Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/m7Ra4WavuyOPUia2bjZppUoaW78.roa
File: m7Ra4WavuyOPUia2bjZppUoaW78.roa (raw, json)
Hash identifier: bxmdqqXCaHn36d5b70FYpjbV25q5r7lskpIA4zQd3pw=
Subject key identifier: 9B:B4:5A:E1:66:AF:BB:23:8F:52:26:B6:6E:36:69:A5:4A:1A:5B:BF
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 02943EDB
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/m7Ra4WavuyOPUia2bjZppUoaW78.roa
Signing time: Sat 01 Jan 2022 02:55:33 +0000
ROA not before: Sat 01 Jan 2022 02:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43269851 (0x2943edb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Jan 1 02:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bb45ae166afbb238f5226b66e3669a54a1a5bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:be:bc:e2:6f:31:95:33:60:fe:96:d5:8e:df:
fe:e8:3a:42:10:ce:f4:0d:f5:38:a2:c0:40:66:e9:
49:d9:4f:01:1f:8c:6e:e1:62:40:38:a5:81:64:69:
2a:78:d9:71:3d:55:e4:c0:6b:17:a1:c8:31:f6:8c:
38:40:ef:0f:f1:48:7d:9b:96:e5:4b:41:87:cf:79:
d9:1e:fe:1b:d5:1f:98:4f:02:0d:e5:cd:83:01:34:
c0:a5:38:01:89:ed:0d:34:d5:5a:7a:6c:fb:e1:a2:
8d:0a:a6:08:43:a6:10:b8:31:47:e1:91:b4:98:46:
38:39:86:0a:95:8e:bc:f0:95:4e:1b:c4:94:f7:f6:
7e:fb:c6:dd:00:a5:77:c4:d8:17:b0:e2:fc:57:aa:
26:c3:29:7e:f4:9f:fd:f7:e1:2a:cf:a9:f3:d0:b8:
de:0c:d5:28:f4:34:06:9d:ba:88:d7:6f:bd:0e:bc:
77:2f:89:95:fc:29:40:42:e0:7e:a3:86:b8:22:6b:
84:08:19:4d:7f:8e:43:51:59:56:25:fa:78:40:24:
5b:99:4d:69:05:8c:d2:ce:cb:06:16:f7:a1:57:06:
f1:a1:bf:ca:2c:fa:85:27:ad:fe:d9:8e:ae:92:90:
cc:84:bb:25:38:86:9f:19:a8:2b:66:64:ee:aa:a7:
e2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B4:5A:E1:66:AF:BB:23:8F:52:26:B6:6E:36:69:A5:4A:1A:5B:BF
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/m7Ra4WavuyOPUia2bjZppUoaW78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.5.255
31.186.7.0/24
31.186.9.0-31.186.20.255
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:cd:d1:f8:35:03:52:d7:71:b7:40:df:ae:66:65:45:45:19:
c4:f6:64:67:04:0b:ae:35:66:ee:da:99:53:f1:e6:df:d9:1b:
2b:8d:1d:41:fe:2d:e7:b9:0d:4a:99:25:31:a3:9f:47:ec:3c:
e6:b5:07:f9:a1:1c:94:f4:3b:c6:73:f1:84:b0:52:5a:40:ef:
81:46:e2:f3:ac:ac:68:fe:bd:ed:2c:1f:80:f4:00:e1:44:49:
a3:8e:6d:01:9f:1b:07:15:0e:27:2c:fd:7d:e6:63:2f:db:67:
7c:fe:a7:8d:9e:80:43:4d:f6:4d:b1:46:ee:c6:bc:a5:e8:d3:
68:47:c8:3a:92:cc:a1:59:c5:26:d6:19:48:2b:27:dc:13:84:
7e:17:9e:30:ac:3c:17:95:87:97:ea:c8:63:89:f6:64:d8:86:
0b:19:ae:40:f7:d2:65:03:ff:9f:d8:b8:1a:84:5a:18:4c:77:
1f:4d:7b:33:23:0d:bd:b2:a6:dd:1c:c7:9d:d7:74:60:65:aa:
39:e3:bc:40:3e:08:3b:cd:cc:c1:bb:8e:ea:c2:ea:fd:bd:46:
1c:b4:5f:be:fe:ca:6b:56:f6:9c:d2:ee:24:69:78:0f:bc:da:
4b:9b:a5:97:69:bf:07:3c:e4:2a:91:19:d7:b9:0f:b3:c2:7e:
27:68:11:fa
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEApQ+2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmFmMmM3MTY2YmIzNGE2OTZmZGUyZmJhY2VmNDAwMWIwYThlN2UyMB4XDTIyMDEw
MTAyNTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJiNDVhZTE2NmFm
YmIyMzhmNTIyNmI2NmUzNjY5YTU0YTFhNWJiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKS+vOJvMZUzYP6W1Y7f/ug6QhDO9A31OKLAQGbpSdlPAR+M
buFiQDilgWRpKnjZcT1V5MBrF6HIMfaMOEDvD/FIfZuW5UtBh8952R7+G9UfmE8C
DeXNgwE0wKU4AYntDTTVWnps++GijQqmCEOmELgxR+GRtJhGODmGCpWOvPCVThvE
lPf2fvvG3QCld8TYF7Di/FeqJsMpfvSf/ffhKs+p89C43gzVKPQ0Bp26iNdvvQ68
dy+JlfwpQELgfqOGuCJrhAgZTX+OQ1FZViX6eEAkW5lNaQWM0s7LBhb3oVcG8aG/
yiz6hSet/tmOrpKQzIS7JTiGnxmoK2Zk7qqn4lkCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSbtFrhZq+7I49SJrZuNmmlShpbvzAfBgNVHSMEGDAWgBSGryxxZrs0ppb9
4vus70ABsKjn4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hxOHNjV2E3TkthV19lTDdyTzlBQWJDbzUtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvZjhmNjZkLThhNDctNDQzMS1hZjUxLWU0ZjU4NzA0ODA0ZS8x
L203UmE0V2F2dXlPUFVpYTJialpwcFVvYVc3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
ZjhmNjZkLThhNDctNDQzMS1hZjUxLWU0ZjU4NzA0ODA0ZS8xL2hxOHNjV2E3Tkth
V19lTDdyTzlBQWJDbzUtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwKAQCAAEwIjAMAwQBH7oCAwQBH7oEAwQAH7oHMAwD
BAAfugkDBAAfuhQwHAQCAAIwFjAUAwgBKg2gAAAACgMIACoNoAAAABowDQYJKoZI
hvcNAQELBQADggEBAETN0fg1A1LXcbdA365mZUVFGcT2ZGcEC641Zu7amVPx5t/Z
GyuNHUH+Lee5DUqZJTGjn0fsPOa1B/mhHJT0O8Zz8YSwUlpA74FG4vOsrGj+ve0s
H4D0AOFESaOObQGfGwcVDics/X3mYy/bZ3z+p42egENN9k2xRu7GvKXo02hHyDqS
zKFZxSbWGUgrJ9wThH4XnjCsPBeVh5fqyGOJ9mTYhgsZrkD30mUD/5/YuBqEWhhM
dx9NezMjDb2ypt0cx53XdGBlqjnjvEA+CDvNzMG7jurC6v29Rhy0X77+ymtW9pzS
7iRpeA+82kubpZdpvwc85CqRGde5D7PCfidoEfo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:33 2025 by rpki-client