Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/TNGICaa8_3f1NlL5Kk0R5ovKrUU.roa
File: TNGICaa8_3f1NlL5Kk0R5ovKrUU.roa (raw, json)
Hash identifier: gXiEMFqwj/rVgKhbgEdSP4hVdeyJjasUM25HimgifM8=
Subject key identifier: 4C:D1:88:09:A6:BC:FF:77:F5:36:52:F9:2A:4D:11:E6:8B:CA:AD:45
Certificate issuer: /CN=8c6eadb8659bc734dccb29f638421036bb922e36
Certificate serial: 01853F03E7671A3DA1AA872E25C7A16F7145
Authority key identifier: 8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/TNGICaa8_3f1NlL5Kk0R5ovKrUU.roa
Signing time: Fri 23 Dec 2022 12:44:58 +0000
ROA not before: Fri 23 Dec 2022 12:44:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 45.13.124.0/22 maxlen: 24
185.96.40.0/22 maxlen: 24
2a03:fd80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:03:e7:67:1a:3d:a1:aa:87:2e:25:c7:a1:6f:71:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c6eadb8659bc734dccb29f638421036bb922e36
Validity
Not Before: Dec 23 12:44:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cd18809a6bcff77f53652f92a4d11e68bcaad45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c1:1b:5b:63:b3:ec:d5:9c:ec:29:fa:6c:66:
9e:3d:63:bd:b0:a0:7e:03:0c:db:9e:01:fd:6f:40:
3a:1c:44:ed:81:68:b3:72:dc:80:4d:54:15:3f:a9:
77:46:cf:3a:d9:af:a1:81:d3:31:cb:91:89:e1:00:
3d:c3:92:18:e3:bc:fe:1e:43:00:40:d7:f5:14:5c:
e5:f5:6c:50:af:45:4b:7e:43:45:8f:ed:d0:7b:a0:
07:69:a6:6d:66:0b:5e:59:fa:3e:c0:12:c9:4b:2f:
2e:71:3b:31:7f:f4:4d:d6:9b:45:88:d7:5f:6f:73:
99:26:55:11:de:f2:5e:fd:cb:95:4e:c7:75:0f:5b:
74:7a:83:40:0c:57:aa:fa:fc:8a:09:3b:61:be:6a:
05:79:f0:33:e6:9d:ec:68:06:5c:52:c8:13:3d:3e:
b3:ed:7b:00:04:0f:09:3c:8c:cc:4e:2c:06:69:94:
5a:20:99:0b:96:85:3c:44:b6:b9:a9:1a:96:a1:06:
48:e1:c8:78:a6:e2:5f:4a:69:4e:75:ec:5f:7d:3e:
a6:20:60:39:9e:32:3e:b5:b0:95:62:c7:80:86:d8:
1a:92:a4:e4:a8:d6:38:02:fb:5c:46:23:2b:92:ce:
8e:f5:57:ce:89:bd:25:4c:e7:57:31:be:c6:46:e7:
45:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D1:88:09:A6:BC:FF:77:F5:36:52:F9:2A:4D:11:E6:8B:CA:AD:45
X509v3 Authority Key Identifier:
keyid:8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/TNGICaa8_3f1NlL5Kk0R5ovKrUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/jG6tuGWbxzTcyyn2OEIQNruSLjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.124.0/22
185.96.40.0/22
IPv6:
2a03:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
89:94:87:7c:c6:ce:36:e1:01:b5:19:70:fd:f0:06:c9:3f:e9:
ed:d0:0f:50:e6:f7:9f:77:71:26:b2:ee:8c:9b:05:72:18:6e:
1b:33:05:46:43:ec:0b:69:e7:4b:71:c1:7f:1f:5a:cc:da:24:
21:d5:c3:52:f9:88:2e:b4:57:e5:fa:b4:4c:64:a6:b4:a6:2e:
56:50:e1:3d:87:34:be:cc:0c:c4:81:39:fc:24:e7:04:f0:dc:
53:c5:63:ab:e4:c7:c2:0c:4c:f1:1a:68:ab:82:0f:3d:8d:f0:
be:ab:69:59:a8:48:ab:6d:8a:34:1f:e3:d0:fc:53:8b:2e:23:
ed:6e:04:41:6c:04:2b:07:59:51:2c:3d:9a:ea:42:b3:50:e0:
04:54:ed:f7:0a:5d:5d:1c:3a:90:82:22:9c:55:21:bc:3b:a6:
b4:77:63:9a:e6:a1:86:0f:97:0a:48:d0:b4:4c:d1:f8:f1:99:
4f:33:6c:a4:d3:5f:03:87:7c:e5:e8:f0:2d:24:78:b5:c0:7b:
82:5d:c8:3d:85:86:7a:e6:15:50:ba:a7:e2:10:28:d8:09:72:
31:61:cc:f6:1b:e2:4e:d7:36:a3:7f:89:e0:54:c6:ae:87:af:
bb:1a:8f:76:c4:f8:a2:d4:73:fb:4c:46:00:41:06:8a:9e:db:
95:a4:b3:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYU/A+dnGj2hqocuJcehb3FFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNmVhZGI4NjU5YmM3MzRkY2NiMjlmNjM4NDIxMDM2YmI5
MjJlMzYwHhcNMjIxMjIzMTI0NDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2QxODgwOWE2YmNmZjc3ZjUzNjUyZjkyYTRkMTFlNjhiY2FhZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncEbW2Oz7NWc7Cn6bGaePWO9sKB+
AwzbngH9b0A6HETtgWizctyATVQVP6l3Rs862a+hgdMxy5GJ4QA9w5IY47z+HkMA
QNf1FFzl9WxQr0VLfkNFj+3Qe6AHaaZtZgteWfo+wBLJSy8ucTsxf/RN1ptFiNdf
b3OZJlUR3vJe/cuVTsd1D1t0eoNADFeq+vyKCTthvmoFefAz5p3saAZcUsgTPT6z
7XsABA8JPIzMTiwGaZRaIJkLloU8RLa5qRqWoQZI4ch4puJfSmlOdexffT6mIGA5
njI+tbCVYseAhtgakqTkqNY4AvtcRiMrks6O9VfOib0lTOdXMb7GRudFbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEzRiAmmvP939TZS+SpNEeaLyq1FMB8GA1UdIwQY
MBaAFIxurbhlm8c03Msp9jhCEDa7ki42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQt
NjY0NWRkM2Q2MjRiLzEvVE5HSUNhYThfM2YxTmxMNUtrMFI1b3ZLclVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQtNjY0NWRkM2Q2MjRi
LzEvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ18AwQC
uWAoMA0EAgACMAcDBQMqA/2AMA0GCSqGSIb3DQEBCwUAA4IBAQCJlId8xs424QG1
GXD98AbJP+nt0A9Q5vefd3Emsu6MmwVyGG4bMwVGQ+wLaedLccF/H1rM2iQh1cNS
+YgutFfl+rRMZKa0pi5WUOE9hzS+zAzEgTn8JOcE8NxTxWOr5MfCDEzxGmirgg89
jfC+q2lZqEirbYo0H+PQ/FOLLiPtbgRBbAQrB1lRLD2a6kKzUOAEVO33Cl1dHDqQ
giKcVSG8O6a0d2Oa5qGGD5cKSNC0TNH48ZlPM2yk018Dh3zl6PAtJHi1wHuCXcg9
hYZ65hVQuqfiECjYCXIxYcz2G+JO1zajf4ngVMauh6+7Go92xPii1HP7TEYAQQaK
ntuVpLMy
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:09:55 2025 by rpki-client