Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tlUkKvLuThgNwpIMXUWmsXrKIao.roa
File: tlUkKvLuThgNwpIMXUWmsXrKIao.roa (raw, json)
Hash identifier: deoeVUfoPF5LmIQVDr7JXk0+EglsRL6zNygQQeUB9Ag=
Subject key identifier: B6:55:24:2A:F2:EE:4E:18:0D:C2:92:0C:5D:45:A6:B1:7A:CA:21:AA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0185E838CA3C8B11A525A5B6DC5376F65312
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tlUkKvLuThgNwpIMXUWmsXrKIao.roa
Signing time: Wed 25 Jan 2023 09:18:33 +0000
ROA not before: Wed 25 Jan 2023 09:18:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 81.168.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:38:ca:3c:8b:11:a5:25:a5:b6:dc:53:76:f6:53:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 25 09:18:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b655242af2ee4e180dc2920c5d45a6b17aca21aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bc:a8:d6:ac:37:0c:65:7e:39:f3:d8:55:a6:
b4:27:45:e8:16:85:91:a0:fe:b1:95:cc:d9:f3:ea:
30:87:59:68:7e:86:0f:eb:f0:e2:7e:f9:7b:f8:74:
0d:ea:c1:8f:00:14:51:39:ce:cc:74:3b:bb:04:96:
c6:89:77:80:f7:d5:14:04:97:d7:25:b5:59:04:8e:
be:ad:9a:02:b7:07:77:7b:e3:ae:e7:de:76:de:82:
f5:d0:1f:6e:17:8f:80:63:87:d4:5b:04:30:3c:95:
31:d8:e4:72:56:60:4f:fc:65:fe:8f:af:18:17:6f:
7c:0e:84:64:20:31:51:46:26:77:cb:3f:53:64:e1:
94:5a:bb:ef:6e:9f:42:67:b3:87:6d:24:14:7a:00:
d8:19:39:d2:7c:8b:67:da:0e:af:88:b0:36:e0:c5:
db:88:ab:98:a8:a0:67:88:14:03:72:bc:ae:be:e1:
2a:fb:fb:da:5f:90:f4:16:03:c2:b6:4e:20:ba:4b:
4a:6e:85:79:c2:ba:d7:a9:38:0f:e3:88:2a:fd:a6:
c2:71:a3:bc:a8:4c:a2:c7:6c:b5:22:76:4e:44:92:
4b:08:c7:2e:1d:f6:5a:06:07:07:a6:1f:ce:32:74:
15:db:bc:c7:42:6d:b5:db:2b:ca:3c:93:2a:a3:49:
ac:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:55:24:2A:F2:EE:4E:18:0D:C2:92:0C:5D:45:A6:B1:7A:CA:21:AA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tlUkKvLuThgNwpIMXUWmsXrKIao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.35.0/24
Signature Algorithm: sha256WithRSAEncryption
84:ae:ba:1c:d8:e6:da:5c:18:ec:0c:30:cd:59:2e:01:cd:f3:
30:c5:eb:17:d6:d8:d6:a2:8d:bd:7d:41:4d:62:93:11:74:4f:
eb:95:bd:fc:52:02:25:ca:1d:74:1b:3c:1b:18:7c:64:20:f9:
a1:4d:78:70:2a:07:f2:c1:4c:5a:b2:1b:b2:4e:8a:04:d6:7f:
62:2a:fd:66:0a:cd:08:75:79:73:16:7b:ad:43:85:9a:38:e4:
d8:1d:b9:63:e4:e0:bb:e3:1a:2c:a8:09:db:8d:db:27:10:8a:
f6:93:bb:1b:f0:95:01:2b:d0:de:cf:b4:f9:51:35:2b:c8:7f:
6e:02:5f:a6:b2:54:f6:32:b2:23:ea:9d:db:89:92:be:20:fe:
f0:c5:f1:bd:07:59:34:1c:37:24:c9:c0:1b:89:7d:11:d0:ee:
eb:f2:e4:15:25:06:09:dc:98:e6:8b:93:c8:35:55:03:68:d9:
60:39:27:89:96:88:c6:c3:79:65:87:53:ff:8f:ea:cf:d4:88:
ce:21:8a:76:cd:65:1d:b3:79:cb:7e:10:f2:ea:38:25:63:d3:
37:80:ff:7a:c0:6a:da:76:37:4b:61:43:75:e4:b7:ea:43:37:
82:b3:aa:87:56:90:8b:a8:ba:f9:61:89:8c:9c:d8:92:13:43:
3f:95:13:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXoOMo8ixGlJaW23FN29lMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTI1MDkxODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU1MjQyYWYyZWU0ZTE4MGRjMjkyMGM1ZDQ1YTZiMTdhY2EyMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7yo1qw3DGV+OfPYVaa0J0XoFoWR
oP6xlczZ8+owh1lofoYP6/Difvl7+HQN6sGPABRROc7MdDu7BJbGiXeA99UUBJfX
JbVZBI6+rZoCtwd3e+Ou59523oL10B9uF4+AY4fUWwQwPJUx2ORyVmBP/GX+j68Y
F298DoRkIDFRRiZ3yz9TZOGUWrvvbp9CZ7OHbSQUegDYGTnSfItn2g6viLA24MXb
iKuYqKBniBQDcryuvuEq+/vaX5D0FgPCtk4guktKboV5wrrXqTgP44gq/abCcaO8
qEyix2y1InZORJJLCMcuHfZaBgcHph/OMnQV27zHQm212yvKPJMqo0msHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZVJCry7k4YDcKSDF1FprF6yiGqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdGxVa0t2THVUaGdOd3BJTVhVV21zWHJLSWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUagjMA0G
CSqGSIb3DQEBCwUAA4IBAQCErroc2ObaXBjsDDDNWS4BzfMwxesX1tjWoo29fUFN
YpMRdE/rlb38UgIlyh10GzwbGHxkIPmhTXhwKgfywUxashuyTooE1n9iKv1mCs0I
dXlzFnutQ4WaOOTYHblj5OC74xosqAnbjdsnEIr2k7sb8JUBK9Dez7T5UTUryH9u
Al+mslT2MrIj6p3biZK+IP7wxfG9B1k0HDckycAbiX0R0O7r8uQVJQYJ3Jjmi5PI
NVUDaNlgOSeJlojGw3llh1P/j+rP1IjOIYp2zWUds3nLfhDy6jglY9M3gP96wGra
djdLYUN15LfqQzeCs6qHVpCLqLr5YYmMnNiSE0M/lRN2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:35 2025 by rpki-client