Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/TLneU3mnDVlx4s98G37iNBXG9p4.roa
File: TLneU3mnDVlx4s98G37iNBXG9p4.roa (raw, json)
Hash identifier: Nu+S6tp8RKkFqixUaSPQkMGFPUv4ZUyMC8i+MnczBdE=
Subject key identifier: 4C:B9:DE:53:79:A7:0D:59:71:E2:CF:7C:1B:7E:E2:34:15:C6:F6:9E
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 01865F0E98EB237CBD09332E9080DC4A6DCE
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/TLneU3mnDVlx4s98G37iNBXG9p4.roa
Signing time: Fri 17 Feb 2023 11:07:17 +0000
ROA not before: Fri 17 Feb 2023 11:07:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204603
IP address blocks: 77.73.133.0/24 maxlen: 24
77.73.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:0e:98:eb:23:7c:bd:09:33:2e:90:80:dc:4a:6d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Feb 17 11:07:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb9de5379a70d5971e2cf7c1b7ee23415c6f69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:de:72:d4:92:97:81:bb:29:f2:dc:77:aa:fc:
f1:e2:54:ee:a2:e5:e5:4c:bc:fb:47:0e:2b:18:90:
8e:40:60:ab:eb:85:f8:a6:cf:f0:d8:32:4a:5f:d2:
e5:5b:07:b9:9e:a8:e1:8e:b0:c6:8f:1b:55:5d:a5:
c5:e6:f6:dc:7e:6e:01:77:d5:bc:d4:8d:cf:5d:b8:
f6:b7:8c:33:c8:1e:39:54:78:6e:ed:e9:93:de:7c:
33:a9:f8:f2:4a:31:ea:d2:a1:ad:02:af:32:17:a1:
47:7e:d0:58:29:cc:f2:ac:57:7f:f9:19:d6:10:42:
0f:86:c1:05:8e:6d:27:55:c0:ac:29:e3:12:d1:23:
5d:d2:9e:d9:ae:49:7f:ac:44:1b:12:a2:70:d2:65:
46:3c:5f:9b:bf:40:8d:e1:d5:c3:b5:ff:3c:26:0a:
3e:f9:cc:f5:74:2d:4e:38:55:aa:48:47:ef:1c:c9:
1a:1a:a1:1f:16:72:55:9b:51:4e:fb:b4:e8:24:af:
98:4c:b2:52:39:19:3f:58:33:e7:0e:4b:56:e5:0b:
f3:a0:44:48:31:04:d4:e7:bd:d1:7d:e6:55:af:9f:
38:d7:3e:68:6a:14:83:e3:6d:81:8d:b5:bb:2b:f2:
dc:48:63:bb:f7:91:87:85:ad:d1:73:65:3d:ed:7e:
31:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B9:DE:53:79:A7:0D:59:71:E2:CF:7C:1B:7E:E2:34:15:C6:F6:9E
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/TLneU3mnDVlx4s98G37iNBXG9p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.133.0-77.73.134.255
Signature Algorithm: sha256WithRSAEncryption
23:8b:49:75:19:0f:e4:77:d0:db:f2:db:c1:ee:d5:aa:4e:c6:
2f:68:a4:3d:b7:66:a6:ab:a5:73:d5:a3:a5:a4:8a:41:82:8b:
88:14:4c:56:49:cf:71:d5:45:9c:5f:dd:61:79:85:68:1e:b8:
6e:1d:7d:58:cf:af:3f:38:3c:84:e5:4e:82:fc:d1:ab:7c:04:
ac:dd:8b:43:bf:8e:77:ab:1c:5b:40:a6:22:3c:d6:40:ef:88:
d5:b0:cc:46:75:50:c0:3f:91:ec:58:56:c2:37:e2:47:f7:aa:
ae:e3:74:4f:ff:73:21:84:b0:c4:76:df:b8:aa:e7:f7:7e:fc:
4a:f2:04:31:c6:b1:e4:77:93:86:56:60:76:f3:78:02:6b:a0:
a8:60:0a:4a:a3:40:94:1d:43:df:4c:9f:c4:23:ad:17:40:c0:
7b:c5:70:e7:9d:25:e9:8b:58:9a:c6:14:08:45:ae:68:30:33:
87:fa:fc:66:46:af:90:30:73:87:e7:cd:f7:e1:a1:34:91:e1:
74:51:8e:9d:ca:2d:db:ae:29:26:91:11:79:86:89:3e:5a:e6:
f4:2f:b3:ef:04:28:9d:43:7f:c4:b2:46:dd:1f:69:db:b0:51:
4b:87:16:ca:bb:63:44:ef:24:e8:ee:b1:d8:a6:e0:a4:4d:23:
e6:0d:f8:e6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYZfDpjrI3y9CTMukIDcSm3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjMwMjE3MTEwNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I5ZGU1Mzc5YTcwZDU5NzFlMmNmN2MxYjdlZTIzNDE1YzZmNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp95y1JKXgbsp8tx3qvzx4lTuouXl
TLz7Rw4rGJCOQGCr64X4ps/w2DJKX9LlWwe5nqjhjrDGjxtVXaXF5vbcfm4Bd9W8
1I3PXbj2t4wzyB45VHhu7emT3nwzqfjySjHq0qGtAq8yF6FHftBYKczyrFd/+RnW
EEIPhsEFjm0nVcCsKeMS0SNd0p7Zrkl/rEQbEqJw0mVGPF+bv0CN4dXDtf88Jgo+
+cz1dC1OOFWqSEfvHMkaGqEfFnJVm1FO+7ToJK+YTLJSORk/WDPnDktW5QvzoERI
MQTU573RfeZVr5841z5oahSD422BjbW7K/LcSGO795GHha3Rc2U97X4xIwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEy53lN5pw1ZceLPfBt+4jQVxvaeMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvVExuZVUzbW5EVmx4NHM5OEczN2lOQlhHOXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABNSYUD
BABNSYYwDQYJKoZIhvcNAQELBQADggEBACOLSXUZD+R30Nvy28Hu1apOxi9opD23
ZqarpXPVo6WkikGCi4gUTFZJz3HVRZxf3WF5hWgeuG4dfVjPrz84PITlToL80at8
BKzdi0O/jnerHFtApiI81kDviNWwzEZ1UMA/kexYVsI34kf3qq7jdE//cyGEsMR2
37iq5/d+/EryBDHGseR3k4ZWYHbzeAJroKhgCkqjQJQdQ99Mn8QjrRdAwHvFcOed
JemLWJrGFAhFrmgwM4f6/GZGr5Awc4fnzffhoTSR4XRRjp3KLduuKSaREXmGiT5a
5vQvs+8EKJ1Df8SyRt0faduwUUuHFsq7Y0TvJOjusdim4KRNI+YN+OY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:25:17 2025 by rpki-client