Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/TLGwLNW0wvaE8csRw-vgJmZISkI.roa
File: TLGwLNW0wvaE8csRw-vgJmZISkI.roa (raw, json)
Hash identifier: 4zfb/KWMGrQgg0uUIA+r/LlttsZTp2Oi38xCkUGames=
Subject key identifier: 4C:B1:B0:2C:D5:B4:C2:F6:84:F1:CB:11:C3:EB:E0:26:66:48:4A:42
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 0186DF75A34DD3F69591921ADA48BA3E70D6
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/TLGwLNW0wvaE8csRw-vgJmZISkI.roa
Signing time: Tue 14 Mar 2023 09:31:13 +0000
ROA not before: Tue 14 Mar 2023 09:31:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34691
IP address blocks: 91.233.252.0/23 maxlen: 23
45.136.110.0/24 maxlen: 24
194.69.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:75:a3:4d:d3:f6:95:91:92:1a:da:48:ba:3e:70:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Mar 14 09:31:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb1b02cd5b4c2f684f1cb11c3ebe02666484a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:e7:0f:52:a7:db:a0:24:40:94:1d:51:ba:
cb:90:66:d2:93:f1:0d:0a:1f:b0:40:50:12:5f:7b:
23:6d:52:f2:2e:fa:f5:40:1a:ba:9a:4b:f5:c8:eb:
9c:01:8a:2c:48:0b:0a:13:28:d5:75:6f:e9:2d:7c:
cb:4e:ac:62:3e:91:b2:0e:88:48:0b:b3:6d:fd:0d:
99:04:fe:e6:1a:ae:8c:31:09:b1:39:a7:83:6c:f7:
35:26:69:76:a5:c5:35:7d:b8:8a:e3:91:8e:45:2a:
86:c7:d4:e3:03:ae:d2:19:61:82:06:d0:4e:01:df:
5b:93:b5:27:4e:75:d0:27:4c:3b:12:9e:dc:61:ca:
42:c4:02:13:0b:05:7d:22:36:7b:2f:4d:87:fa:52:
55:2b:f8:90:26:02:2e:72:a5:91:b1:f1:7b:45:fd:
84:dd:e3:93:93:0c:b2:22:dd:0b:25:2d:b7:15:5a:
45:29:8c:2e:f4:f4:a4:3a:b3:20:0f:66:3a:29:af:
54:6d:bb:fa:37:9b:a1:68:77:8b:50:13:59:99:bc:
48:6e:ac:8b:cb:f0:95:e4:2d:02:e4:c0:3c:0c:f9:
8d:ca:2a:9c:2e:0c:62:eb:c9:e9:3b:ea:f2:ae:68:
d5:8c:f3:be:e3:21:9e:b1:2d:e3:71:d1:04:93:b1:
50:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B1:B0:2C:D5:B4:C2:F6:84:F1:CB:11:C3:EB:E0:26:66:48:4A:42
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/TLGwLNW0wvaE8csRw-vgJmZISkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.110.0/24
91.233.252.0/23
194.69.60.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:21:9e:37:46:32:6b:c9:02:39:a4:a4:d9:cf:03:a4:b1:f6:
7e:e4:bf:4d:87:01:e8:ee:f8:a9:79:24:90:32:89:2d:bc:7b:
08:36:b0:b3:74:7a:d0:68:48:7f:85:cd:64:27:b8:0f:d5:74:
59:e0:69:57:be:87:1d:21:ca:7a:c8:71:d8:f5:55:29:29:4e:
47:fb:83:78:02:40:ca:e2:9f:c2:16:91:53:03:d9:59:6e:e6:
3f:60:90:0e:cd:2a:d0:a6:89:ea:f3:27:da:81:0d:8a:99:69:
48:00:17:2e:f9:00:ea:fb:5b:f5:d2:36:d5:53:c9:a8:8f:44:
70:3e:bc:e1:d8:92:ca:07:c7:dc:d3:73:0f:2f:bf:0f:fc:9f:
50:8b:fc:91:bd:17:7a:db:45:00:96:0e:9c:0d:9d:f1:15:10:
0a:2a:d2:a2:df:9f:6a:93:c2:b1:a8:05:00:ec:00:cd:ef:fc:
0c:be:c6:36:9a:a3:be:a4:09:08:de:9a:fe:82:76:5b:d9:2c:
cc:f7:92:49:6b:d8:2f:bc:e0:3f:d2:30:18:29:1b:11:4f:38:
9f:30:91:65:26:ce:1f:a8:2d:d2:8a:68:8b:8e:32:38:69:f3:
7f:a5:26:d9:e0:13:c7:77:00:51:a7:82:0d:fb:e6:e2:dc:13:
08:c0:eb:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbfdaNN0/aVkZIa2ki6PnDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjMwMzE0MDkzMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2IxYjAyY2Q1YjRjMmY2ODRmMWNiMTFjM2ViZTAyNjY2NDg0YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTznD1Kn26AkQJQdUbrLkGbSk/EN
Ch+wQFASX3sjbVLyLvr1QBq6mkv1yOucAYosSAsKEyjVdW/pLXzLTqxiPpGyDohI
C7Nt/Q2ZBP7mGq6MMQmxOaeDbPc1Jml2pcU1fbiK45GORSqGx9TjA67SGWGCBtBO
Ad9bk7UnTnXQJ0w7Ep7cYcpCxAITCwV9IjZ7L02H+lJVK/iQJgIucqWRsfF7Rf2E
3eOTkwyyIt0LJS23FVpFKYwu9PSkOrMgD2Y6Ka9Ubbv6N5uhaHeLUBNZmbxIbqyL
y/CV5C0C5MA8DPmNyiqcLgxi68npO+ryrmjVjPO+4yGesS3jcdEEk7FQOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEyxsCzVtML2hPHLEcPr4CZmSEpCMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvVExHd0xOVzB3dmFFOGNzUnctdmdKbVpJU2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYhuAwQB
W+n8AwQCwkU8MA0GCSqGSIb3DQEBCwUAA4IBAQA/IZ43RjJryQI5pKTZzwOksfZ+
5L9NhwHo7vipeSSQMoktvHsINrCzdHrQaEh/hc1kJ7gP1XRZ4GlXvocdIcp6yHHY
9VUpKU5H+4N4AkDK4p/CFpFTA9lZbuY/YJAOzSrQponq8yfagQ2KmWlIABcu+QDq
+1v10jbVU8moj0RwPrzh2JLKB8fc03MPL78P/J9Qi/yRvRd620UAlg6cDZ3xFRAK
KtKi359qk8KxqAUA7ADN7/wMvsY2mqO+pAkI3pr+gnZb2SzM95JJa9gvvOA/0jAY
KRsRTzifMJFlJs4fqC3SimiLjjI4afN/pSbZ4BPHdwBRp4IN++bi3BMIwOsa
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:33:28 2025 by rpki-client