c7:ee:36:75:80:2a:a6:8f:30:bf:
49:48:59:c5:5e:ff:f7:7f:e9:83:93:dd:ce:c6:c7:
b8:69:8c:59:4a:b4:b7:90:74:e4:c2:93:25:7e:58:
88:e8:ff:e0:00:36:7b:92:23:62:73:91:c0:0e:c2:
20:f6:cd:39:c5:97:9a:4a:c0:8c:2c:8a:89:9c:35:
4a:a8:26:77:bc:c4:17:b0:e2:19:df:90:3d:05:fa:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C6:4F:C3:83:99:BA:46:76:DF:AC:D1:D6:26:3F:DB:AC:F9:28:5B
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/_MZPw4OZukZ236zR1iY_26z5KFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:e1:77:3e:d5:23:ad:46:e3:58:0d:66:aa:8c:71:64:6f:71:
a7:2d:9c:19:04:6f:fb:d5:ee:5e:e4:6a:4c:9e:cf:d3:54:c9:
d0:47:53:f7:b6:7f:e5:27:e2:f8:cd:7c:c0:cc:fc:ae:fd:05:
15:ea:3f:ad:87:21:79:32:e2:89:2d:46:e9:46:2b:e3:98:35:
72:c7:6e:a5:29:90:cf:22:ed:4c:4f:ed:21:f8:55:56:83:4b:
04:bc:9a:6f:1a:be:75:b9:fd:17:e9:c2:21:b0:1e:5f:ff:d1:
b4:90:95:32:f3:49:79:6d:ed:e8:b3:fb:3b:0c:6a:fe:f3:d0:
8e:f2:91:93:1d:13:61:33:a0:9a:4a:a2:c1:cf:8d:bf:d5:a2:
d6:ec:7c:57:18:76:e0:25:c0:ca:ac:d3:cb:aa:19:f7:c0:74:
d3:59:a3:63:a5:7b:3f:ab:02:d1:8d:dd:97:83:24:e3:d1:36:
71:0a:db:9a:d5:b0:33:4a:92:b8:73:54:b4:32:81:ec:f4:e1:
59:d8:83:6c:5f:51:83:54:00:1a:65:e9:ee:a0:90:80:a3:0d:
2c:69:0f:2c:32:2b:dc:d2:21:2e:68:4f:f0:9f:5c:81:01:be:
b8:e5:8e:06:ea:1b:7a:73:0d:cc:82:79:a1:de:1f:64:84:f4:
97:80:8e:2a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVwgqf+XtQctDgsQEVfv949MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjMwMTAyMDMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2M2NGZjMzgzOTliYTQ2NzZkZmFjZDFkNjI2M2ZkYmFjZjkyODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtulHJmQZuvWP+h9lgXAFdjefdp2n
31wMEg7t79097q5/Kd2E91qflx8XRlisX8vOtNkAtEPNyyUdO6zrcxsOAHLPjES/
RfDCCSKM38ycVCOO2Lg1SHZY4D7h+5y+fFGxlvrH0hpjG/mBFkgGsDMHBpAsYtYZ
bEBHBZhn5BsTrhEblXezC7yiJnFgleDt4Fk2tODYJW5fL+f7BORMNLZ9NomKndLa
0MYkDsfuNnWAKqaPML9JSFnFXv/3f+mDk93Oxse4aYxZSrS3kHTkwpMlfliI6P/g
ADZ7kiNic5HADsIg9s05xZeaSsCMLIqJnDVKqCZ3vMQXsOIZ35A9BfoKxQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFPzGT8ODmbpGdt+s0dYmP9us+ShbMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvX01aUHc0T1p1a1oyMzZ6UjFpWV8yNno1S0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmFgwDQYJ
KoZIhvcNAQELBQADggEBABXhdz7VI61G41gNZqqMcWRvcactnBkEb/vV7l7kakye
z9NUydBHU/e2f+Un4vjNfMDM/K79BRXqP62HIXky4oktRulGK+OYNXLHbqUpkM8i
7UxP7SH4VVaDSwS8mm8avnW5/RfpwiGwHl//0bSQlTLzSXlt7eiz+zsMav7z0I7y
kZMdE2EzoJpKosHPjb/VotbsfFcYduAlwMqs08uqGffAdNNZo2Olez+rAtGN3ZeD
JOPRNnEK25rVsDNKkrhzVLQygez04VnYg2xfUYNUABpl6e6gkICjDSxpDywyK9zS
IS5oT/CfXIEBvrjljgbqG3pzDcyCeaHeH2SE9JeAjio=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:08 2024 by rpki-client on console-fra.rpki-client.org