Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/ZF7DlWG2hYxhttRbiaClKiQYQNE.roa
File: ZF7DlWG2hYxhttRbiaClKiQYQNE.roa (raw, json)
Hash identifier: sfoyZL2sR89aaQEp50MZTqDTwVFd7DCFgMyViUDYq8g=
Subject key identifier: 64:5E:C3:95:61:B6:85:8C:61:B6:D4:5B:89:A0:A5:2A:24:18:40:D1
Certificate issuer: /CN=c7f6ad83f25c2886a25857fb515d4559527c46f7
Certificate serial: 01856CB830F842736205D079BE43470E09C4
Authority key identifier: C7:F6:AD:83:F2:5C:28:86:A2:58:57:FB:51:5D:45:59:52:7C:46:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/ZF7DlWG2hYxhttRbiaClKiQYQNE.roa
Signing time: Sun 01 Jan 2023 09:44:48 +0000
ROA not before: Sun 01 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47207
IP address blocks: 93.157.0.0/21 maxlen: 24
195.5.163.0/24 maxlen: 24
2001:67c:54::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:30:f8:42:73:62:05:d0:79:be:43:47:0e:09:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f6ad83f25c2886a25857fb515d4559527c46f7
Validity
Not Before: Jan 1 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645ec39561b6858c61b6d45b89a0a52a241840d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ce:a8:56:f3:90:e5:b5:7d:f1:1e:0e:4b:49:
68:d3:56:86:e7:ad:e8:c3:30:73:a4:c1:43:42:c7:
de:ce:ba:c7:13:a4:6b:ad:e1:81:cc:6f:e3:c0:4a:
df:98:2a:58:6b:a9:49:b2:b4:90:40:e8:cf:fb:c9:
cc:98:98:da:6f:fe:9e:14:8a:d8:a5:74:d9:b4:f6:
7a:37:5e:c2:5c:53:82:f2:9b:4d:81:7c:ba:7b:56:
79:fe:d7:eb:16:22:d8:f0:70:85:5e:f4:05:e6:19:
88:51:5c:1b:c1:9f:a2:ab:98:b6:60:1b:52:f5:11:
65:d3:c2:bb:4a:64:10:0e:b6:91:8b:eb:8f:d5:e1:
e3:0a:85:de:1c:cb:7b:6a:bb:8e:9c:5e:a1:b2:5b:
43:13:91:01:75:fe:a6:20:f1:76:27:74:8f:c5:76:
3f:18:e5:d8:8b:82:73:a8:75:cb:5d:91:be:0b:b0:
70:04:d9:4c:1f:6d:d6:58:69:a4:d4:55:4d:0f:19:
b1:59:9d:14:21:f0:ee:ce:bb:a6:b4:e9:e5:f6:10:
4a:4d:6b:6b:a0:ae:11:d9:b8:a1:fc:32:33:ce:a3:
55:0c:ee:ee:fe:5c:6c:d9:f0:27:54:b7:88:43:19:
9d:1e:25:70:26:30:44:47:49:fd:ff:1a:6d:4f:7e:
ff:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5E:C3:95:61:B6:85:8C:61:B6:D4:5B:89:A0:A5:2A:24:18:40:D1
X509v3 Authority Key Identifier:
keyid:C7:F6:AD:83:F2:5C:28:86:A2:58:57:FB:51:5D:45:59:52:7C:46:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/ZF7DlWG2hYxhttRbiaClKiQYQNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.0.0/21
195.5.163.0/24
IPv6:
2001:67c:54::/48
Signature Algorithm: sha256WithRSAEncryption
3c:9d:8b:75:3d:b5:20:30:76:6c:b4:36:df:5f:a3:30:76:1b:
9e:b1:23:44:4d:66:6a:5d:18:22:97:3d:e6:80:84:a2:a2:aa:
aa:2f:2c:34:d4:28:63:fa:88:79:0b:55:3a:98:e3:97:35:d8:
cc:fc:06:01:da:e3:cd:72:90:d3:c6:2f:70:57:69:de:2f:7e:
39:f0:96:af:9c:9e:f2:e1:fb:47:72:8a:7c:33:e8:d7:84:a9:
10:5c:4e:12:63:86:17:f4:e0:7f:8a:ff:06:90:d7:25:19:e1:
5e:be:76:0e:1f:4a:1f:5a:b9:a9:d3:ac:9f:ac:d9:9f:4e:9a:
24:29:33:72:35:2d:47:5c:30:4c:9c:b1:1f:0f:f4:0e:4e:ae:
db:8a:f5:3f:50:5f:d0:54:58:c4:35:a9:a6:bd:4f:c6:de:3a:
99:1b:dd:c1:d8:11:ee:16:ca:c6:c1:b1:94:42:02:72:52:fc:
7b:37:23:cd:66:49:1a:63:d8:1c:ed:c5:10:6e:a4:88:4e:a2:
6d:45:44:90:10:c9:ab:b0:6c:94:0f:45:a4:47:fe:4b:cf:64:
45:7a:c0:53:be:65:26:33:39:f0:f3:bd:3a:fd:01:a7:86:62:
64:9a:78:10:ff:3f:3a:8e:22:f1:98:e0:46:4a:5a:0f:03:0e:
49:da:2b:d6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsuDD4QnNiBdB5vkNHDgnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjZhZDgzZjI1YzI4ODZhMjU4NTdmYjUxNWQ0NTU5NTI3
YzQ2ZjcwHhcNMjMwMTAxMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVlYzM5NTYxYjY4NThjNjFiNmQ0NWI4OWEwYTUyYTI0MTg0MGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM6oVvOQ5bV98R4OS0lo01aG563o
wzBzpMFDQsfezrrHE6RrreGBzG/jwErfmCpYa6lJsrSQQOjP+8nMmJjab/6eFIrY
pXTZtPZ6N17CXFOC8ptNgXy6e1Z5/tfrFiLY8HCFXvQF5hmIUVwbwZ+iq5i2YBtS
9RFl08K7SmQQDraRi+uP1eHjCoXeHMt7aruOnF6hsltDE5EBdf6mIPF2J3SPxXY/
GOXYi4JzqHXLXZG+C7BwBNlMH23WWGmk1FVNDxmxWZ0UIfDuzrumtOnl9hBKTWtr
oK4R2bih/DIzzqNVDO7u/lxs2fAnVLeIQxmdHiVwJjBER0n9/xptT37/ywIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGRew5VhtoWMYbbUW4mgpSokGEDRMB8GA1UdIwQY
MBaAFMf2rYPyXCiGolhX+1FdRVlSfEb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9hdGdfSmNLSWFpV0ZmN1VWMUZXVko4UnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85N2U0ZTUtMDI0Ny00NmJhLTgzY2Et
MzI2OGFlOTA5NmRjLzEvWkY3RGxXRzJoWXhodHRSYmlhQ2xLaVFZUU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85N2U0ZTUtMDI0Ny00NmJhLTgzY2EtMzI2OGFlOTA5NmRj
LzEveF9hdGdfSmNLSWFpV0ZmN1VWMUZXVko4UnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDXZ0AAwQA
wwWjMA8EAgACMAkDBwAgAQZ8AFQwDQYJKoZIhvcNAQELBQADggEBADydi3U9tSAw
dmy0Nt9fozB2G56xI0RNZmpdGCKXPeaAhKKiqqovLDTUKGP6iHkLVTqY45c12Mz8
BgHa481ykNPGL3BXad4vfjnwlq+cnvLh+0dyinwz6NeEqRBcThJjhhf04H+K/waQ
1yUZ4V6+dg4fSh9auanTrJ+s2Z9OmiQpM3I1LUdcMEycsR8P9A5OrtuK9T9QX9BU
WMQ1qaa9T8beOpkb3cHYEe4WysbBsZRCAnJS/Hs3I81mSRpj2BztxRBupIhOom1F
RJAQyauwbJQPRaRH/kvPZEV6wFO+ZSYzOfDzvTr9AaeGYmSaeBD/PzqOIvGY4EZK
Wg8DDknaK9Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:12 2024 by rpki-client on console-ams.rpki-client.org