Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/23YOevYctsYYcliXHLXeRQ3Us-I.roa
File: 23YOevYctsYYcliXHLXeRQ3Us-I.roa (raw, json)
Hash identifier: JP5NniDgSACG51D66vK3yvtHe4c6EoiT5SEMhPFpbMs=
Subject key identifier: DB:76:0E:7A:F6:1C:B6:C6:18:72:58:97:1C:B5:DE:45:0D:D4:B3:E2
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 01932F0051CE9EA6D549B51AB1EE202B6188
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/23YOevYctsYYcliXHLXeRQ3Us-I.roa
Signing time: Fri 15 Nov 2024 08:46:10 +0000
ROA not before: Fri 15 Nov 2024 08:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197720
IP address blocks: 31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.6.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.8.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
31.186.21.0/24 maxlen: 24
31.186.23.0/24 maxlen: 24
31.186.28.0/24 maxlen: 24
31.186.29.0/24 maxlen: 24
31.186.30.0/24 maxlen: 24
31.186.31.0/24 maxlen: 24
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:00:51:ce:9e:a6:d5:49:b5:1a:b1:ee:20:2b:61:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Nov 15 08:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db760e7af61cb6c6187258971cb5de450dd4b3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a9:b9:dc:1a:ac:17:7a:6b:57:0d:5a:45:f1:
4e:58:53:e8:d6:db:52:ae:1e:04:a2:5b:c0:60:fe:
af:e6:8f:53:ac:4e:64:9d:a4:12:ce:08:9b:31:1e:
79:08:86:21:23:09:79:3c:08:de:28:60:30:de:d2:
24:2c:40:f5:00:31:b3:19:af:e0:f2:ec:bb:8d:24:
32:27:f5:1d:54:30:d9:a9:81:ce:7f:81:d8:fb:27:
fc:ef:b4:98:29:d3:a5:08:1d:90:af:53:20:3a:34:
be:d6:24:3b:ef:bb:b7:aa:7f:43:8d:df:8c:01:25:
78:ff:ae:75:31:99:a4:83:b9:89:1d:ed:ae:2a:ae:
14:74:e6:c8:1a:4a:62:3b:b3:24:2a:d7:f5:49:76:
45:c5:80:c4:f4:6a:f4:40:4f:bd:0f:c3:c2:dc:08:
e9:98:12:59:32:48:b5:26:f9:4b:6a:fd:6a:bb:7e:
23:98:d5:05:6b:72:23:67:77:23:80:3f:bd:1a:97:
87:97:77:b2:30:e5:45:71:c9:90:9d:6d:26:34:28:
de:91:a1:6f:05:c2:35:61:ef:0d:4d:f2:c6:6e:1a:
be:f1:18:fb:2f:b5:1a:99:44:41:3e:b1:9d:68:72:
72:c1:2f:b0:42:3e:79:37:9b:7d:20:e9:1e:c5:de:
b8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:76:0E:7A:F6:1C:B6:C6:18:72:58:97:1C:B5:DE:45:0D:D4:B3:E2
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/23YOevYctsYYcliXHLXeRQ3Us-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.21.255
31.186.23.0/24
31.186.28.0/22
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:19:90:16:f3:9c:82:c8:38:ab:df:12:26:d9:30:85:64:a3:
e1:8d:f9:c9:f3:4c:6f:67:3b:32:0a:ad:dc:5c:25:d4:de:03:
09:ed:7b:20:6a:e5:39:31:23:c2:61:f4:06:7d:41:ce:9f:30:
fd:52:9c:27:f3:4b:fe:85:bf:64:47:b8:68:04:fa:73:42:fb:
bf:5f:56:d4:3a:39:e6:db:9d:57:41:a9:e2:41:e3:1d:ef:be:
b4:97:32:fd:98:47:2a:d3:09:b8:46:a3:5b:55:54:19:ae:ef:
45:a3:6d:29:38:54:67:41:6a:52:9f:bc:8e:a2:e8:4c:be:b0:
28:74:27:df:fd:a2:58:48:06:eb:65:dc:6d:6b:37:7f:c3:7f:
e5:48:1a:85:b9:77:94:d7:2c:99:3e:ff:87:4d:03:c5:d5:d8:
bc:16:28:5c:06:e4:11:fe:84:bf:e0:f8:ec:94:d2:0f:06:a8:
e3:de:20:99:6d:2c:3a:fc:72:68:03:1d:5a:f4:1b:b7:db:04:
0d:9c:5f:99:f9:a8:19:18:ca:1e:c3:d1:40:09:47:80:f6:45:
32:2e:47:26:02:94:a5:c3:63:da:98:a5:c4:bc:a5:e6:6e:ac:
d1:ba:e1:1e:91:f9:86:2b:bb:33:1b:3f:34:fc:cd:f4:ce:e0:
74:80:0b:3b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZMvAFHOnqbVSbUase4gK2GIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWYyYzcxNjZiYjM0YTY5NmZkZTJmYmFjZWY0MDAxYjBh
OGU3ZTIwHhcNMjQxMTE1MDg0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc2MGU3YWY2MWNiNmM2MTg3MjU4OTcxY2I1ZGU0NTBkZDRiM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6m53BqsF3prVw1aRfFOWFPo1ttS
rh4EolvAYP6v5o9TrE5knaQSzgibMR55CIYhIwl5PAjeKGAw3tIkLED1ADGzGa/g
8uy7jSQyJ/UdVDDZqYHOf4HY+yf877SYKdOlCB2Qr1MgOjS+1iQ777u3qn9Djd+M
ASV4/651MZmkg7mJHe2uKq4UdObIGkpiO7MkKtf1SXZFxYDE9Gr0QE+9D8PC3Ajp
mBJZMki1JvlLav1qu34jmNUFa3IjZ3cjgD+9GpeHl3eyMOVFccmQnW0mNCjekaFv
BcI1Ye8NTfLGbhq+8Rj7L7UamURBPrGdaHJywS+wQj55N5t9IOkexd64rwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNt2Dnr2HLbGGHJYlxy13kUN1LPiMB8GA1UdIwQY
MBaAFIavLHFmuzSmlv3i+6zvQAGwqOfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEt
ZTRmNTg3MDQ4MDRlLzEvMjNZT2V2WWN0c1lZY2xpWEhMWGVSUTNVcy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEtZTRmNTg3MDQ4MDRl
LzEvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAgBAIAATAaMAwDBAEfugID
BAEfuhQDBAAfuhcDBAIfuhwwHAQCAAIwFjAUAwgBKg2gAAAACgMIACoNoAAAABow
DQYJKoZIhvcNAQELBQADggEBACoZkBbznILIOKvfEibZMIVko+GN+cnzTG9nOzIK
rdxcJdTeAwnteyBq5TkxI8Jh9AZ9Qc6fMP1SnCfzS/6Fv2RHuGgE+nNC+79fVtQ6
OebbnVdBqeJB4x3vvrSXMv2YRyrTCbhGo1tVVBmu70WjbSk4VGdBalKfvI6i6Ey+
sCh0J9/9olhIButl3G1rN3/Df+VIGoW5d5TXLJk+/4dNA8XV2LwWKFwG5BH+hL/g
+OyU0g8GqOPeIJltLDr8cmgDHVr0G7fbBA2cX5n5qBkYyh7D0UAJR4D2RTIuRyYC
lKXDY9qYpcS8peZurNG64R6R+YYruzMbPzT8zfTO4HSACzs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:30 2025 by rpki-client