Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/kmey9Ou5uH6XpCkGzk6Cnirg-wA.roa
File: kmey9Ou5uH6XpCkGzk6Cnirg-wA.roa (raw, json)
Hash identifier: aGWtuzsXIx9cRad2lcf8EKcOJ7E4qfYSFJhz0+ZgSek=
Subject key identifier: 92:67:B2:F4:EB:B9:B8:7E:97:A4:29:06:CE:4E:82:9E:2A:E0:FB:00
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 06A8B9E2
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/kmey9Ou5uH6XpCkGzk6Cnirg-wA.roa
Signing time: Tue 31 May 2022 06:41:13 +0000
ROA not before: Tue 31 May 2022 06:41:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204035
IP address blocks: 37.228.132.0/24 maxlen: 24
37.228.134.0/24 maxlen: 24
185.101.92.0/22 maxlen: 24
37.228.151.0/24 maxlen: 24
37.228.148.0/24 maxlen: 24
185.116.156.0/22 maxlen: 22
185.116.156.0/24 maxlen: 24
185.116.157.0/24 maxlen: 24
185.116.158.0/24 maxlen: 24
193.56.156.0/24 maxlen: 24
185.107.192.0/22 maxlen: 22
185.107.193.0/24 maxlen: 24
194.125.248.0/22 maxlen: 22
194.125.250.0/24 maxlen: 24
193.46.24.0/22 maxlen: 22
185.245.168.0/22 maxlen: 22
2a06:7f80::/29 maxlen: 29
2a06:1c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111720930 (0x6a8b9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: May 31 06:41:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9267b2f4ebb9b87e97a42906ce4e829e2ae0fb00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1e:dc:1f:24:54:ba:ab:61:b0:a4:00:28:e3:
8a:cc:aa:45:ed:33:ee:fd:ff:ea:cb:1f:a6:4d:54:
2c:4e:b7:5f:1b:af:76:e3:ed:7f:3b:1f:8b:f8:a4:
e6:9c:b9:fe:27:cd:72:c5:40:e9:0b:8e:ed:a1:b8:
cc:ce:75:27:34:4f:93:d7:24:1f:5d:41:ea:9a:91:
41:fc:25:7b:42:56:dd:d1:46:73:a0:72:06:5c:b2:
c0:6b:72:14:f0:30:ce:d1:89:4f:0e:0e:6e:b7:61:
0f:e4:f7:db:3e:48:f9:08:a0:ce:aa:5f:95:71:7a:
90:fb:81:4e:aa:1c:98:89:f3:76:93:a4:53:30:8c:
1d:9a:9f:94:44:ef:72:ef:bb:47:3a:5a:3d:ba:17:
d5:1c:79:e0:68:48:56:19:64:02:b0:1e:1d:49:b5:
73:f6:a2:0c:c0:5e:07:b2:f3:a3:cd:e0:20:f6:a8:
b7:64:a9:b7:77:c6:c3:a2:3c:88:f9:9f:80:8d:1b:
c1:1b:99:7f:c6:67:0a:48:a7:00:cb:02:33:1d:f6:
d7:f0:49:2a:17:31:a0:93:a0:93:e3:9c:f0:d0:df:
8d:ab:30:ae:01:ab:4a:e8:11:23:55:3e:f9:be:e3:
8a:e8:51:b8:c9:8e:89:f0:8c:4a:45:f3:6e:70:c7:
aa:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:67:B2:F4:EB:B9:B8:7E:97:A4:29:06:CE:4E:82:9E:2A:E0:FB:00
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/kmey9Ou5uH6XpCkGzk6Cnirg-wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.132.0/24
37.228.134.0/24
37.228.148.0/24
37.228.151.0/24
185.101.92.0/22
185.107.192.0/22
185.116.156.0/22
185.245.168.0/22
193.46.24.0/22
193.56.156.0/24
194.125.248.0/22
IPv6:
2a06:1c40::/29
2a06:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
4b:e9:57:ec:04:a1:45:84:3c:ad:ab:fb:0d:99:01:fe:34:1a:
9d:db:ab:cc:2d:b5:07:ae:c7:0f:b9:96:5d:85:50:1b:7f:e6:
c0:ce:37:82:4a:b2:e7:92:f5:30:f2:9d:25:77:34:70:86:64:
36:80:b7:ef:f4:1c:3a:cf:ce:87:60:0f:06:2e:40:46:f6:6d:
c3:52:7e:ab:57:6f:6c:22:01:8c:82:bd:39:01:90:2f:83:de:
52:c3:85:37:03:64:e3:c5:37:d8:cd:d5:d2:fd:98:21:20:c9:
4e:df:8a:ec:6c:76:77:fb:f2:dc:e8:67:df:2a:06:d9:01:a9:
83:5b:b4:f8:8a:46:12:95:f7:c9:dd:55:89:cc:6b:f2:37:5a:
17:c2:b9:7e:cf:f1:b7:06:31:88:40:1a:5c:9b:0d:ed:12:c4:
72:92:41:7e:84:62:ed:98:1a:ba:dc:a3:d0:69:6a:ef:25:28:
2e:7e:ca:eb:a0:5a:a0:90:ba:6d:32:96:11:78:4d:75:0d:df:
9d:fc:4f:5a:b5:05:91:f8:52:32:81:15:ad:de:90:b8:98:8a:
0f:69:d8:f9:cc:9c:6c:b5:94:58:2e:18:d8:66:ee:73:90:0c:
72:f9:dd:53:07:21:2e:ed:72:5e:ae:f0:56:91:fa:be:b9:c7:
dc:ef:c7:b4
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEBqi54jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGQxODE5NmIyOWY2MGU4NWQ4NzEyZGU0MDM5YTUzMWNmYzFhYjMxMB4XDTIyMDUz
MTA2NDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI2N2IyZjRlYmI5
Yjg3ZTk3YTQyOTA2Y2U0ZTgyOWUyYWUwZmIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIe3B8kVLqrYbCkACjjisyqRe0z7v3/6ssfpk1ULE63Xxuv
duPtfzsfi/ik5py5/ifNcsVA6QuO7aG4zM51JzRPk9ckH11B6pqRQfwle0JW3dFG
c6ByBlyywGtyFPAwztGJTw4ObrdhD+T32z5I+QigzqpflXF6kPuBTqocmInzdpOk
UzCMHZqflETvcu+7RzpaPboX1Rx54GhIVhlkArAeHUm1c/aiDMBeB7Lzo83gIPao
t2Spt3fGw6I8iPmfgI0bwRuZf8ZnCkinAMsCMx321/BJKhcxoJOgk+Oc8NDfjasw
rgGrSugRI1U++b7jiuhRuMmOifCMSkXzbnDHqh8CAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBSSZ7L067m4fpekKQbOToKeKuD7ADAfBgNVHSMEGDAWgBRQ0YGWsp9g6F2H
Et5AOaUxz8GrMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VOR0JscktmWU9oZGh4TGVRRG1sTWNfQnF6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvY2JlY2Y0LWJjZWQtNGQ4My1iZmNhLWI0YTE4MWNkNDBmNi8x
L2ttZXk5T3U1dUg2WHBDa0d6azZDbmlyZy13QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Y2JlY2Y0LWJjZWQtNGQ4My1iZmNhLWI0YTE4MWNkNDBmNi8xL1VOR0JscktmWU9o
ZGh4TGVRRG1sTWNfQnF6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwSAQCAAEwQgMEACXkhAMEACXkhgMEACXklAMEACXk
lwMEArllXAMEArlrwAMEArl0nAMEArn1qAMEAsEuGAMEAME4nAMEAsJ9+DAUBAIA
AjAOAwUDKgYcQAMFAyoGf4AwDQYJKoZIhvcNAQELBQADggEBAEvpV+wEoUWEPK2r
+w2ZAf40Gp3bq8wttQeuxw+5ll2FUBt/5sDON4JKsueS9TDynSV3NHCGZDaAt+/0
HDrPzodgDwYuQEb2bcNSfqtXb2wiAYyCvTkBkC+D3lLDhTcDZOPFN9jN1dL9mCEg
yU7fiuxsdnf78tzoZ98qBtkBqYNbtPiKRhKV98ndVYnMa/I3WhfCuX7P8bcGMYhA
GlybDe0SxHKSQX6EYu2YGrrco9Bpau8lKC5+yuugWqCQum0ylhF4TXUN3538T1q1
BZH4UjKBFa3ekLiYig9p2PnMnGy1lFguGNhm7nOQDHL53VMHIS7tcl6u8FaR+r65
x9zvx7Q=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:07:51 2025 by rpki-client