Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/AknARcILr7F3Cri06hDmnGyRMkQ.roa
File: AknARcILr7F3Cri06hDmnGyRMkQ.roa (raw, json)
Hash identifier: NsYKxoTHbLaJP1IcyC2ubdQiOhI8NrZAZDnk4zBx++A=
Subject key identifier: 02:49:C0:45:C2:0B:AF:B1:77:0A:B8:B4:EA:10:E6:9C:6C:91:32:44
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 01850649DA9EF6F228866AA9A60DF01C7781
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/AknARcILr7F3Cri06hDmnGyRMkQ.roa
Signing time: Mon 12 Dec 2022 12:23:01 +0000
ROA not before: Mon 12 Dec 2022 12:23:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204035
IP address blocks: 37.228.132.0/24 maxlen: 24
37.228.134.0/24 maxlen: 24
185.101.92.0/22 maxlen: 22
37.228.151.0/24 maxlen: 24
37.228.148.0/24 maxlen: 24
185.116.156.0/22 maxlen: 22
185.116.156.0/24 maxlen: 24
185.116.157.0/24 maxlen: 24
185.116.158.0/24 maxlen: 24
193.56.156.0/24 maxlen: 24
185.107.192.0/23 maxlen: 23
185.107.192.0/22 maxlen: 22
185.107.192.0/24 maxlen: 24
185.107.193.0/24 maxlen: 24
185.107.194.0/24 maxlen: 24
194.125.251.0/24 maxlen: 24
194.125.248.0/22 maxlen: 22
194.125.250.0/24 maxlen: 24
193.46.24.0/22 maxlen: 22
185.245.168.0/22 maxlen: 22
2a06:7f80::/29 maxlen: 29
2a06:1c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:49:da:9e:f6:f2:28:86:6a:a9:a6:0d:f0:1c:77:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: Dec 12 12:23:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0249c045c20bafb1770ab8b4ea10e69c6c913244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0b:da:60:4d:ed:5c:0e:cb:fd:d7:33:c2:0b:
b8:98:bb:cf:30:bd:53:26:f2:15:1a:b8:6e:ba:75:
a7:1e:49:76:ec:5a:21:59:a8:25:b1:4f:10:2c:3c:
2f:37:1c:ea:7e:49:eb:fb:ff:44:b3:9f:7d:7b:11:
14:48:b4:20:1d:c3:bb:4c:0c:d6:4c:f8:eb:b2:c1:
8f:98:82:ed:b0:8e:f6:3e:0e:a0:48:69:5b:0a:22:
8e:e0:b2:40:d6:b0:40:05:13:29:25:c4:fd:66:f3:
8d:96:09:70:75:d4:44:09:0e:52:49:89:06:68:c9:
f8:e3:e5:5b:3d:24:10:21:bc:24:ad:b1:6e:57:ab:
2b:25:73:fe:6b:f3:a8:be:68:12:66:05:da:6c:4d:
b6:fc:0e:2c:d4:e5:bc:62:64:cb:f0:e4:4c:80:22:
bf:11:f2:17:b2:d5:51:b0:4c:4a:4d:b2:b1:d4:98:
13:a1:88:09:ae:38:e0:70:a1:7b:ef:75:01:d4:1b:
7e:22:de:74:0f:54:2d:a3:5e:c1:3b:09:10:94:4c:
0e:8d:ba:44:d2:4b:20:e4:43:82:d6:84:4d:4a:45:
d2:80:8b:fe:85:39:15:1e:ea:77:9f:94:f5:90:cd:
cc:49:9f:07:24:39:83:f6:f9:03:f3:34:5f:08:14:
0d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:49:C0:45:C2:0B:AF:B1:77:0A:B8:B4:EA:10:E6:9C:6C:91:32:44
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/AknARcILr7F3Cri06hDmnGyRMkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.132.0/24
37.228.134.0/24
37.228.148.0/24
37.228.151.0/24
185.101.92.0/22
185.107.192.0/22
185.116.156.0/22
185.245.168.0/22
193.46.24.0/22
193.56.156.0/24
194.125.248.0/22
IPv6:
2a06:1c40::/29
2a06:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
10:3a:cc:be:ff:5c:99:b5:fe:05:2a:6f:03:70:f9:4f:25:44:
92:db:28:8b:d3:a3:36:b9:47:ab:85:84:21:15:f4:0f:99:4e:
f3:e7:df:66:36:53:62:e7:a4:c5:3b:f8:a6:51:85:c7:9b:2d:
54:1a:35:1e:cf:2b:2e:12:d1:fc:54:dc:0f:c3:71:69:ee:51:
93:bb:40:a5:1f:a7:cc:d3:9d:a4:d0:17:9e:ec:d5:8f:80:37:
7e:0f:46:32:17:6c:eb:d5:16:80:ed:48:65:dd:fe:63:46:1a:
f4:17:71:0f:14:3f:f4:98:a0:7b:e6:32:cb:02:de:79:6a:53:
42:c4:d0:c7:df:1b:c6:d2:b0:b9:8a:01:c5:82:45:5e:04:fb:
c5:72:13:83:78:ac:49:19:79:3d:2a:2e:aa:86:25:69:85:67:
35:a1:5a:ed:df:5f:a4:6d:52:63:27:da:b2:d9:7d:2d:a4:34:
b1:5a:b2:3e:9f:a9:11:d2:41:fc:83:ed:a3:f3:ff:c0:69:28:
f0:1a:c0:14:f6:3f:f3:d5:56:ab:09:3a:30:c5:1b:0e:d4:50:
ec:66:cb:56:c9:7f:ec:1e:6f:73:13:28:6a:b6:19:6f:25:dc:
90:21:c5:16:8c:6f:cb:1b:19:74:b6:92:94:99:13:0c:25:e8:
69:70:1c:62
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYUGSdqe9vIohmqppg3wHHeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDE4MTk2YjI5ZjYwZTg1ZDg3MTJkZTQwMzlhNTMxY2Zj
MWFiMzEwHhcNMjIxMjEyMTIyMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ5YzA0NWMyMGJhZmIxNzcwYWI4YjRlYTEwZTY5YzZjOTEzMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wvaYE3tXA7L/dczwgu4mLvPML1T
JvIVGrhuunWnHkl27FohWaglsU8QLDwvNxzqfknr+/9Es599exEUSLQgHcO7TAzW
TPjrssGPmILtsI72Pg6gSGlbCiKO4LJA1rBABRMpJcT9ZvONlglwddRECQ5SSYkG
aMn44+VbPSQQIbwkrbFuV6srJXP+a/OovmgSZgXabE22/A4s1OW8YmTL8ORMgCK/
EfIXstVRsExKTbKx1JgToYgJrjjgcKF773UB1Bt+It50D1Qto17BOwkQlEwOjbpE
0ksg5EOC1oRNSkXSgIv+hTkVHup3n5T1kM3MSZ8HJDmD9vkD8zRfCBQN9QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFAJJwEXCC6+xdwq4tOoQ5pxskTJEMB8GA1UdIwQY
MBaAFFDRgZayn2DoXYcS3kA5pTHPwasxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2Et
YjRhMTgxY2Q0MGY2LzEvQWtuQVJjSUxyN0YzQ3JpMDZoRG1uR3lSTWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2EtYjRhMTgxY2Q0MGY2
LzEvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQAJeSEAwQA
JeSGAwQAJeSUAwQAJeSXAwQCuWVcAwQCuWvAAwQCuXScAwQCufWoAwQCwS4YAwQA
wTicAwQCwn34MBQEAgACMA4DBQMqBhxAAwUDKgZ/gDANBgkqhkiG9w0BAQsFAAOC
AQEAEDrMvv9cmbX+BSpvA3D5TyVEktsoi9OjNrlHq4WEIRX0D5lO8+ffZjZTYuek
xTv4plGFx5stVBo1Hs8rLhLR/FTcD8Nxae5Rk7tApR+nzNOdpNAXnuzVj4A3fg9G
Mhds69UWgO1IZd3+Y0Ya9BdxDxQ/9Jige+YyywLeeWpTQsTQx98bxtKwuYoBxYJF
XgT7xXITg3isSRl5PSouqoYlaYVnNaFa7d9fpG1SYyfastl9LaQ0sVqyPp+pEdJB
/IPto/P/wGko8BrAFPY/89VWqwk6MMUbDtRQ7GbLVsl/7B5vcxMoarYZbyXckCHF
FoxvyxsZdLaSlJkTDCXoaXAcYg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:30 2025 by rpki-client