Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/U5ixX-99W-V3RMo0E5jk9o7KDXs.roa
File: U5ixX-99W-V3RMo0E5jk9o7KDXs.roa (raw, json)
Hash identifier: b8IQeBdaKD2/S+Rw0BY2szh1F9sNNpvRXGbDdiaGAiQ=
Subject key identifier: 53:98:B1:5F:EF:7D:5B:E5:77:44:CA:34:13:98:E4:F6:8E:CA:0D:7B
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 01889FEBD298CA0A150FE72B53D59F37B896
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/U5ixX-99W-V3RMo0E5jk9o7KDXs.roa
Signing time: Fri 09 Jun 2023 11:30:12 +0000
ROA not before: Fri 09 Jun 2023 11:30:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204035
IP address blocks: 37.228.132.0/24 maxlen: 24
37.228.134.0/24 maxlen: 24
185.101.92.0/22 maxlen: 22
37.228.151.0/24 maxlen: 24
37.228.148.0/24 maxlen: 24
185.116.156.0/22 maxlen: 22
185.116.156.0/24 maxlen: 24
185.116.157.0/24 maxlen: 24
185.116.158.0/24 maxlen: 24
193.56.156.0/24 maxlen: 24
185.107.192.0/23 maxlen: 23
185.107.192.0/22 maxlen: 22
185.107.192.0/24 maxlen: 24
185.107.193.0/24 maxlen: 24
185.107.194.0/24 maxlen: 24
194.125.251.0/24 maxlen: 24
194.125.248.0/22 maxlen: 22
194.125.250.0/24 maxlen: 24
193.46.24.0/22 maxlen: 22
185.245.168.0/22 maxlen: 22
2a06:7f80::/29 maxlen: 29
2a06:7f80:3::/48 maxlen: 48
2a06:1c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:eb:d2:98:ca:0a:15:0f:e7:2b:53:d5:9f:37:b8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: Jun 9 11:30:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5398b15fef7d5be57744ca341398e4f68eca0d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cc:96:50:b1:b3:1c:02:fe:83:25:27:8e:78:
c1:2c:1b:05:c3:12:fe:52:61:25:15:62:1d:e0:5d:
29:8a:5e:cf:af:19:4d:a9:9d:ce:19:83:d0:ce:b2:
f4:95:01:d1:e0:c3:a9:c6:da:63:d3:2e:b3:d7:d7:
07:22:2e:31:05:d2:88:c8:9c:33:24:20:45:36:45:
c8:ed:3f:44:44:6e:58:0d:d6:c8:fb:90:37:6d:44:
09:8a:52:2d:9b:53:2f:ad:8c:99:3c:0c:47:da:16:
a2:b4:cb:18:ab:8b:22:1c:af:fc:55:8d:b7:3d:d6:
18:eb:8c:df:0b:69:41:50:af:1d:75:02:cb:c4:9c:
d4:6e:c8:a5:8d:d8:c8:62:c7:e2:4f:0e:6c:7d:f1:
f1:0f:f2:d6:86:7a:2c:8a:65:23:6e:e0:e0:00:b6:
f3:8d:2d:af:9e:c7:1e:05:a8:28:3a:db:43:30:c9:
3f:f5:e9:98:4f:f2:45:97:be:1b:b0:5f:ff:12:75:
24:67:b1:4c:49:b3:1c:34:0f:4f:be:7d:f7:3d:8c:
c8:21:24:ba:db:fd:99:a3:4c:49:cc:62:e5:14:44:
fe:9b:ce:dc:70:62:5f:3a:06:c5:34:be:80:f0:57:
db:ed:70:ea:e7:e4:15:ba:ff:ce:bf:d5:eb:57:ec:
f5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:98:B1:5F:EF:7D:5B:E5:77:44:CA:34:13:98:E4:F6:8E:CA:0D:7B
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/U5ixX-99W-V3RMo0E5jk9o7KDXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.132.0/24
37.228.134.0/24
37.228.148.0/24
37.228.151.0/24
185.101.92.0/22
185.107.192.0/22
185.116.156.0/22
185.245.168.0/22
193.46.24.0/22
193.56.156.0/24
194.125.248.0/22
IPv6:
2a06:1c40::/29
2a06:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
08:46:3d:ff:fd:46:d2:7a:78:08:12:f8:57:07:92:d9:75:0a:
67:7c:68:d8:5b:c2:ca:8e:f8:07:49:af:5b:d0:24:21:0e:67:
03:4d:5a:34:65:65:ad:d0:e2:6e:5c:1f:93:0b:e2:84:ff:d1:
ca:17:d9:9d:91:6b:59:01:3f:54:3a:be:bd:de:08:14:b9:26:
04:dc:24:42:36:91:11:8c:82:83:5d:36:dc:e9:bd:ed:80:e8:
bf:80:eb:22:cf:9c:cd:83:a6:66:69:84:49:b7:41:8a:73:71:
8d:b4:a9:41:18:3c:01:bf:ef:3c:a1:56:d0:d0:50:e6:f2:60:
14:80:1b:72:5d:d5:0a:03:0b:e6:2b:18:9d:1f:c2:1d:e8:1d:
0d:0c:ae:b3:4d:27:43:77:a5:d2:0f:8d:aa:5a:5f:3c:ec:2f:
0f:23:eb:fa:01:99:7b:9d:00:69:52:53:a9:8e:32:cb:1c:f4:
9f:c9:f2:88:56:f8:a3:28:2c:7b:a5:2d:7d:82:87:48:0b:3a:
8a:56:8b:95:a4:61:5c:42:8d:b7:34:23:d8:9e:66:66:87:11:
c8:90:39:97:16:0e:a9:9e:fa:b1:d9:6f:ce:af:8b:04:5b:3c:
90:ee:7e:a4:2b:2d:9e:de:48:7b:9c:f1:5c:4f:4e:a0:af:3e:
eb:89:cf:35
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYif69KYygoVD+crU9WfN7iWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDE4MTk2YjI5ZjYwZTg1ZDg3MTJkZTQwMzlhNTMxY2Zj
MWFiMzEwHhcNMjMwNjA5MTEzMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk4YjE1ZmVmN2Q1YmU1Nzc0NGNhMzQxMzk4ZTRmNjhlY2EwZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMyWULGzHAL+gyUnjnjBLBsFwxL+
UmElFWId4F0pil7PrxlNqZ3OGYPQzrL0lQHR4MOpxtpj0y6z19cHIi4xBdKIyJwz
JCBFNkXI7T9ERG5YDdbI+5A3bUQJilItm1MvrYyZPAxH2haitMsYq4siHK/8VY23
PdYY64zfC2lBUK8ddQLLxJzUbsiljdjIYsfiTw5sffHxD/LWhnosimUjbuDgALbz
jS2vnsceBagoOttDMMk/9emYT/JFl74bsF//EnUkZ7FMSbMcNA9Pvn33PYzIISS6
2/2Zo0xJzGLlFET+m87ccGJfOgbFNL6A8Ffb7XDq5+QVuv/Ov9XrV+z17wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFFOYsV/vfVvld0TKNBOY5PaOyg17MB8GA1UdIwQY
MBaAFFDRgZayn2DoXYcS3kA5pTHPwasxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2Et
YjRhMTgxY2Q0MGY2LzEvVTVpeFgtOTlXLVYzUk1vMEU1ams5bzdLRFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2EtYjRhMTgxY2Q0MGY2
LzEvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQAJeSEAwQA
JeSGAwQAJeSUAwQAJeSXAwQCuWVcAwQCuWvAAwQCuXScAwQCufWoAwQCwS4YAwQA
wTicAwQCwn34MBQEAgACMA4DBQMqBhxAAwUDKgZ/gDANBgkqhkiG9w0BAQsFAAOC
AQEACEY9//1G0np4CBL4VweS2XUKZ3xo2FvCyo74B0mvW9AkIQ5nA01aNGVlrdDi
blwfkwvihP/RyhfZnZFrWQE/VDq+vd4IFLkmBNwkQjaREYyCg1023Om97YDov4Dr
Is+czYOmZmmESbdBinNxjbSpQRg8Ab/vPKFW0NBQ5vJgFIAbcl3VCgML5isYnR/C
HegdDQyus00nQ3el0g+NqlpfPOwvDyPr+gGZe50AaVJTqY4yyxz0n8nyiFb4oygs
e6UtfYKHSAs6ilaLlaRhXEKNtzQj2J5mZocRyJA5lxYOqZ76sdlvzq+LBFs8kO5+
pCstnt5Ie5zxXE9OoK8+64nPNQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:56:36 2025 by rpki-client