Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/5SC9LlpQ95IsAuURa0v6Y0OQXrs.roa
File: 5SC9LlpQ95IsAuURa0v6Y0OQXrs.roa (raw, json)
Hash identifier: 4+OBinOj5W6pzqnCol/hkkaINIe8WYDJt3oA9bXCLiU=
Subject key identifier: E5:20:BD:2E:5A:50:F7:92:2C:02:E5:11:6B:4B:FA:63:43:90:5E:BB
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 018CC7947098EDD49F836B7B697D3776B01E
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/5SC9LlpQ95IsAuURa0v6Y0OQXrs.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 31.186.28.0/24 maxlen: 24
31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 17 Jan 2024 07:54:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:70:98:ed:d4:9f:83:6b:7b:69:7d:37:76:b0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e520bd2e5a50f7922c02e5116b4bfa6343905ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8a:9d:d4:1a:53:30:8f:8f:37:0b:9e:ae:b0:
73:79:7b:4b:75:a2:89:b0:8a:73:4f:30:71:3f:76:
ea:bd:61:c8:39:e6:33:79:d4:3d:c9:95:ff:4a:da:
63:61:d0:90:ad:c5:62:8a:5d:b5:fd:b8:dc:4f:6b:
1c:02:44:cc:fa:ca:06:45:53:f3:2b:a7:ee:a6:cb:
51:5c:d2:b3:74:ea:21:6b:93:c5:ca:01:18:6c:80:
14:e9:fc:24:6f:a6:92:d7:bd:7a:ba:2c:15:74:67:
85:c2:5e:47:af:7b:28:f8:e7:2a:66:e3:fe:11:7a:
56:05:02:25:59:21:d0:0b:7f:7c:f3:f4:6a:2b:65:
8a:0d:6b:95:e3:1e:c2:ec:8e:cf:10:dd:c7:fc:28:
ba:b8:03:2a:f0:0e:87:b9:d6:a6:c9:79:01:44:be:
99:37:79:da:9e:58:8f:45:56:bb:61:f4:92:ab:35:
ba:0d:d2:72:a2:6d:55:49:dd:d8:a9:2e:75:2b:1c:
8b:e8:6f:d4:a4:e9:34:50:fb:ec:e8:df:9b:98:cd:
57:34:9e:b2:22:8b:ba:32:5d:e6:67:c1:26:1f:91:
00:fe:bc:5f:dc:2c:13:ff:cb:ad:f8:fa:9b:89:d9:
c4:dd:6f:03:36:c2:1e:29:fc:21:57:a8:c3:85:4d:
89:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:20:BD:2E:5A:50:F7:92:2C:02:E5:11:6B:4B:FA:63:43:90:5E:BB
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/5SC9LlpQ95IsAuURa0v6Y0OQXrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.5.255
31.186.7.0/24
31.186.9.0-31.186.20.255
31.186.28.0/24
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:5c:fe:e6:5f:50:86:2d:65:13:27:0a:b6:d2:3d:f4:80:39:
b1:f8:64:81:44:75:3c:53:1c:57:9e:96:8b:f7:dd:be:b3:e2:
88:54:ae:c1:ea:f8:a2:02:1c:27:1c:1c:77:12:92:38:5a:33:
3f:4c:4a:06:9d:f2:47:9f:c8:ae:21:2b:08:3c:38:e9:49:bb:
10:e6:71:d2:1c:3a:03:82:f1:72:58:3a:4b:8a:de:eb:0a:c6:
16:3b:ac:21:18:b1:11:f1:7a:dd:37:47:66:9d:b3:8b:85:9a:
2d:62:cc:03:f9:f7:3f:24:2f:5e:b4:f1:0e:cf:40:00:4c:e9:
25:ac:38:6c:fe:ad:b1:40:00:f1:8f:e7:6f:bd:c2:35:9b:ec:
2a:2e:f7:80:44:d3:c8:8d:24:f6:9d:25:8c:43:a2:d2:23:fa:
24:95:bd:47:18:86:f7:35:6d:03:1d:4b:43:8d:c3:0c:ab:7a:
2c:2c:45:ce:53:b4:64:e2:c1:ee:1b:63:db:0c:0b:62:25:44:
6a:34:c7:b9:0d:9a:90:a3:e4:52:41:91:b0:04:71:f1:20:9f:
70:a6:7f:37:d8:b9:63:66:86:8c:79:50:71:63:db:17:20:f3:
47:d1:83:d1:18:fd:b7:9d:7a:8e:1c:b5:4b:9b:d3:98:ba:d8:
bd:3f:ed:cd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzHlHCY7dSfg2t7aX03drAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWYyYzcxNjZiYjM0YTY5NmZkZTJmYmFjZWY0MDAxYjBh
OGU3ZTIwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIwYmQyZTVhNTBmNzkyMmMwMmU1MTE2YjRiZmE2MzQzOTA1ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoqd1BpTMI+PNwuerrBzeXtLdaKJ
sIpzTzBxP3bqvWHIOeYzedQ9yZX/StpjYdCQrcViil21/bjcT2scAkTM+soGRVPz
K6fupstRXNKzdOoha5PFygEYbIAU6fwkb6aS1716uiwVdGeFwl5Hr3so+OcqZuP+
EXpWBQIlWSHQC3988/RqK2WKDWuV4x7C7I7PEN3H/Ci6uAMq8A6HudamyXkBRL6Z
N3nanliPRVa7YfSSqzW6DdJyom1VSd3YqS51KxyL6G/UpOk0UPvs6N+bmM1XNJ6y
Iou6Ml3mZ8EmH5EA/rxf3CwT/8ut+PqbidnE3W8DNsIeKfwhV6jDhU2JuwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOUgvS5aUPeSLALlEWtL+mNDkF67MB8GA1UdIwQY
MBaAFIavLHFmuzSmlv3i+6zvQAGwqOfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEt
ZTRmNTg3MDQ4MDRlLzEvNVNDOUxscFE5NUlzQXVVUmEwdjZZME9RWHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEtZTRmNTg3MDQ4MDRl
LzEvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAuBAIAATAoMAwDBAEfugID
BAEfugQDBAAfugcwDAMEAB+6CQMEAB+6FAMEAB+6HDAcBAIAAjAWMBQDCAEqDaAA
AAAKAwgAKg2gAAAAGjANBgkqhkiG9w0BAQsFAAOCAQEAD1z+5l9Qhi1lEycKttI9
9IA5sfhkgUR1PFMcV56Wi/fdvrPiiFSuwer4ogIcJxwcdxKSOFozP0xKBp3yR5/I
riErCDw46Um7EOZx0hw6A4Lxclg6S4re6wrGFjusIRixEfF63TdHZp2zi4WaLWLM
A/n3PyQvXrTxDs9AAEzpJaw4bP6tsUAA8Y/nb73CNZvsKi73gETTyI0k9p0ljEOi
0iP6JJW9RxiG9zVtAx1LQ43DDKt6LCxFzlO0ZOLB7htj2wwLYiVEajTHuQ2akKPk
UkGRsARx8SCfcKZ/N9i5Y2aGjHlQcWPbFyDzR9GD0Rj9t516jhy1S5vTmLrYvT/t
zQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:34 2024 by rpki-client on console-fra.rpki-client.org