Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/tlapdRUwy4U4vEeKII0ukt51HEI.roa
File: tlapdRUwy4U4vEeKII0ukt51HEI.roa (raw, json)
Hash identifier: MAhHj0Wy7VtGjDJktRRyJcnP6gX9Cd42VS3PGh4g1tc=
Subject key identifier: B6:56:A9:75:15:30:CB:85:38:BC:47:8A:20:8D:2E:92:DE:75:1C:42
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 018B808E5EFBC7EF491EB3C574EBD7C71829
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/tlapdRUwy4U4vEeKII0ukt51HEI.roa
Signing time: Mon 30 Oct 2023 12:28:15 +0000
ROA not before: Mon 30 Oct 2023 12:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 37.221.72.0/22 maxlen: 24
2a09:ea00::/40 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:8e:5e:fb:c7:ef:49:1e:b3:c5:74:eb:d7:c7:18:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Oct 30 12:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b656a9751530cb8538bc478a208d2e92de751c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ad:c4:a9:51:7d:56:59:7f:5d:b2:34:b7:f3:
00:d8:19:da:8f:0e:ce:84:f1:8d:df:13:51:c9:73:
0e:a3:0d:65:09:9e:3c:8d:45:43:4e:b7:d2:b2:42:
f0:dc:46:97:e6:2b:62:6f:18:af:ed:ef:46:43:65:
89:2d:c4:ad:05:2a:79:b0:3c:05:a4:64:0b:3f:45:
cc:d1:e4:36:37:0e:d6:19:a4:33:2a:2b:67:47:6f:
7d:e7:40:27:2e:3d:e7:75:50:b6:d8:1a:ae:a8:d3:
fa:97:42:19:d8:33:f1:f8:85:74:52:21:81:2f:ee:
fb:fc:d7:9e:f0:27:9e:87:ec:8e:26:6e:cf:5a:96:
db:25:a0:cc:a3:57:12:b2:66:41:23:8f:3f:38:f6:
25:69:1e:36:69:57:ee:4e:90:d8:16:f2:10:2d:22:
c8:85:ac:27:3c:4a:a6:7a:ac:14:d4:f2:32:36:71:
52:fe:d6:28:c5:92:af:24:82:cf:d0:29:4a:2a:51:
3c:25:5e:bc:c9:b4:85:e8:cc:f7:0b:42:a7:05:3c:
4c:e9:62:ff:06:d0:aa:58:78:9b:f9:5c:7e:d2:12:
b0:dd:1a:28:8a:60:a5:63:ce:99:a7:4c:c6:00:9f:
b8:db:a7:9a:6b:ea:1e:69:dc:2a:e7:59:30:28:c2:
8c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:56:A9:75:15:30:CB:85:38:BC:47:8A:20:8D:2E:92:DE:75:1C:42
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/tlapdRUwy4U4vEeKII0ukt51HEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
78:76:fc:c5:b9:d2:18:8a:ee:c5:c9:78:84:c4:26:7d:09:d7:
56:21:8a:62:b5:db:69:ae:96:b0:01:b6:5f:bb:70:50:4d:b3:
f6:ab:de:be:1f:b3:5a:ed:27:13:de:e2:28:a8:ff:bc:91:0e:
6e:fb:3a:d7:d3:6f:b7:50:c4:0f:f6:63:49:af:52:65:be:47:
66:40:46:15:ab:fa:24:3a:8a:19:7d:c8:62:9c:e5:1a:39:12:
d1:27:f8:6b:d1:09:5c:7a:58:57:1a:14:33:11:16:c7:44:f0:
6d:29:65:fa:9b:53:14:8f:aa:0d:5b:0d:5b:27:fa:0d:32:f4:
41:5f:6d:92:dd:f7:36:97:f3:6c:f7:eb:a8:22:27:05:26:aa:
28:65:71:48:79:08:ef:1e:95:75:52:aa:75:cb:4f:fb:1b:a2:
bf:90:63:24:82:b2:6b:18:2f:d1:9e:a3:50:5e:fb:d8:94:88:
53:38:ca:77:c4:bc:21:3a:a5:2b:da:e9:44:80:04:a9:fd:0f:
23:a7:6e:66:00:48:f5:a6:0a:cd:0c:ca:1d:a2:b9:13:44:b7:
d2:13:2c:ff:18:60:0f:da:6b:7d:20:72:66:08:0b:be:ce:15:
dc:93:f3:04:e1:a7:f3:ad:22:21:98:fb:f1:29:ad:0f:64:92:
a6:1a:c9:31
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuAjl77x+9JHrPFdOvXxxgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjMxMDMwMTIyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU2YTk3NTE1MzBjYjg1MzhiYzQ3OGEyMDhkMmU5MmRlNzUxYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq3EqVF9Vll/XbI0t/MA2Bnajw7O
hPGN3xNRyXMOow1lCZ48jUVDTrfSskLw3EaX5itibxiv7e9GQ2WJLcStBSp5sDwF
pGQLP0XM0eQ2Nw7WGaQzKitnR29950AnLj3ndVC22BquqNP6l0IZ2DPx+IV0UiGB
L+77/Nee8Ceeh+yOJm7PWpbbJaDMo1cSsmZBI48/OPYlaR42aVfuTpDYFvIQLSLI
hawnPEqmeqwU1PIyNnFS/tYoxZKvJILP0ClKKlE8JV68ybSF6Mz3C0KnBTxM6WL/
BtCqWHib+Vx+0hKw3RooimClY86Zp0zGAJ+426eaa+oeadwq51kwKMKMFQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLZWqXUVMMuFOLxHiiCNLpLedRxCMB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvdGxhcGRSVXd5NFU0dkVlS0lJMHVrdDUxSEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E
AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEAeHb8xbnSGIruxcl4hMQm
fQnXViGKYrXbaa6WsAG2X7twUE2z9qvevh+zWu0nE97iKKj/vJEObvs619Nvt1DE
D/ZjSa9SZb5HZkBGFav6JDqKGX3IYpzlGjkS0Sf4a9EJXHpYVxoUMxEWx0TwbSll
+ptTFI+qDVsNWyf6DTL0QV9tkt33NpfzbPfrqCInBSaqKGVxSHkI7x6VdVKqdctP
+xuiv5BjJIKyaxgv0Z6jUF772JSIUzjKd8S8ITqlK9rpRIAEqf0PI6duZgBI9aYK
zQzKHaK5E0S30hMs/xhgD9prfSByZggLvs4V3JPzBOGn860iIZj78SmtD2SSphrJ
MQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:28 2025 by rpki-client