Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/B3zaPQmEZYmzxuZuVMS2xpXsbiU.roa
File: B3zaPQmEZYmzxuZuVMS2xpXsbiU.roa (raw, json)
Hash identifier: 4QvZkyDePRIFB0CUacUi52XXIoSc4M44olLKPCpLT2Q=
Subject key identifier: 07:7C:DA:3D:09:84:65:89:B3:C6:E6:6E:54:C4:B6:C6:95:EC:6E:25
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 06902074
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/B3zaPQmEZYmzxuZuVMS2xpXsbiU.roa
Signing time: Thu 19 May 2022 09:09:17 +0000
ROA not before: Thu 19 May 2022 09:09:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204035
IP address blocks: 37.228.132.0/24 maxlen: 24
37.228.134.0/24 maxlen: 24
185.101.92.0/22 maxlen: 22
37.228.151.0/24 maxlen: 24
37.228.148.0/24 maxlen: 24
185.116.156.0/22 maxlen: 22
185.116.156.0/24 maxlen: 24
185.116.157.0/24 maxlen: 24
185.116.158.0/24 maxlen: 24
193.56.156.0/24 maxlen: 24
185.107.192.0/22 maxlen: 22
185.107.193.0/24 maxlen: 24
194.125.248.0/22 maxlen: 22
194.125.250.0/24 maxlen: 24
193.46.24.0/22 maxlen: 22
185.245.168.0/22 maxlen: 22
2a06:7f80::/29 maxlen: 29
2a06:1c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110108788 (0x6902074)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: May 19 09:09:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=077cda3d09846589b3c6e66e54c4b6c695ec6e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e0:ef:a8:0a:65:28:e0:b6:73:cc:27:c1:34:
f2:b1:cc:57:94:c7:ca:20:f0:dd:3d:3b:95:57:99:
cf:16:9a:16:83:b4:a9:72:b3:90:13:87:85:bb:a2:
2e:2b:87:6b:85:f1:12:5d:a9:68:6a:c2:eb:94:55:
24:19:f1:b8:54:24:1d:8b:1d:bd:d1:8c:b8:ce:f9:
4a:d0:c5:c2:67:3c:61:d8:29:fd:7d:08:b3:ab:f3:
54:71:5f:87:a6:f2:ff:33:90:fb:83:3f:b7:6e:d0:
d1:ad:62:48:ee:85:d2:17:e4:f1:34:74:23:ce:44:
df:06:5f:7f:50:42:69:cc:16:20:56:7e:96:8a:cd:
24:46:e9:54:7e:ba:78:7a:3a:30:43:4c:6f:ac:91:
de:c8:6a:6e:1e:40:48:35:12:0e:a7:76:51:aa:13:
54:b4:75:50:d7:60:fd:3a:68:42:8c:2e:43:64:e7:
e4:c2:bb:1a:cb:fb:29:16:1b:7b:c7:66:1c:55:65:
c0:f7:17:4f:fa:0c:3b:26:c5:f0:82:0a:55:11:e0:
e0:de:16:9c:41:78:76:d8:71:4e:45:bc:1c:2e:c2:
92:a2:bd:1a:0e:d4:ad:87:1c:4d:f9:5b:63:15:60:
b8:95:eb:8d:fd:be:be:11:1a:15:7f:e5:17:4a:80:
a2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7C:DA:3D:09:84:65:89:B3:C6:E6:6E:54:C4:B6:C6:95:EC:6E:25
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/B3zaPQmEZYmzxuZuVMS2xpXsbiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.132.0/24
37.228.134.0/24
37.228.148.0/24
37.228.151.0/24
185.101.92.0/22
185.107.192.0/22
185.116.156.0/22
185.245.168.0/22
193.46.24.0/22
193.56.156.0/24
194.125.248.0/22
IPv6:
2a06:1c40::/29
2a06:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
8e:d9:81:ff:db:76:20:e6:b9:d9:32:53:1e:4c:12:b7:9f:cd:
0e:f4:a3:e4:52:4e:bc:90:6c:e3:10:9c:26:ed:27:8f:74:e0:
fe:5d:cb:83:15:e7:bb:88:c4:d5:04:3b:84:b7:71:b0:48:26:
f0:df:38:59:d4:65:0b:20:41:b4:54:df:90:c3:74:55:10:31:
7d:3f:44:d5:0b:c9:fb:6d:c8:56:9c:c8:02:31:fc:d5:f3:e0:
d2:58:1c:15:68:30:2d:fe:c7:3e:87:b3:3e:e2:7b:0d:4f:ab:
07:27:ac:c5:b9:3f:45:e9:2b:cc:62:eb:27:52:d7:d3:e1:5a:
a6:ec:d1:1f:23:7a:bd:3c:6c:bf:f5:89:b3:b3:76:3c:88:70:
70:bb:58:6e:1e:d4:7a:14:3d:1c:3a:d3:16:71:09:ab:cd:98:
e8:a8:a5:ef:33:5c:2f:b0:f2:e6:4e:59:bb:4b:b5:23:b7:fc:
a4:e0:e1:47:fa:10:dc:68:c4:2c:86:77:dc:04:c6:f4:ae:f2:
12:35:8a:08:d7:2d:e5:5e:8b:63:e0:61:ff:a4:0d:53:e8:60:
88:b6:93:ee:7d:53:3a:d1:92:d2:be:fe:e3:86:b3:a2:bd:c1:
30:2f:91:9c:ec:ec:00:64:08:ab:a6:d9:71:49:1c:b6:0a:d7:
cd:63:41:64
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEBpAgdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGQxODE5NmIyOWY2MGU4NWQ4NzEyZGU0MDM5YTUzMWNmYzFhYjMxMB4XDTIyMDUx
OTA5MDkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc3Y2RhM2QwOTg0
NjU4OWIzYzZlNjZlNTRjNGI2YzY5NWVjNmUyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfg76gKZSjgtnPMJ8E08rHMV5THyiDw3T07lVeZzxaaFoO0
qXKzkBOHhbuiLiuHa4XxEl2paGrC65RVJBnxuFQkHYsdvdGMuM75StDFwmc8Ydgp
/X0Is6vzVHFfh6by/zOQ+4M/t27Q0a1iSO6F0hfk8TR0I85E3wZff1BCacwWIFZ+
lorNJEbpVH66eHo6MENMb6yR3shqbh5ASDUSDqd2UaoTVLR1UNdg/TpoQowuQ2Tn
5MK7Gsv7KRYbe8dmHFVlwPcXT/oMOybF8IIKVRHg4N4WnEF4dthxTkW8HC7CkqK9
Gg7UrYccTflbYxVguJXrjf2+vhEaFX/lF0qAoqMCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBQHfNo9CYRlibPG5m5UxLbGlexuJTAfBgNVHSMEGDAWgBRQ0YGWsp9g6F2H
Et5AOaUxz8GrMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VOR0JscktmWU9oZGh4TGVRRG1sTWNfQnF6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvY2JlY2Y0LWJjZWQtNGQ4My1iZmNhLWI0YTE4MWNkNDBmNi8x
L0IzemFQUW1FWlltenh1WnVWTVMyeHBYc2JpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Y2JlY2Y0LWJjZWQtNGQ4My1iZmNhLWI0YTE4MWNkNDBmNi8xL1VOR0JscktmWU9o
ZGh4TGVRRG1sTWNfQnF6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwSAQCAAEwQgMEACXkhAMEACXkhgMEACXklAMEACXk
lwMEArllXAMEArlrwAMEArl0nAMEArn1qAMEAsEuGAMEAME4nAMEAsJ9+DAUBAIA
AjAOAwUDKgYcQAMFAyoGf4AwDQYJKoZIhvcNAQELBQADggEBAI7Zgf/bdiDmudky
Ux5MErefzQ70o+RSTryQbOMQnCbtJ4904P5dy4MV57uIxNUEO4S3cbBIJvDfOFnU
ZQsgQbRU35DDdFUQMX0/RNULyfttyFacyAIx/NXz4NJYHBVoMC3+xz6Hsz7iew1P
qwcnrMW5P0XpK8xi6ydS19PhWqbs0R8jer08bL/1ibOzdjyIcHC7WG4e1HoUPRw6
0xZxCavNmOiope8zXC+w8uZOWbtLtSO3/KTg4Uf6ENxoxCyGd9wExvSu8hI1igjX
LeVei2PgYf+kDVPoYIi2k+59UzrRktK+/uOGs6K9wTAvkZzs7ABkCKum2XFJHLYK
181jQWQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:55 2025 by rpki-client