Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/_jmsbvGYjy5Hm_JOS6AGoSzp8BE.roa
File: _jmsbvGYjy5Hm_JOS6AGoSzp8BE.roa (raw, json)
Hash identifier: v5SIuClt5WFRrJUaoC97QtJsm63FawBiijjGqE8UVbw=
Subject key identifier: FE:39:AC:6E:F1:98:8F:2E:47:9B:F2:4E:4B:A0:06:A1:2C:E9:F0:11
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 018570D5375959A2C396ABB7814023A63F21
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/_jmsbvGYjy5Hm_JOS6AGoSzp8BE.roa
Signing time: Mon 02 Jan 2023 04:54:59 +0000
ROA not before: Mon 02 Jan 2023 04:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 31.186.28.0/24 maxlen: 24
31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:37:59:59:a2:c3:96:ab:b7:81:40:23:a6:3f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Jan 2 04:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe39ac6ef1988f2e479bf24e4ba006a12ce9f011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:60:6c:a6:fb:33:b4:12:8b:4a:3a:f3:e7:f2:
ee:fe:bc:00:0e:11:5c:91:1c:7a:0a:a5:21:de:08:
46:48:7e:8e:f4:ad:ea:3b:3b:84:9b:62:43:18:d7:
3e:4a:a8:5c:e6:a6:11:9c:4c:d7:ce:ba:bb:50:91:
4d:be:29:a3:99:a4:49:40:93:b3:24:99:9f:69:83:
12:e2:18:20:10:6f:6c:0e:9e:3d:90:4e:a5:53:9b:
57:e6:99:dd:07:19:5e:7e:26:55:81:12:fa:55:96:
9f:3f:03:90:2b:c6:0e:d3:c3:a5:c8:e5:b0:3d:1e:
7c:bd:9e:a6:8f:26:86:eb:05:23:8c:fb:82:d6:6d:
c2:3b:bc:c8:41:e9:e2:95:95:29:b4:13:c5:93:b3:
a2:51:f2:97:ad:da:26:ec:ce:c3:5d:fc:b4:7e:64:
a7:da:5e:c2:fc:f9:af:e5:22:2a:9b:ef:8c:de:09:
78:be:78:48:16:4c:22:f6:7f:8a:4f:8d:6d:d9:37:
98:fc:20:e5:b2:d1:93:a8:df:ea:5f:54:f6:cb:ca:
cf:a7:6e:a5:b3:46:7b:e2:0e:20:89:35:0c:43:56:
3e:6f:54:f2:65:df:34:cc:04:59:31:23:01:82:45:
ca:a2:0b:ce:8a:aa:e1:4d:b1:b3:ad:15:a4:ec:d2:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:39:AC:6E:F1:98:8F:2E:47:9B:F2:4E:4B:A0:06:A1:2C:E9:F0:11
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/_jmsbvGYjy5Hm_JOS6AGoSzp8BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.5.255
31.186.7.0/24
31.186.9.0-31.186.20.255
31.186.28.0/24
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:c8:f1:77:0e:0c:0b:2a:40:05:41:c4:0a:ba:d8:0f:1e:a4:
ee:7e:29:5e:d0:49:ef:9c:6e:10:e8:c1:bc:fd:38:34:2c:ea:
63:ba:03:7b:83:16:21:fc:5f:7b:01:1e:c5:17:0c:e6:31:b0:
ae:3d:b1:ad:53:26:f5:cd:97:28:e1:06:44:2d:ac:6b:69:80:
b5:e1:7e:cc:06:13:58:0b:2f:a8:7e:68:2d:ab:f4:bc:68:6b:
2d:1b:ea:80:fb:98:40:1f:c9:6a:5a:f1:8a:91:be:2b:20:40:
75:82:09:d1:79:97:0b:5f:7c:52:75:3f:81:c6:7e:97:e4:77:
8c:ca:66:17:e0:ea:ae:ca:ad:bc:bf:cf:1d:8d:69:de:7e:09:
af:fb:6f:72:52:50:84:e8:57:87:09:49:85:47:24:ae:40:1e:
31:24:a2:17:af:ef:41:ed:83:cd:9c:bb:97:42:28:b5:96:4d:
ee:04:61:ac:80:e9:f0:f1:9a:cb:aa:4e:d9:e5:9f:6d:15:8a:
41:84:6a:30:0d:78:f8:22:49:02:80:9d:bd:d9:d5:bd:ed:6a:
59:03:70:8e:e0:20:dd:3b:fd:d5:66:10:69:34:31:3e:fb:a0:
5a:ac:69:4a:4e:b9:5f:9f:2a:ea:ed:70:20:63:18:b7:83:70:
0e:39:48:17
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVw1TdZWaLDlqu3gUAjpj8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWYyYzcxNjZiYjM0YTY5NmZkZTJmYmFjZWY0MDAxYjBh
OGU3ZTIwHhcNMjMwMTAyMDQ1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTM5YWM2ZWYxOTg4ZjJlNDc5YmYyNGU0YmEwMDZhMTJjZTlmMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGBspvsztBKLSjrz5/Lu/rwADhFc
kRx6CqUh3ghGSH6O9K3qOzuEm2JDGNc+Sqhc5qYRnEzXzrq7UJFNvimjmaRJQJOz
JJmfaYMS4hggEG9sDp49kE6lU5tX5pndBxlefiZVgRL6VZafPwOQK8YO08OlyOWw
PR58vZ6mjyaG6wUjjPuC1m3CO7zIQenilZUptBPFk7OiUfKXrdom7M7DXfy0fmSn
2l7C/Pmv5SIqm++M3gl4vnhIFkwi9n+KT41t2TeY/CDlstGTqN/qX1T2y8rPp26l
s0Z74g4giTUMQ1Y+b1TyZd80zARZMSMBgkXKogvOiqrhTbGzrRWk7NKRewIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFP45rG7xmI8uR5vyTkugBqEs6fARMB8GA1UdIwQY
MBaAFIavLHFmuzSmlv3i+6zvQAGwqOfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEt
ZTRmNTg3MDQ4MDRlLzEvX2ptc2J2R1lqeTVIbV9KT1M2QUdvU3pwOEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEtZTRmNTg3MDQ4MDRl
LzEvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAuBAIAATAoMAwDBAEfugID
BAEfugQDBAAfugcwDAMEAB+6CQMEAB+6FAMEAB+6HDAcBAIAAjAWMBQDCAEqDaAA
AAAKAwgAKg2gAAAAGjANBgkqhkiG9w0BAQsFAAOCAQEAAcjxdw4MCypABUHECrrY
Dx6k7n4pXtBJ75xuEOjBvP04NCzqY7oDe4MWIfxfewEexRcM5jGwrj2xrVMm9c2X
KOEGRC2sa2mAteF+zAYTWAsvqH5oLav0vGhrLRvqgPuYQB/JalrxipG+KyBAdYIJ
0XmXC198UnU/gcZ+l+R3jMpmF+DqrsqtvL/PHY1p3n4Jr/tvclJQhOhXhwlJhUck
rkAeMSSiF6/vQe2DzZy7l0IotZZN7gRhrIDp8PGay6pO2eWfbRWKQYRqMA14+CJJ
AoCdvdnVve1qWQNwjuAg3Tv91WYQaTQxPvugWqxpSk65X58q6u1wIGMYt4NwDjlI
Fw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:56 2025 by rpki-client