Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/Obn6_q3UCwUswyUaxuKGPHltKfg.roa
File: Obn6_q3UCwUswyUaxuKGPHltKfg.roa (raw, json)
Hash identifier: A8snqwluHY3igepth0gzFq4xXWBiDiWAfPf2AiYkVC8=
Subject key identifier: 39:B9:FA:FE:AD:D4:0B:05:2C:C3:25:1A:C6:E2:86:3C:79:6D:29:F8
Certificate issuer: /CN=68d24addcc3d5b77a099a907122252a47c8f6310
Certificate serial: 055D8220
Authority key identifier: 68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/Obn6_q3UCwUswyUaxuKGPHltKfg.roa
Signing time: Wed 29 Jun 2022 23:58:04 +0000
ROA not before: Wed 29 Jun 2022 23:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12912
IP address blocks: 46.204.0.0/15 maxlen: 15
46.205.192.0/20 maxlen: 20
178.183.0.0/18 maxlen: 18
178.183.224.0/19 maxlen: 19
46.205.208.0/20 maxlen: 20
188.146.0.0/15 maxlen: 15
178.183.32.0/24 maxlen: 24
62.152.128.0/19 maxlen: 19
178.180.0.0/14 maxlen: 14
213.158.192.0/19 maxlen: 19
188.147.0.0/19 maxlen: 19
46.205.240.0/21 maxlen: 21
83.220.96.0/19 maxlen: 19
37.30.0.0/15 maxlen: 15
83.220.101.0/24 maxlen: 24
2001:1b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90014240 (0x55d8220)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d24addcc3d5b77a099a907122252a47c8f6310
Validity
Not Before: Jun 29 23:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39b9fafeadd40b052cc3251ac6e2863c796d29f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:41:d1:82:e6:ab:85:90:14:5f:6c:e7:e4:1f:
bc:2a:96:93:b3:f5:ed:a1:d8:dc:67:07:4c:36:49:
84:7b:f4:f4:9c:1d:10:4a:d8:b0:db:fe:03:08:f3:
be:3c:3e:67:42:c3:26:c2:52:3d:96:22:e1:dc:38:
a6:fb:2d:ba:67:b1:d5:d9:8a:09:3b:31:27:72:1f:
6b:78:dd:2e:7c:67:62:20:c3:9f:15:90:cf:d4:53:
5d:85:bf:70:97:37:f1:a4:04:03:a8:9f:38:fe:6a:
a7:84:87:45:9f:5d:99:d5:2e:79:57:b8:98:63:f4:
d2:3e:f5:16:1d:dc:87:a3:6b:a7:5e:8c:bb:ac:07:
76:db:a7:65:ac:34:72:ca:39:62:0b:0b:16:22:70:
62:62:ee:2d:15:0b:cf:b9:11:c9:aa:f0:0a:25:96:
10:5c:5f:91:f3:a4:94:3c:9c:cd:c0:96:ca:5e:13:
f3:ad:db:86:ff:31:88:26:a0:45:0a:d8:eb:9c:76:
43:10:3d:a0:98:e9:68:c5:e2:99:9f:cc:21:a4:02:
c3:3f:e7:40:a7:f8:4e:3b:76:f7:42:cd:b4:38:c0:
72:9b:f6:be:70:b6:2c:31:62:13:13:ba:91:75:c6:
25:79:99:52:a7:66:49:65:ed:cb:5f:0c:a3:8b:b7:
0a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B9:FA:FE:AD:D4:0B:05:2C:C3:25:1A:C6:E2:86:3C:79:6D:29:F8
X509v3 Authority Key Identifier:
keyid:68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/Obn6_q3UCwUswyUaxuKGPHltKfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.30.0.0/15
46.204.0.0/15
62.152.128.0/19
83.220.96.0/19
178.180.0.0/14
188.146.0.0/15
213.158.192.0/19
IPv6:
2001:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
27:35:89:23:37:1f:2c:c4:db:4a:b1:f1:de:5a:96:89:a0:dc:
11:e4:31:2c:9f:bd:f0:67:e5:1f:8f:bb:c6:e0:06:e1:31:fb:
e3:15:c8:4c:bc:e0:cb:36:77:d4:9a:d4:9b:ff:ad:5f:ad:b6:
3b:8b:dc:14:28:04:9c:cf:87:0a:fa:c9:e6:40:6a:84:46:b3:
c9:14:b4:69:6f:e5:d8:f5:59:3c:54:be:d7:25:b6:b4:b7:44:
45:4c:87:69:d0:6f:60:e2:71:b2:00:8a:ea:ed:99:e1:27:f7:
ce:a2:e4:d8:74:43:52:67:26:b6:be:d6:e8:8a:bb:ed:ea:62:
7c:ea:81:65:c8:7f:35:be:7e:3d:4a:88:00:67:44:56:3e:91:
da:38:c1:64:f6:07:54:e0:3c:99:9f:39:d9:f0:e6:7a:04:14:
97:08:9d:7e:00:ff:8a:04:33:b4:89:d5:52:e6:80:e6:25:c3:
96:a1:ca:c8:dd:56:96:26:be:ab:e7:ba:04:f0:87:f7:dd:d1:
3f:ee:0b:db:c0:f1:dd:f6:8d:9a:81:f7:ec:9f:02:e9:0d:7e:
8b:95:9b:35:14:5a:8f:52:b4:43:42:8d:42:5f:8e:b4:bd:2f:
6d:4e:3a:3e:ee:bc:8f:fd:2f:3d:76:5c:3a:42:6e:45:6a:a7:
17:ab:2a:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBV2CIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGQyNGFkZGNjM2Q1Yjc3YTA5OWE5MDcxMjIyNTJhNDdjOGY2MzEwMB4XDTIyMDYy
OTIzNTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzliOWZhZmVhZGQ0
MGIwNTJjYzMyNTFhYzZlMjg2M2M3OTZkMjlmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIBB0YLmq4WQFF9s5+QfvCqWk7P17aHY3GcHTDZJhHv09Jwd
EErYsNv+Awjzvjw+Z0LDJsJSPZYi4dw4pvstumex1dmKCTsxJ3Ifa3jdLnxnYiDD
nxWQz9RTXYW/cJc38aQEA6ifOP5qp4SHRZ9dmdUueVe4mGP00j71Fh3ch6Nrp16M
u6wHdtunZaw0cso5YgsLFiJwYmLuLRULz7kRyarwCiWWEFxfkfOklDyczcCWyl4T
863bhv8xiCagRQrY65x2QxA9oJjpaMXimZ/MIaQCwz/nQKf4Tjt290LNtDjAcpv2
vnC2LDFiExO6kXXGJXmZUqdmSWXty18Mo4u3CmMCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQ5ufr+rdQLBSzDJRrG4oY8eW0p+DAfBgNVHSMEGDAWgBRo0krdzD1bd6CZ
qQcSIlKkfI9jEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FOSkszY3c5VzNlZ21ha0hFaUpTcEh5UFl4QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNTFhNjU1LTI3MzUtNDllZi04MGRmLWIzMTZkYjU5MzhmZi8x
L09ibjZfcTNVQ3dVc3d5VWF4dUtHUEhsdEtmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NTFhNjU1LTI3MzUtNDllZi04MGRmLWIzMTZkYjU5MzhmZi8xL2FOSkszY3c5VzNl
Z21ha0hFaUpTcEh5UFl4QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMDASUeAwMBLswDBAU+mIADBAVT3GAD
AwKytAMDAbySAwQF1Z7AMA0EAgACMAcDBQMgARuAMA0GCSqGSIb3DQEBCwUAA4IB
AQAnNYkjNx8sxNtKsfHeWpaJoNwR5DEsn73wZ+Ufj7vG4AbhMfvjFchMvODLNnfU
mtSb/61frbY7i9wUKAScz4cK+snmQGqERrPJFLRpb+XY9Vk8VL7XJba0t0RFTIdp
0G9g4nGyAIrq7ZnhJ/fOouTYdENSZya2vtboirvt6mJ86oFlyH81vn49SogAZ0RW
PpHaOMFk9gdU4DyZnznZ8OZ6BBSXCJ1+AP+KBDO0idVS5oDmJcOWocrI3VaWJr6r
57oE8If33dE/7gvbwPHd9o2agffsnwLpDX6LlZs1FFqPUrRDQo1CX460vS9tTjo+
7ryP/S89dlw6Qm5FaqcXqyqd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org