Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/tnkywa-YfYFKda5p3XRXKYumKFg.roa
File: tnkywa-YfYFKda5p3XRXKYumKFg.roa (raw, json)
Hash identifier: QbnHFCkQS6mrPCmBDTjBXziEPIWW5/fNk0h45DqUq54=
Subject key identifier: B6:79:32:C1:AF:98:7D:81:4A:75:AE:69:DD:74:57:29:8B:A6:28:58
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 018674B708546CB76B3FC7451E545909860E
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/tnkywa-YfYFKda5p3XRXKYumKFg.roa
Signing time: Tue 21 Feb 2023 16:03:17 +0000
ROA not before: Tue 21 Feb 2023 16:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
62.41.160.0/24 maxlen: 24
46.33.64.0/19 maxlen: 24
62.41.80.0/22 maxlen: 24
62.41.84.0/23 maxlen: 24
62.41.102.0/24 maxlen: 24
212.115.128.0/18 maxlen: 24
213.200.64.0/18 maxlen: 18
195.143.0.0/16 maxlen: 24
141.136.96.0/20 maxlen: 20
194.121.52.0/22 maxlen: 22
89.149.128.0/18 maxlen: 24
77.67.0.0/17 maxlen: 24
87.119.64.0/18 maxlen: 24
134.222.0.0/16 maxlen: 16
212.222.0.0/16 maxlen: 24
92.71.0.0/17 maxlen: 17
212.221.0.0/17 maxlen: 24
77.77.128.0/18 maxlen: 24
213.251.0.0/18 maxlen: 24
185.160.40.0/22 maxlen: 22
62.41.16.0/21 maxlen: 24
62.132.0.0/22 maxlen: 22
62.41.24.0/22 maxlen: 24
62.132.16.0/22 maxlen: 22
62.132.24.0/23 maxlen: 23
62.41.32.0/24 maxlen: 24
62.41.37.0/24 maxlen: 24
62.132.28.0/24 maxlen: 24
92.71.128.0/18 maxlen: 18
62.132.42.0/23 maxlen: 23
62.41.56.0/21 maxlen: 24
62.41.64.0/20 maxlen: 24
213.254.192.0/18 maxlen: 24
62.41.0.0/20 maxlen: 24
2a00:1750::/32 maxlen: 32
2001:668::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:b7:08:54:6c:b7:6b:3f:c7:45:1e:54:59:09:86:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Feb 21 16:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b67932c1af987d814a75ae69dd7457298ba62858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:2f:69:c6:8b:3a:32:1b:b8:13:b9:e6:41:
58:ba:89:a6:72:87:47:0e:6e:c3:47:a0:b3:b5:8b:
d5:72:7b:35:9c:67:b6:8c:b3:25:42:7a:4d:3b:d8:
53:d1:f7:d0:8c:50:4e:4a:e0:dc:01:d6:3a:74:33:
15:ed:cb:6d:51:28:f2:fc:ea:e4:ce:f9:14:3b:9a:
e3:f6:c1:21:2d:76:03:96:a2:56:f6:4d:e0:30:d3:
80:95:79:04:11:2a:5f:90:5f:53:eb:32:19:bc:e0:
92:4b:f6:72:f6:11:12:63:3d:72:e5:60:1d:89:2d:
df:60:9c:3d:c4:3e:44:70:7c:06:70:72:a3:51:64:
53:f2:65:16:27:a4:8d:5e:30:b0:82:16:62:37:76:
3f:27:74:ff:9f:45:2e:f3:44:36:be:42:9c:63:5a:
3f:9d:50:25:2b:ad:f8:df:4c:d1:08:a9:4c:6b:62:
37:74:ac:56:a3:48:9b:d4:7b:67:ed:79:da:f9:46:
60:15:3b:c8:40:31:73:a2:04:d9:4a:b8:ac:9e:6a:
0e:f8:fc:27:27:71:c6:65:19:a6:5b:bd:86:da:07:
48:bf:b1:bc:a8:6c:51:04:8b:01:e1:8d:e5:c6:d6:
6e:3c:3c:a3:eb:96:9b:2d:ad:96:e5:10:ee:bb:28:
88:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:79:32:C1:AF:98:7D:81:4A:75:AE:69:DD:74:57:29:8B:A6:28:58
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/tnkywa-YfYFKda5p3XRXKYumKFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
92.71.0.0-92.71.191.255
134.222.0.0/16
141.136.96.0/20
185.160.40.0/22
194.121.52.0/22
195.143.0.0/16
212.115.128.0/18
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
IPv6:
2001:668::/29
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
6f:2a:5d:8d:74:2d:45:51:11:d5:41:a3:8d:f4:f1:d5:a6:18:
ab:74:6b:15:cb:08:eb:b1:83:22:7b:49:f4:45:7c:95:70:a4:
2d:10:1b:9f:d3:f9:f5:86:81:e7:13:da:2c:78:f8:aa:48:e9:
3e:16:f0:9c:f2:e0:9a:a7:56:0c:9d:2a:a3:89:3e:4d:87:62:
12:56:1f:0c:bc:66:1b:10:96:d2:39:7d:d0:fe:7f:34:b1:2f:
dd:ba:21:65:73:a5:18:2d:0c:0e:8e:c6:c8:c7:ca:55:32:9e:
3d:61:3d:b9:6f:71:da:5d:9d:5a:2a:c2:57:97:0a:c3:09:f4:
0d:1b:52:79:f9:1b:79:7e:71:20:74:0b:29:0f:07:b0:46:9d:
ca:e4:88:0a:db:35:e3:8a:f6:b4:ed:be:07:4c:16:09:cd:12:
64:72:a2:85:fb:d2:70:7a:fa:fa:7f:d4:37:f1:be:23:9c:b8:
19:f9:50:07:63:67:ce:c9:84:6d:6d:58:bf:aa:0a:20:6c:1a:
16:1d:83:f6:ef:45:d8:17:e4:57:7d:74:ce:25:81:2a:8f:f2:
8d:c3:3e:49:54:b1:67:74:69:99:79:f4:99:61:1e:9b:c9:14:
de:e9:1c:5f:a7:c6:69:e3:86:c7:9d:67:34:13:d4:d5:e7:20:
9e:fb:90:49
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAYZ0twhUbLdrP8dFHlRZCYYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMjIxMTYwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc5MzJjMWFmOTg3ZDgxNGE3NWFlNjlkZDc0NTcyOThiYTYyODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+AvacaLOjIbuBO55kFYuommcodH
Dm7DR6CztYvVcns1nGe2jLMlQnpNO9hT0ffQjFBOSuDcAdY6dDMV7cttUSjy/Ork
zvkUO5rj9sEhLXYDlqJW9k3gMNOAlXkEESpfkF9T6zIZvOCSS/Zy9hESYz1y5WAd
iS3fYJw9xD5EcHwGcHKjUWRT8mUWJ6SNXjCwghZiN3Y/J3T/n0Uu80Q2vkKcY1o/
nVAlK63430zRCKlMa2I3dKxWo0ib1Htn7Xna+UZgFTvIQDFzogTZSrisnmoO+Pwn
J3HGZRmmW72G2gdIv7G8qGxRBIsB4Y3lxtZuPDyj65abLa2W5RDuuyiIhwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFLZ5MsGvmH2BSnWuad10VymLpihYMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvdG5reXdhLVlmWUZLZGE1cDNYUlhLWXVtS0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgdYEAgABMIHPAwQF
LiFAMAsDAwA+KQMEAj4pGAMEAD4pIAMEAD4pJTAMAwQDPik4AwQBPilUAwQAPilm
AwQAPimgAwQCPoQAAwQCPoQQAwQBPoQYAwQAPoQcAwQBPoQqMAwDBAE+hHIDBAE+
hHQDBAE+hIQDBAdNQwADBAZNTYADBAZXd0ADBAZZlYAwCwMDAFxHAwQGXEeAAwMA
ht4DBASNiGADBAK5oCgDBALCeTQDAwDDjwMEBtRzgAMEB9TdAAMDANTeAwQG1chA
AwQG1fsAAwQG1f7AMBQEAgACMA4DBQMgAQZoAwUAKgAXUDANBgkqhkiG9w0BAQsF
AAOCAQEAbypdjXQtRVER1UGjjfTx1aYYq3RrFcsI67GDIntJ9EV8lXCkLRAbn9P5
9YaB5xPaLHj4qkjpPhbwnPLgmqdWDJ0qo4k+TYdiElYfDLxmGxCW0jl90P5/NLEv
3bohZXOlGC0MDo7GyMfKVTKePWE9uW9x2l2dWirCV5cKwwn0DRtSefkbeX5xIHQL
KQ8HsEadyuSICts144r2tO2+B0wWCc0SZHKihfvScHr6+n/UN/G+I5y4GflQB2Nn
zsmEbW1Yv6oKIGwaFh2D9u9F2BfkV310ziWBKo/yjcM+SVSxZ3RpmXn0mWEem8kU
3ukcX6fGaeOGx51nNBPU1ecgnvuQSQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:18 2025 by rpki-client