Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/SQL832gA6MgEiAlwUussffYH1zI.roa
File: SQL832gA6MgEiAlwUussffYH1zI.roa (raw, json)
Hash identifier: cAXIC7Y/qiE+/WgrawT847zxpry9G8lcI2yMAd0btHw=
Subject key identifier: 49:02:FC:DF:68:00:E8:C8:04:88:09:70:52:EB:2C:7D:F6:07:D7:32
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 01CBCE84
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/SQL832gA6MgEiAlwUussffYH1zI.roa
Signing time: Tue 29 Mar 2022 15:42:30 +0000
ROA not before: Tue 29 Mar 2022 15:42:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 88.202.0.0/17 maxlen: 17
84.254.133.0/24 maxlen: 24
95.210.192.0/20 maxlen: 20
84.254.138.0/24 maxlen: 24
84.254.143.0/24 maxlen: 24
84.254.141.0/24 maxlen: 24
84.254.152.0/24 maxlen: 24
84.254.150.0/24 maxlen: 24
84.254.149.0/24 maxlen: 24
84.254.151.0/24 maxlen: 24
84.254.148.0/24 maxlen: 24
84.254.159.0/24 maxlen: 24
84.254.157.0/24 maxlen: 24
84.254.156.0/24 maxlen: 24
84.254.158.0/24 maxlen: 24
84.254.153.0/24 maxlen: 24
84.254.155.0/24 maxlen: 24
84.254.154.0/24 maxlen: 24
84.254.163.0/24 maxlen: 24
84.254.160.0/24 maxlen: 24
84.254.162.0/24 maxlen: 24
84.254.161.0/24 maxlen: 24
84.254.166.0/24 maxlen: 24
84.254.171.0/24 maxlen: 24
84.254.172.0/24 maxlen: 24
84.254.167.0/24 maxlen: 24
84.254.169.0/24 maxlen: 24
84.254.168.0/24 maxlen: 24
84.254.174.0/24 maxlen: 24
84.254.173.0/24 maxlen: 24
84.254.175.0/24 maxlen: 24
95.210.142.0/24 maxlen: 24
176.227.128.0/20 maxlen: 20
84.254.129.0/24 maxlen: 24
84.254.128.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
84.254.128.0/18 maxlen: 18
84.254.190.0/24 maxlen: 24
5.61.192.0/21 maxlen: 21
5.61.197.0/24 maxlen: 24
5.61.193.0/24 maxlen: 24
5.61.195.0/24 maxlen: 24
95.210.0.0/22 maxlen: 22
95.210.0.0/16 maxlen: 16
95.210.94.0/24 maxlen: 24
95.210.105.0/24 maxlen: 24
95.210.110.0/24 maxlen: 24
95.210.36.0/24 maxlen: 24
95.210.34.0/24 maxlen: 24
95.210.68.0/24 maxlen: 24
88.202.121.0/24 maxlen: 24
5.175.64.0/20 maxlen: 20
5.175.77.0/24 maxlen: 24
5.175.76.0/24 maxlen: 24
88.202.66.0/24 maxlen: 24
213.209.160.0/19 maxlen: 19
2a00:ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30133892 (0x1cbce84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Mar 29 15:42:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4902fcdf6800e8c80488097052eb2c7df607d732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:d2:35:c9:1f:ec:08:c3:29:c4:a4:99:a2:
06:65:3f:b1:bb:91:9a:3d:f9:09:8f:9e:7a:21:ae:
77:ba:de:44:69:e7:08:92:1b:a6:d0:5b:8c:8b:58:
84:6a:72:43:19:d7:d1:c1:21:22:0f:e4:a7:1d:b5:
61:ef:e9:93:98:b5:13:c1:87:33:76:af:a9:50:3e:
2a:36:d4:fa:37:49:03:6f:38:eb:7a:5b:cc:4d:dc:
c9:42:17:ff:f3:a7:fa:92:e8:48:3c:8f:e0:c8:48:
e3:e4:92:36:19:58:94:1f:5b:51:52:f2:7d:99:9d:
e4:e7:01:a8:03:6e:2e:9f:3e:13:06:e2:8f:72:96:
59:39:35:4c:67:b2:aa:09:73:44:7d:d1:2f:c9:55:
99:11:e0:08:f6:62:fc:ae:cc:89:18:03:61:2e:73:
ce:24:18:4e:6a:58:3d:cb:cd:da:bf:3b:7b:2d:f6:
95:2c:db:54:0a:a3:69:f4:2f:6e:ac:68:44:37:09:
57:8e:1a:00:8e:9d:00:9f:64:5c:b3:7b:88:d9:04:
a7:8e:14:bc:28:73:ad:3a:58:d2:46:05:d4:22:ec:
c0:55:35:1d:1f:71:c5:82:55:60:eb:8c:69:08:85:
9b:8e:87:ce:01:f0:c1:ac:6f:4c:2b:87:6b:ad:88:
3e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:02:FC:DF:68:00:E8:C8:04:88:09:70:52:EB:2C:7D:F6:07:D7:32
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/SQL832gA6MgEiAlwUussffYH1zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.192.0/21
5.175.64.0/20
84.254.128.0/18
88.202.0.0/17
95.210.0.0/16
176.227.128.0/20
213.209.160.0/19
IPv6:
2a00:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:97:68:6b:5a:8e:49:db:4f:16:be:3a:d3:47:9c:40:61:df:
53:c1:93:7b:f8:46:d8:64:45:dc:7e:13:33:43:a1:85:27:b3:
8b:37:97:e2:a8:40:d0:0d:75:40:52:cf:2f:f9:88:3c:3a:d8:
9e:ce:d1:37:99:ff:0f:8f:8c:a1:d4:fd:42:24:2c:f5:08:9c:
85:4a:9d:9a:a4:c7:aa:6c:bf:b8:22:4b:c1:1b:42:7d:4e:2d:
67:14:5e:e9:63:45:24:4c:7e:76:ca:78:6c:b2:c2:b1:7c:77:
2d:7b:3f:f0:85:1d:db:cb:4d:eb:af:fb:e8:d0:1b:9d:dd:3b:
78:55:cc:90:bf:ba:7c:99:59:df:99:d2:98:4c:74:82:d8:6e:
6e:c9:29:e9:22:f6:4f:84:44:f2:35:5e:02:70:53:eb:b9:3f:
a0:e0:c2:40:5f:c3:90:6d:e6:e0:30:ae:64:a0:04:9c:36:9d:
21:d8:fe:dc:40:01:2e:f8:23:01:54:06:ed:99:1c:52:4f:e9:
0e:d5:17:d9:d4:ac:1c:b8:ec:57:84:93:bc:f6:fe:5d:54:5c:
b5:62:9d:83:4b:83:9d:19:e3:43:2a:43:90:a7:6a:3f:5e:ee:
0b:4c:7e:80:af:12:14:32:e8:f0:be:b9:68:c8:b1:49:1f:7a:
36:13:8b:2a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEAcvOhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzU1NzAyNDY3NzcwZWQ2OWIzNjdiNzdiYmU2NDBiYzZkYjQxNTNlMB4XDTIyMDMy
OTE1NDIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDkwMmZjZGY2ODAw
ZThjODA0ODgwOTcwNTJlYjJjN2RmNjA3ZDczMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJj0jXJH+wIwynEpJmiBmU/sbuRmj35CY+eeiGud7reRGnn
CJIbptBbjItYhGpyQxnX0cEhIg/kpx21Ye/pk5i1E8GHM3avqVA+KjbU+jdJA284
63pbzE3cyUIX//On+pLoSDyP4MhI4+SSNhlYlB9bUVLyfZmd5OcBqANuLp8+Ewbi
j3KWWTk1TGeyqglzRH3RL8lVmRHgCPZi/K7MiRgDYS5zziQYTmpYPcvN2r87ey32
lSzbVAqjafQvbqxoRDcJV44aAI6dAJ9kXLN7iNkEp44UvChzrTpY0kYF1CLswFU1
HR9xxYJVYOuMaQiFm46HzgHwwaxvTCuHa62IPuUCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRJAvzfaADoyASICXBS6yx99gfXMjAfBgNVHSMEGDAWgBTHVXAkZ3cO1ps2
e3e75kC8bbQVPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gxVndKR2QzRHRhYk5udDN1LVpBdkcyMEZUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8x
L1NRTDgzMmdBNk1nRWlBbHdVdXNzZmZZSDF6SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8xL3gxVndKR2QzRHRh
Yk5udDN1LVpBdkcyMEZUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEAwU9wAMEBAWvQAMEBlT+gAMEB1jK
AAMDAF/SAwQEsOOAAwQF1dGgMA0EAgACMAcDBQAqAAygMA0GCSqGSIb3DQEBCwUA
A4IBAQB7l2hrWo5J208WvjrTR5xAYd9TwZN7+EbYZEXcfhMzQ6GFJ7OLN5fiqEDQ
DXVAUs8v+Yg8OtieztE3mf8Pj4yh1P1CJCz1CJyFSp2apMeqbL+4IkvBG0J9Ti1n
FF7pY0UkTH52ynhsssKxfHctez/whR3by03rr/vo0Bud3Tt4VcyQv7p8mVnfmdKY
THSC2G5uySnpIvZPhETyNV4CcFPruT+g4MJAX8OQbebgMK5koAScNp0h2P7cQAEu
+CMBVAbtmRxST+kO1RfZ1KwcuOxXhJO89v5dVFy1Yp2DS4OdGeNDKkOQp2o/Xu4L
TH6ArxIUMujwvrloyLFJH3o2E4sq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:19 2025 by rpki-client