Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/S2gwt_9yWqO93EXXPzxn8OAJsVc.roa
File: S2gwt_9yWqO93EXXPzxn8OAJsVc.roa (raw, json)
Hash identifier: J1Yldjw7dh+RDLo4Np7ruCmZQQSPTnd66AMcGfoAYQE=
Subject key identifier: 4B:68:30:B7:FF:72:5A:A3:BD:DC:45:D7:3F:3C:67:F0:E0:09:B1:57
Certificate issuer: /CN=68d24addcc3d5b77a099a907122252a47c8f6310
Certificate serial: 046C89E3
Authority key identifier: 68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/S2gwt_9yWqO93EXXPzxn8OAJsVc.roa
Signing time: Wed 16 Mar 2022 23:03:29 +0000
ROA not before: Wed 16 Mar 2022 23:03:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12912
IP address blocks: 46.204.0.0/15 maxlen: 15
46.205.192.0/20 maxlen: 20
178.183.0.0/18 maxlen: 18
178.183.224.0/19 maxlen: 19
46.205.208.0/20 maxlen: 20
178.183.32.0/24 maxlen: 24
213.158.192.0/19 maxlen: 19
46.205.240.0/21 maxlen: 21
62.152.128.0/19 maxlen: 19
2001:1b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74222051 (0x46c89e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d24addcc3d5b77a099a907122252a47c8f6310
Validity
Not Before: Mar 16 23:03:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b6830b7ff725aa3bddc45d73f3c67f0e009b157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:9a:ac:e5:96:f3:b4:c4:8a:c7:2d:e2:9f:1e:
95:98:3a:1e:c2:0d:0a:8d:f3:bd:62:5b:5b:fe:17:
b4:77:14:61:9b:ef:0b:33:9f:52:a4:35:e3:43:5e:
0f:62:e8:09:46:d9:ab:15:94:bb:a0:05:41:6c:91:
76:d8:77:04:3d:bc:12:a9:29:cd:24:c7:b6:b4:ac:
4d:bf:2c:06:c1:91:13:ae:b1:31:0e:2c:e4:8f:22:
0f:45:6c:34:bf:fc:62:b4:c5:81:7e:de:88:7e:e5:
a2:b2:74:dc:72:4a:81:b8:01:a0:74:8c:92:8d:6f:
cc:30:a4:44:55:df:6e:15:b0:22:2f:9a:a7:ce:d0:
fe:99:63:c7:fa:1d:d4:90:3a:09:c8:58:d8:d7:fa:
04:d0:77:a2:80:df:80:1e:c9:fd:32:ba:a9:2a:34:
21:80:2f:d9:64:9e:98:3b:0e:96:a2:55:c6:3d:6f:
47:65:b1:40:e0:15:8e:d6:cb:ca:cc:37:8c:32:48:
6c:c6:44:54:4f:7f:8b:ed:64:2c:b0:cb:c0:a7:d3:
bd:f3:6e:60:73:43:fc:e0:ab:eb:58:d0:54:83:5b:
af:96:21:3f:f4:66:0d:53:e8:e1:50:6d:76:dd:bd:
a9:aa:d3:9b:46:de:3b:8e:ad:c0:19:05:32:8b:f0:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:68:30:B7:FF:72:5A:A3:BD:DC:45:D7:3F:3C:67:F0:E0:09:B1:57
X509v3 Authority Key Identifier:
keyid:68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/S2gwt_9yWqO93EXXPzxn8OAJsVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.204.0.0/15
62.152.128.0/19
178.183.0.0/18
178.183.224.0/19
213.158.192.0/19
IPv6:
2001:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
13:ef:8e:b0:0e:26:90:fd:9b:b6:13:d2:9a:41:aa:c3:84:cf:
8e:bd:b9:23:31:b9:06:29:1c:f6:9b:fa:6f:9a:b0:5e:35:7a:
72:e5:62:eb:3b:f9:54:d8:68:44:e7:78:f0:e9:7f:fe:e2:9a:
1d:74:31:03:97:ff:6c:7e:e0:a5:6c:25:5a:ce:5d:05:54:83:
31:f4:e5:c6:85:39:b2:34:05:6d:7d:bf:62:0c:7e:15:7d:dc:
5d:c9:24:19:fb:71:3a:1f:2b:6c:d8:38:ea:16:13:ff:48:81:
9c:31:7c:3e:47:be:42:ab:ec:74:2f:99:23:fc:4b:5a:81:62:
c8:1b:f1:84:39:00:bd:fb:79:78:08:c5:ee:c5:dc:55:ad:5b:
92:61:0c:1b:92:54:24:dc:d1:4c:a2:7b:62:22:d3:59:0b:da:
9b:8c:17:d1:93:aa:40:14:81:e3:6e:1c:66:45:fa:c5:7c:c2:
85:57:9d:34:88:6e:92:5e:7b:05:d0:9d:e2:67:75:ee:72:57:
7f:10:27:74:38:ca:9d:d7:81:b9:e7:f0:62:fc:9e:d3:d0:40:
a4:c7:1c:8b:72:98:ff:99:45:fc:49:95:37:cf:13:79:65:78:
80:48:c1:f4:16:1a:12:2b:36:87:fc:3b:d8:b9:a5:a6:ad:7b:
68:58:8f:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEBGyJ4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGQyNGFkZGNjM2Q1Yjc3YTA5OWE5MDcxMjIyNTJhNDdjOGY2MzEwMB4XDTIyMDMx
NjIzMDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI2ODMwYjdmZjcy
NWFhM2JkZGM0NWQ3M2YzYzY3ZjBlMDA5YjE1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO2arOWW87TEisct4p8elZg6HsINCo3zvWJbW/4XtHcUYZvv
CzOfUqQ140NeD2LoCUbZqxWUu6AFQWyRdth3BD28EqkpzSTHtrSsTb8sBsGRE66x
MQ4s5I8iD0VsNL/8YrTFgX7eiH7lorJ03HJKgbgBoHSMko1vzDCkRFXfbhWwIi+a
p87Q/pljx/od1JA6CchY2Nf6BNB3ooDfgB7J/TK6qSo0IYAv2WSemDsOlqJVxj1v
R2WxQOAVjtbLysw3jDJIbMZEVE9/i+1kLLDLwKfTvfNuYHND/OCr61jQVINbr5Yh
P/RmDVPo4VBtdt29qarTm0beO46twBkFMovw66sCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRLaDC3/3Jao73cRdc/PGfw4AmxVzAfBgNVHSMEGDAWgBRo0krdzD1bd6CZ
qQcSIlKkfI9jEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FOSkszY3c5VzNlZ21ha0hFaUpTcEh5UFl4QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNTFhNjU1LTI3MzUtNDllZi04MGRmLWIzMTZkYjU5MzhmZi8x
L1MyZ3d0Xzl5V3FPOTNFWFhQenhuOE9BSnNWYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NTFhNjU1LTI3MzUtNDllZi04MGRmLWIzMTZkYjU5MzhmZi8xL2FOSkszY3c5VzNl
Z21ha0hFaUpTcEh5UFl4QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMDAS7MAwQFPpiAAwQGsrcAAwQFsrfg
AwQF1Z7AMA0EAgACMAcDBQMgARuAMA0GCSqGSIb3DQEBCwUAA4IBAQAT746wDiaQ
/Zu2E9KaQarDhM+OvbkjMbkGKRz2m/pvmrBeNXpy5WLrO/lU2GhE53jw6X/+4pod
dDEDl/9sfuClbCVazl0FVIMx9OXGhTmyNAVtfb9iDH4VfdxdySQZ+3E6Hyts2Djq
FhP/SIGcMXw+R75Cq+x0L5kj/EtagWLIG/GEOQC9+3l4CMXuxdxVrVuSYQwbklQk
3NFMontiItNZC9qbjBfRk6pAFIHjbhxmRfrFfMKFV500iG6SXnsF0J3iZ3Xucld/
ECd0OMqd14G55/Bi/J7T0ECkxxyLcpj/mUX8SZU3zxN5ZXiASMH0FhoSKzaH/DvY
uaWmrXtoWI+5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:14 2025 by rpki-client