Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/TLLamjUe3yKnAitnvaR49XQzFqk.roa
File: TLLamjUe3yKnAitnvaR49XQzFqk.roa (raw, json)
Hash identifier: vouaLiXj75yjH3IEY/CAnPu4eNXbMRx/M7j3c/a8scE=
Subject key identifier: 4C:B2:DA:9A:35:1E:DF:22:A7:02:2B:67:BD:A4:78:F5:74:33:16:A9
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 0189FCCE54A780908814827C82706F9FC633
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/TLLamjUe3yKnAitnvaR49XQzFqk.roa
Signing time: Wed 16 Aug 2023 05:25:27 +0000
ROA not before: Wed 16 Aug 2023 05:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 37.0.9.0/24 maxlen: 24
37.0.13.0/24 maxlen: 24
37.0.12.0/24 maxlen: 24
85.202.170.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fc:ce:54:a7:80:90:88:14:82:7c:82:70:6f:9f:c6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Aug 16 05:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb2da9a351edf22a7022b67bda478f5743316a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:10:ef:34:1e:d9:17:38:9b:90:80:ff:a5:
ac:1d:ec:f2:e5:82:a9:f6:3f:18:1e:07:8c:87:d3:
2d:f6:c1:bc:94:e2:37:60:ae:96:0b:78:3b:c5:8a:
f4:6c:eb:0c:16:c5:32:3f:30:0c:2d:6c:08:57:28:
5a:e0:dd:60:22:d0:df:e9:a5:7d:3c:8d:53:b4:40:
c5:6c:04:06:af:51:09:b2:07:c3:fc:b9:5f:29:07:
13:d0:da:1e:bc:95:ac:17:0c:23:f3:33:02:0b:be:
76:c5:2c:2c:8b:95:83:0a:90:58:55:ac:af:d2:3b:
42:74:95:5c:49:54:f7:d9:87:be:49:19:45:94:49:
71:51:65:43:05:a7:88:a1:06:a5:42:9b:bb:b4:e5:
a3:9e:f6:b6:f8:5a:82:d1:c7:2f:55:62:0a:93:e8:
7c:d7:12:75:e7:df:51:4e:08:e0:a3:76:49:74:03:
4d:92:34:ff:15:60:b0:43:40:b9:0e:ee:04:43:f0:
c9:01:ee:9a:3b:25:f0:9e:cd:b0:cb:c0:63:00:03:
46:03:5e:b3:3d:5d:2c:79:43:c2:d6:6c:32:45:50:
10:67:9f:6c:23:d9:56:46:15:ba:91:e2:aa:72:1f:
88:b8:47:86:16:4c:af:5e:eb:cd:a6:fe:9d:a6:01:
f8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B2:DA:9A:35:1E:DF:22:A7:02:2B:67:BD:A4:78:F5:74:33:16:A9
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/TLLamjUe3yKnAitnvaR49XQzFqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.9.0/24
37.0.12.0/23
85.202.170.0/23
Signature Algorithm: sha256WithRSAEncryption
49:df:5b:c3:74:99:50:9a:ac:5e:dd:a5:95:fe:ca:27:0d:18:
0b:b0:fb:fb:65:e5:55:4a:b3:27:fc:81:94:8c:5f:94:69:9b:
11:4f:45:3a:09:b2:4f:a8:e4:4b:bd:34:46:9c:72:a3:d2:92:
6b:f6:7d:a0:59:8e:d5:c5:51:00:ad:08:56:58:77:f7:09:bd:
44:5c:cf:13:7e:05:28:7c:49:5f:a0:85:89:38:1d:60:94:68:
ce:08:27:ee:7e:9e:fb:b4:ff:b6:61:90:cc:ed:0f:68:de:02:
d2:a9:09:c2:ac:0a:32:53:3a:35:ee:03:e9:1e:1e:36:cb:d1:
d3:87:5b:f1:9f:df:b6:49:46:bc:87:14:5e:94:34:6d:4b:44:
ab:9a:01:26:97:c1:73:c6:37:fc:7b:88:9f:b4:6b:f3:fb:aa:
74:bf:51:23:c6:bb:e2:64:4d:c4:97:90:73:a1:85:98:34:04:
80:90:bb:4c:fe:10:24:40:59:e8:b7:17:17:c1:80:3a:f7:f7:
a4:a2:b4:52:46:f7:09:b8:e8:03:c1:d2:84:2a:13:b1:ed:ba:
7b:01:bb:50:b9:8d:ed:8b:9a:b5:70:46:1c:31:c5:2d:58:51:
e1:66:82:5f:08:9d:7c:4c:6d:9f:f5:b1:5e:3c:1b:f8:69:1e:
dd:4b:98:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn8zlSngJCIFIJ8gnBvn8YzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMwODE2MDUyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2IyZGE5YTM1MWVkZjIyYTcwMjJiNjdiZGE0NzhmNTc0MzMxNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc4Q7zQe2Rc4m5CA/6WsHezy5YKp
9j8YHgeMh9Mt9sG8lOI3YK6WC3g7xYr0bOsMFsUyPzAMLWwIVyha4N1gItDf6aV9
PI1TtEDFbAQGr1EJsgfD/LlfKQcT0NoevJWsFwwj8zMCC752xSwsi5WDCpBYVayv
0jtCdJVcSVT32Ye+SRlFlElxUWVDBaeIoQalQpu7tOWjnva2+FqC0ccvVWIKk+h8
1xJ1599RTgjgo3ZJdANNkjT/FWCwQ0C5Du4EQ/DJAe6aOyXwns2wy8BjAANGA16z
PV0seUPC1mwyRVAQZ59sI9lWRhW6keKqch+IuEeGFkyvXuvNpv6dpgH4KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEyy2po1Ht8ipwIrZ72kePV0MxapMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvVExMYW1qVWUzeUtuQWl0bnZhUjQ5WFF6RnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJQAJAwQB
JQAMAwQBVcqqMA0GCSqGSIb3DQEBCwUAA4IBAQBJ31vDdJlQmqxe3aWV/sonDRgL
sPv7ZeVVSrMn/IGUjF+UaZsRT0U6CbJPqORLvTRGnHKj0pJr9n2gWY7VxVEArQhW
WHf3Cb1EXM8TfgUofElfoIWJOB1glGjOCCfufp77tP+2YZDM7Q9o3gLSqQnCrAoy
Uzo17gPpHh42y9HTh1vxn9+2SUa8hxRelDRtS0SrmgEml8Fzxjf8e4iftGvz+6p0
v1EjxrviZE3El5BzoYWYNASAkLtM/hAkQFnotxcXwYA69/ekorRSRvcJuOgDwdKE
KhOx7bp7AbtQuY3ti5q1cEYcMcUtWFHhZoJfCJ18TG2f9bFePBv4aR7dS5jg
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:32 2025 by rpki-client