Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/aTSK_FwmsWXvqqLgkRWfZyn0y2c.roa
File: aTSK_FwmsWXvqqLgkRWfZyn0y2c.roa (raw, json)
Hash identifier: ZyE3m33f01D86H5p9Ajn+B6G2kkj9khtIYDBogaNbiM=
Subject key identifier: 69:34:8A:FC:5C:26:B1:65:EF:AA:A2:E0:91:15:9F:67:29:F4:CB:67
Certificate issuer: /CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Certificate serial: 018CC4937EF4FF509FFD2230182973913BB7
Authority key identifier: 00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/aTSK_FwmsWXvqqLgkRWfZyn0y2c.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24634
IP address blocks: 185.40.208.0/22 maxlen: 24
2a04:86c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7e:f4:ff:50:9f:fd:22:30:18:29:73:91:3b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69348afc5c26b165efaaa2e091159f6729f4cb67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0d:5f:d9:12:9e:61:4e:f9:0c:5e:ab:d2:9c:
e1:ac:c8:2d:01:36:23:b4:a6:44:95:40:11:a0:75:
30:7d:b3:dc:6f:0a:0d:ff:40:2a:47:5a:c8:fa:6b:
63:e7:4e:3e:59:03:c2:df:8a:a0:9e:75:79:51:18:
f9:83:44:59:40:81:44:22:86:96:f9:cb:92:72:6f:
b5:54:86:b7:a7:67:47:d8:f5:d7:a9:71:b1:19:6a:
4c:72:c6:2b:08:53:ff:da:86:c7:93:ec:14:0d:56:
0d:8c:a8:d5:4e:3a:24:ae:e8:b4:9f:2e:a0:e4:be:
46:6b:55:39:9f:30:7d:31:94:ca:ab:7f:2e:a9:2b:
20:2e:84:ab:48:0d:a5:eb:3f:c8:13:ce:2c:e8:ce:
2b:da:77:15:ce:cc:69:81:cd:ec:89:b1:b6:9b:9a:
fb:db:22:a7:60:3c:d7:76:0d:60:fb:14:72:03:43:
92:f3:3a:86:5b:ab:4b:48:80:42:37:57:ee:84:83:
09:d5:e5:59:5f:f2:6d:97:24:95:4f:97:a2:b0:8d:
b1:9b:06:42:29:13:0b:fd:03:41:45:94:3e:27:b2:
40:0f:0b:5d:ac:90:9f:fc:ef:08:d1:ee:62:96:95:
19:72:2d:d4:70:73:95:4e:7f:6b:7f:b2:b6:03:b2:
76:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:34:8A:FC:5C:26:B1:65:EF:AA:A2:E0:91:15:9F:67:29:F4:CB:67
X509v3 Authority Key Identifier:
keyid:00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/aTSK_FwmsWXvqqLgkRWfZyn0y2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.208.0/22
IPv6:
2a04:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:f2:d7:d2:6b:a0:a8:0c:52:1b:d1:37:da:56:7b:94:9c:bc:
29:a0:74:fa:51:03:50:cc:b9:00:73:5a:00:51:23:b5:3d:df:
9a:0f:db:57:59:54:05:15:39:51:c9:7c:38:64:23:04:25:71:
ba:c8:4b:08:82:01:c2:bd:8f:fe:c5:51:a5:ac:fa:37:75:a4:
ad:8a:48:b1:8b:1f:f0:4d:a0:db:66:91:f5:61:14:4b:e2:05:
9c:df:4c:c8:66:eb:74:11:bf:49:ab:bc:d4:e9:5e:59:6c:78:
46:eb:3d:47:3f:74:5b:9c:75:2f:15:a4:16:c3:91:58:de:40:
6a:91:4b:e5:18:1d:09:97:34:e7:94:bb:1e:05:dc:55:a9:08:
c1:fb:de:64:ec:a0:72:ed:3c:15:13:c8:c0:7a:60:b1:25:c4:
41:2b:b7:3e:f0:15:75:db:e5:9d:45:df:29:b4:c7:17:8e:13:
65:61:81:96:41:4c:f1:88:71:cd:fd:d3:c7:a8:f1:59:47:c3:
92:10:a8:1c:d1:e7:f1:5c:a4:80:2d:3d:32:ec:38:92:3c:18:
26:fa:1b:2c:3f:f1:54:54:a6:c8:79:62:3c:a7:b6:0a:d0:20:
f8:f0:95:20:04:ec:9d:46:7a:42:d8:e4:36:e3:22:04:2c:21:
0c:5e:d5:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk370/1Cf/SIwGClzkTu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWY5ZGRhMzA3Y2I1MjUzODVlZjkwZjUwNmQwZDU3YmI5
ZDJiZjIwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM0OGFmYzVjMjZiMTY1ZWZhYWEyZTA5MTE1OWY2NzI5ZjRjYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA1f2RKeYU75DF6r0pzhrMgtATYj
tKZElUARoHUwfbPcbwoN/0AqR1rI+mtj504+WQPC34qgnnV5URj5g0RZQIFEIoaW
+cuScm+1VIa3p2dH2PXXqXGxGWpMcsYrCFP/2obHk+wUDVYNjKjVTjokrui0ny6g
5L5Ga1U5nzB9MZTKq38uqSsgLoSrSA2l6z/IE84s6M4r2ncVzsxpgc3sibG2m5r7
2yKnYDzXdg1g+xRyA0OS8zqGW6tLSIBCN1fuhIMJ1eVZX/JtlySVT5eisI2xmwZC
KRML/QNBRZQ+J7JADwtdrJCf/O8I0e5ilpUZci3UcHOVTn9rf7K2A7J2uQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGk0ivxcJrFl76qi4JEVn2cp9MtnMB8GA1UdIwQY
MBaAFACvndowfLUlOF75D1BtDVe7nSvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTkt
OTBlYWNlOWUwNTllLzEvYVRTS19Gd21zV1h2cXFMZ2tSV2ZaeW4weTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTktOTBlYWNlOWUwNTll
LzEvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSjQMA0E
AgACMAcDBQMqBIbAMA0GCSqGSIb3DQEBCwUAA4IBAQAB8tfSa6CoDFIb0TfaVnuU
nLwpoHT6UQNQzLkAc1oAUSO1Pd+aD9tXWVQFFTlRyXw4ZCMEJXG6yEsIggHCvY/+
xVGlrPo3daStikixix/wTaDbZpH1YRRL4gWc30zIZut0Eb9Jq7zU6V5ZbHhG6z1H
P3RbnHUvFaQWw5FY3kBqkUvlGB0JlzTnlLseBdxVqQjB+95k7KBy7TwVE8jAemCx
JcRBK7c+8BV12+WdRd8ptMcXjhNlYYGWQUzxiHHN/dPHqPFZR8OSEKgc0efxXKSA
LT0y7DiSPBgm+hssP/FUVKbIeWI8p7YK0CD48JUgBOydRnpC2OQ24yIELCEMXtUr
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:32:56 2025 by rpki-client