Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/9ryUvExrIGYyHnyjucyFCEFt4aA.roa
File: 9ryUvExrIGYyHnyjucyFCEFt4aA.roa (raw, json)
Hash identifier: 3HIbpGHa8DRhYHZTJN10vNsxZr8FW2RaWn+7DrvCUVo=
Subject key identifier: F6:BC:94:BC:4C:6B:20:66:32:1E:7C:A3:B9:CC:85:08:41:6D:E1:A0
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 0419B28C
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/9ryUvExrIGYyHnyjucyFCEFt4aA.roa
Signing time: Wed 22 Jun 2022 12:18:30 +0000
ROA not before: Wed 22 Jun 2022 12:18:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 31.186.28.0/24 maxlen: 24
31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68792972 (0x419b28c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Jun 22 12:18:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6bc94bc4c6b2066321e7ca3b9cc8508416de1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:eb:5d:13:02:5c:1d:18:67:63:da:ee:d1:e5:
01:62:c6:c1:90:18:37:74:8c:e1:5f:98:9f:48:75:
8d:02:d9:cb:cc:69:e7:c7:24:92:53:5f:28:1c:4e:
6b:09:09:aa:04:d2:1e:76:6e:fa:64:13:67:22:63:
55:2b:86:bf:98:f2:77:c4:50:d4:f7:4b:d7:52:7f:
ae:46:dc:20:de:08:21:ad:a3:6e:74:fa:12:35:f9:
8e:ac:c2:af:37:0b:5d:26:2f:e8:ca:95:51:4e:f3:
2e:a0:d6:84:6e:a4:ec:c8:c3:67:6e:0f:b4:aa:bf:
31:28:64:12:31:38:74:04:76:4d:b6:87:69:77:90:
bd:52:03:06:b3:6e:76:03:d2:98:1b:a7:82:1e:4c:
dc:36:db:0e:19:f1:e2:03:c9:6b:dc:0c:73:26:35:
23:32:c0:13:01:bf:71:64:af:87:5b:81:02:88:9f:
59:30:c1:4e:ee:5f:8b:da:b0:bd:7a:62:85:c6:a2:
e3:37:00:d5:5d:aa:0b:b5:9e:7f:57:67:38:c6:1e:
27:00:0d:a5:eb:10:f5:34:34:85:c0:1e:2f:ad:e8:
19:69:3f:fd:ef:38:1e:f2:c8:f1:d0:67:69:bc:7d:
6a:7a:a3:14:33:b4:2c:5c:b3:01:7d:6b:f5:9c:2e:
fa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BC:94:BC:4C:6B:20:66:32:1E:7C:A3:B9:CC:85:08:41:6D:E1:A0
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/9ryUvExrIGYyHnyjucyFCEFt4aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.5.255
31.186.7.0/24
31.186.9.0-31.186.20.255
31.186.28.0/24
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:03:e0:b1:3c:52:e7:ab:7e:c0:5b:ce:b6:d0:2d:93:2f:c7:
a3:48:7f:6a:3f:2e:a8:1a:d8:b3:56:b5:7a:c8:0e:14:e6:e3:
38:26:46:62:84:29:e2:ea:6a:09:00:0b:8c:d9:9e:21:cb:64:
5c:04:61:d7:91:43:0a:a8:84:66:ce:f7:c4:44:d7:6a:13:3c:
36:e5:89:3a:dc:ed:2c:1e:fe:b3:b8:8a:5c:9c:a0:f6:97:b4:
f3:7b:d2:6c:72:11:07:0f:5e:47:f9:9c:87:f5:d7:6a:53:cb:
6c:f6:4e:26:ea:a0:65:5f:0f:ce:33:00:b8:a6:d0:a3:82:8d:
c6:98:40:40:ad:29:68:3b:f1:f8:23:02:20:d8:af:ed:78:bd:
5c:4e:27:58:c4:a8:87:41:f9:c1:88:98:9d:33:96:c0:0d:8a:
9a:8f:32:6c:b7:4f:1c:30:af:72:d2:a2:ed:48:87:72:68:9e:
56:fd:0e:13:47:e4:6d:01:f2:4f:69:c9:59:96:75:1b:8f:ed:
70:01:be:c1:85:f7:c2:b7:9d:17:6d:59:28:60:30:e2:a4:2e:
05:8d:0a:cd:98:2e:52:03:e7:39:d7:fb:0b:e2:00:bb:d3:b4:
a0:b5:00:c6:0c:db:13:75:56:84:45:a7:a7:81:6a:62:9b:49:
c9:34:9a:09
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEBBmyjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmFmMmM3MTY2YmIzNGE2OTZmZGUyZmJhY2VmNDAwMWIwYThlN2UyMB4XDTIyMDYy
MjEyMTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZiYzk0YmM0YzZi
MjA2NjMyMWU3Y2EzYjljYzg1MDg0MTZkZTFhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPrXRMCXB0YZ2Pa7tHlAWLGwZAYN3SM4V+Yn0h1jQLZy8xp
58ckklNfKBxOawkJqgTSHnZu+mQTZyJjVSuGv5jyd8RQ1PdL11J/rkbcIN4IIa2j
bnT6EjX5jqzCrzcLXSYv6MqVUU7zLqDWhG6k7MjDZ24PtKq/MShkEjE4dAR2TbaH
aXeQvVIDBrNudgPSmBungh5M3DbbDhnx4gPJa9wMcyY1IzLAEwG/cWSvh1uBAoif
WTDBTu5fi9qwvXpihcai4zcA1V2qC7Wef1dnOMYeJwANpesQ9TQ0hcAeL63oGWk/
/e84HvLI8dBnabx9anqjFDO0LFyzAX1r9Zwu+vMCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBT2vJS8TGsgZjIefKO5zIUIQW3hoDAfBgNVHSMEGDAWgBSGryxxZrs0ppb9
4vus70ABsKjn4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hxOHNjV2E3TkthV19lTDdyTzlBQWJDbzUtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvZjhmNjZkLThhNDctNDQzMS1hZjUxLWU0ZjU4NzA0ODA0ZS8x
LzlyeVV2RXhySUdZeUhueWp1Y3lGQ0VGdDRhQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
ZjhmNjZkLThhNDctNDQzMS1hZjUxLWU0ZjU4NzA0ODA0ZS8xL2hxOHNjV2E3Tkth
V19lTDdyTzlBQWJDbzUtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wLgQCAAEwKDAMAwQBH7oCAwQBH7oEAwQAH7oHMAwD
BAAfugkDBAAfuhQDBAAfuhwwHAQCAAIwFjAUAwgBKg2gAAAACgMIACoNoAAAABow
DQYJKoZIhvcNAQELBQADggEBAFcD4LE8UuerfsBbzrbQLZMvx6NIf2o/Lqga2LNW
tXrIDhTm4zgmRmKEKeLqagkAC4zZniHLZFwEYdeRQwqohGbO98RE12oTPDbliTrc
7Swe/rO4ilycoPaXtPN70mxyEQcPXkf5nIf112pTy2z2TibqoGVfD84zALim0KOC
jcaYQECtKWg78fgjAiDYr+14vVxOJ1jEqIdB+cGImJ0zlsANipqPMmy3Txwwr3LS
ou1Ih3Jonlb9DhNH5G0B8k9pyVmWdRuP7XABvsGF98K3nRdtWShgMOKkLgWNCs2Y
LlID5znX+wviALvTtKC1AMYM2xN1VoRFp6eBamKbSck0mgk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:04 2023 by rpki-client on console-ams.rpki-client.org