Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TlN_nIuircwpzweepSygdqd5i7Y.roa
File: TlN_nIuircwpzweepSygdqd5i7Y.roa (raw, json)
Hash identifier: CgFCM5z3hKPl5k4ZwgTFHm0SLl9ljql5EPjVCuQ+qXY=
Subject key identifier: 4E:53:7F:9C:8B:A2:AD:CC:29:CF:07:9E:A5:2C:A0:76:A7:79:8B:B6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018462D4C8A1E4D4F5D000B4AB2FF1AD7A2E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TlN_nIuircwpzweepSygdqd5i7Y.roa
Signing time: Thu 10 Nov 2022 18:37:02 +0000
ROA not before: Thu 10 Nov 2022 18:37:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0f:3d86::/32 maxlen: 32
2a0e:2240:5::/48 maxlen: 48
2a0e:2240:3::/48 maxlen: 48
2a0f:3d85::/32 maxlen: 32
2a0f:a200::/32 maxlen: 32
2a0f:3d81::/32 maxlen: 32
2a0e:2240:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:d4:c8:a1:e4:d4:f5:d0:00:b4:ab:2f:f1:ad:7a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 10 18:37:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e537f9c8ba2adcc29cf079ea52ca076a7798bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:13:5e:fc:70:a3:82:62:68:30:61:17:a3:bc:
f9:e0:98:8e:47:9f:bd:5b:bf:00:da:51:d1:99:e8:
b6:d1:5e:9f:f3:54:5a:33:33:a5:75:51:04:97:e9:
18:da:40:2f:09:ff:8a:66:d0:5d:26:63:14:d4:7c:
23:b7:0c:b3:a4:58:ba:2f:49:99:40:59:ed:52:a5:
3e:b4:fd:90:a8:e6:dc:5f:c0:ce:c5:2d:09:42:a7:
93:b6:f0:7b:c2:4e:64:a2:94:0c:5b:44:46:44:46:
d6:bd:e3:fe:22:58:e0:c4:2b:2b:41:e7:a6:30:72:
c8:5b:d6:df:11:be:bf:3c:75:59:fd:d5:79:24:85:
53:00:7b:41:3c:c9:8a:a0:45:44:b1:6f:fd:c2:2d:
5c:53:aa:c9:11:c0:a0:d4:8e:cd:3a:4f:97:77:90:
5e:f9:ff:6b:b7:c4:43:a8:ad:17:71:f3:9a:58:7b:
5c:aa:2b:04:fe:51:24:c5:00:68:3e:8d:88:39:cf:
01:ea:28:45:28:1e:e4:87:32:f1:84:c5:a1:d7:62:
d4:1f:8e:91:4c:f7:23:84:5f:67:fd:8b:d0:ca:19:
29:dc:79:b5:ac:5f:d0:14:cd:f0:43:be:39:47:63:
c0:21:7c:94:c2:68:10:b3:9d:14:f7:5d:ab:70:04:
57:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:53:7F:9C:8B:A2:AD:CC:29:CF:07:9E:A5:2C:A0:76:A7:79:8B:B6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TlN_nIuircwpzweepSygdqd5i7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2240:3::-2a0e:2240:5:ffff:ffff:ffff:ffff:ffff
2a0f:3d81::/32
2a0f:3d85::-2a0f:3d86:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:a200::/32
Signature Algorithm: sha256WithRSAEncryption
c5:51:b0:f1:dd:f2:59:ec:6d:73:d9:7a:d8:0d:6f:b9:ad:cf:
60:2d:9a:ba:4b:bc:e2:62:7b:b5:4c:2d:18:11:d0:01:3a:5f:
6e:23:75:1c:e5:bd:cd:19:15:5d:90:fd:fe:a6:24:57:7b:18:
5b:a6:f9:76:ce:cf:ad:2b:04:12:e6:f1:97:cf:52:38:63:84:
9f:4e:3b:cc:05:fd:13:3f:cd:fc:13:31:99:32:8b:ae:43:1e:
88:3c:eb:82:07:98:f7:3b:ac:ff:6c:e0:26:ee:44:a7:3e:01:
ec:c0:dc:de:cf:82:61:4d:71:69:90:69:0c:e7:ee:d5:8f:92:
5e:63:e5:b4:18:5a:ce:60:b6:a9:5f:78:16:d2:d2:48:0a:0b:
70:bc:fb:f1:bf:f8:85:79:51:9f:cb:3a:23:bf:05:06:42:9a:
12:34:0b:c7:2d:2f:a0:99:2e:27:a8:38:db:94:89:1c:bb:59:
4e:5d:fd:a3:08:84:f2:f2:7f:99:83:33:bd:16:15:1b:64:a3:
93:cd:bf:36:cf:9a:15:c7:4f:92:ac:31:33:16:a9:18:f2:ba:
bc:6c:47:ca:be:e2:0a:b0:3c:b4:8d:0b:8a:c3:41:a5:00:21:
fc:bc:e9:72:fa:ab:b2:fb:da:29:4e:7a:67:ee:94:6f:ab:13:
60:9b:2f:4a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYRi1Mih5NT10AC0qy/xrXouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTEwMTgzNzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUzN2Y5YzhiYTJhZGNjMjljZjA3OWVhNTJjYTA3NmE3Nzk4YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhNe/HCjgmJoMGEXo7z54JiOR5+9
W78A2lHRmei20V6f81RaMzOldVEEl+kY2kAvCf+KZtBdJmMU1HwjtwyzpFi6L0mZ
QFntUqU+tP2QqObcX8DOxS0JQqeTtvB7wk5kopQMW0RGREbWveP+IljgxCsrQeem
MHLIW9bfEb6/PHVZ/dV5JIVTAHtBPMmKoEVEsW/9wi1cU6rJEcCg1I7NOk+Xd5Be
+f9rt8RDqK0XcfOaWHtcqisE/lEkxQBoPo2IOc8B6ihFKB7khzLxhMWh12LUH46R
TPcjhF9n/YvQyhkp3Hm1rF/QFM3wQ745R2PAIXyUwmgQs50U912rcARX9QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFE5Tf5yLoq3MKc8HnqUsoHaneYu2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVGxOX25JdWlyY3dwendlZXBTeWdkcWQ1aTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAAjAyMBIDBwAqDiJA
AAMDBwEqDiJAAAQDBQAqDz2BMA4DBQAqDz2FAwUAKg89hgMFACoPogAwDQYJKoZI
hvcNAQELBQADggEBAMVRsPHd8lnsbXPZetgNb7mtz2AtmrpLvOJie7VMLRgR0AE6
X24jdRzlvc0ZFV2Q/f6mJFd7GFum+XbOz60rBBLm8ZfPUjhjhJ9OO8wF/RM/zfwT
MZkyi65DHog864IHmPc7rP9s4CbuRKc+AezA3N7PgmFNcWmQaQzn7tWPkl5j5bQY
Ws5gtqlfeBbS0kgKC3C8+/G/+IV5UZ/LOiO/BQZCmhI0C8ctL6CZLieoONuUiRy7
WU5d/aMIhPLyf5mDM70WFRtko5PNvzbPmhXHT5KsMTMWqRjyurxsR8q+4gqwPLSN
C4rDQaUAIfy86XL6q7L72ilOemfulG+rE2CbL0o=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:12 2025 by rpki-client