Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/zAJ-Op9oKnt9lcO_hYZtmMqaOuM.roa
File: zAJ-Op9oKnt9lcO_hYZtmMqaOuM.roa (raw, json)
Hash identifier: 8aOvUXD/LiVodHNjyM++aR+TxUSynQWaIsGso5Xpj50=
Subject key identifier: CC:02:7E:3A:9F:68:2A:7B:7D:95:C3:BF:85:86:6D:98:CA:9A:3A:E3
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018570675E8F13884F986BBF2D691F166840
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/zAJ-Op9oKnt9lcO_hYZtmMqaOuM.roa
Signing time: Mon 02 Jan 2023 02:55:00 +0000
ROA not before: Mon 02 Jan 2023 02:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26506
IP address blocks: 209.16.176.0/24 maxlen: 24
209.16.178.0/24 maxlen: 24
207.229.122.0/24 maxlen: 24
209.162.157.0/24 maxlen: 24
209.162.155.0/24 maxlen: 24
2a02:3d0:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:5e:8f:13:88:4f:98:6b:bf:2d:69:1f:16:68:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 2 02:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc027e3a9f682a7b7d95c3bf85866d98ca9a3ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:be:5d:e0:b1:6f:01:74:65:5d:cb:59:a1:19:
2d:74:34:2b:de:a1:59:98:7d:fd:ff:95:e6:4f:37:
a0:c5:a0:61:ec:0b:89:05:dc:20:5f:ff:6b:98:e1:
3a:de:fb:75:7d:e2:72:48:b2:24:80:3c:90:e6:72:
fc:8f:18:9e:fd:c4:a7:e8:81:95:93:9e:9f:82:17:
66:9d:07:8b:d1:c7:40:a0:e6:78:c3:05:6d:ff:2f:
be:bc:9b:60:78:c4:40:99:36:88:13:4a:50:e3:28:
f8:ad:de:53:5e:98:07:b0:38:e0:bc:ba:60:37:1f:
8a:05:63:99:1e:4b:3c:25:93:db:be:bc:aa:c5:e0:
5b:4e:78:1e:44:ad:e7:0b:d9:62:09:9e:b9:2e:84:
e8:65:7b:bd:c8:70:a8:05:d8:08:bf:6b:0f:2f:f0:
33:eb:97:ea:4f:98:b4:20:38:78:fb:b5:54:19:08:
8f:3b:30:63:64:f8:b4:00:32:08:58:f6:e4:5a:7d:
8b:7a:ee:63:68:47:39:f9:0c:6a:07:71:c5:d9:80:
ae:b1:ee:1e:9a:03:dc:7e:7c:e2:12:fe:f4:20:2d:
01:2c:2a:79:72:ee:30:c1:6e:39:9e:a0:01:c3:f9:
8e:70:7a:ef:1f:39:fa:c6:2c:6e:bd:96:09:64:3a:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:02:7E:3A:9F:68:2A:7B:7D:95:C3:BF:85:86:6D:98:CA:9A:3A:E3
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/zAJ-Op9oKnt9lcO_hYZtmMqaOuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.229.122.0/24
209.16.176.0/24
209.16.178.0/24
209.162.155.0/24
209.162.157.0/24
IPv6:
2a02:3d0:7::/48
Signature Algorithm: sha256WithRSAEncryption
43:74:4d:30:fd:80:f0:95:9e:14:6b:5b:43:6e:d7:40:6d:39:
66:d6:cc:25:c5:ee:43:5f:b6:eb:5f:c9:46:ee:b7:ea:e4:0b:
da:8c:fe:c2:5a:67:5c:d6:3d:9e:2c:2e:d0:8b:e3:4e:7d:99:
7b:b3:16:e5:ce:b8:93:64:16:8f:56:e6:b6:ae:8a:10:b9:65:
7f:19:fc:b9:65:09:9a:ba:e0:44:61:2e:cf:02:f3:53:4a:c1:
f5:9f:64:40:09:a7:03:f8:c7:e7:37:4e:91:1b:1d:d7:31:d8:
ee:22:e4:0a:58:16:fc:cf:bc:20:66:9f:9c:5c:2b:56:94:25:
a8:de:b5:4b:ab:9f:f2:2f:b3:77:d8:eb:fc:3a:99:1c:f5:19:
5f:04:28:77:38:fc:1c:af:d1:7e:90:31:5f:86:5e:71:f7:f5:
4f:81:a4:9d:f9:34:c9:05:02:7e:86:2d:80:3c:3b:1d:59:a1:
34:c4:b8:42:8f:ff:29:4a:15:bf:1b:fa:f5:ea:94:81:41:b1:
b2:09:6f:15:d2:0f:d5:41:a1:b1:9b:51:1e:00:c3:9b:25:e7:
c9:5c:54:1d:b1:83:ed:b5:3f:d3:96:b2:2d:27:5e:3b:f2:d2:
11:d0:89:75:c9:f5:c8:d9:86:7f:2c:f7:98:70:d5:29:17:ee:
5e:95:36:b3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVwZ16PE4hPmGu/LWkfFmhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjMwMTAyMDI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAyN2UzYTlmNjgyYTdiN2Q5NWMzYmY4NTg2NmQ5OGNhOWEzYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb5d4LFvAXRlXctZoRktdDQr3qFZ
mH39/5XmTzegxaBh7AuJBdwgX/9rmOE63vt1feJySLIkgDyQ5nL8jxie/cSn6IGV
k56fghdmnQeL0cdAoOZ4wwVt/y++vJtgeMRAmTaIE0pQ4yj4rd5TXpgHsDjgvLpg
Nx+KBWOZHks8JZPbvryqxeBbTngeRK3nC9liCZ65LoToZXu9yHCoBdgIv2sPL/Az
65fqT5i0IDh4+7VUGQiPOzBjZPi0ADIIWPbkWn2Leu5jaEc5+QxqB3HF2YCuse4e
mgPcfnziEv70IC0BLCp5cu4wwW45nqABw/mOcHrvHzn6xixuvZYJZDp8swIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMwCfjqfaCp7fZXDv4WGbZjKmjrjMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvekFKLU9wOW9LbnQ5bGNPX2hZWnRtTXFhT3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAz+V6AwQA
0RCwAwQA0RCyAwQA0aKbAwQA0aKdMA8EAgACMAkDBwAqAgPQAAcwDQYJKoZIhvcN
AQELBQADggEBAEN0TTD9gPCVnhRrW0Nu10BtOWbWzCXF7kNftutfyUbut+rkC9qM
/sJaZ1zWPZ4sLtCL4059mXuzFuXOuJNkFo9W5rauihC5ZX8Z/LllCZq64ERhLs8C
81NKwfWfZEAJpwP4x+c3TpEbHdcx2O4i5ApYFvzPvCBmn5xcK1aUJajetUurn/Iv
s3fY6/w6mRz1GV8EKHc4/Byv0X6QMV+GXnH39U+BpJ35NMkFAn6GLYA8Ox1ZoTTE
uEKP/ylKFb8b+vXqlIFBsbIJbxXSD9VBobGbUR4Aw5sl58lcVB2xg+21P9OWsi0n
Xjvy0hHQiXXJ9cjZhn8s95hw1SkX7l6VNrM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:18 2024 by rpki-client on console-fra.rpki-client.org