Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/r0U1ktcLo7mJy4v3OhvdXlmGFj0.roa
File: r0U1ktcLo7mJy4v3OhvdXlmGFj0.roa (raw, json)
Hash identifier: REOHhi33ughLcg2foTMvYou/BFt4lc2kMoYcSoVNpf0=
Subject key identifier: AF:45:35:92:D7:0B:A3:B9:89:CB:8B:F7:3A:1B:DD:5E:59:86:16:3D
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 018CC79470CC357F41B8850730488266C0B9
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/r0U1ktcLo7mJy4v3OhvdXlmGFj0.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197720
IP address blocks: 31.186.28.0/24 maxlen: 24
31.186.29.0/24 maxlen: 24
31.186.2.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.21.0/24 maxlen: 24
31.186.23.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 17 Jan 2024 07:54:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:70:cc:35:7f:41:b8:85:07:30:48:82:66:c0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af453592d70ba3b989cb8bf73a1bdd5e5986163d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:96:3f:05:7a:d5:98:0a:39:72:d9:cd:c0:
44:e3:8b:98:97:81:a8:5b:63:b6:dc:65:40:4e:0a:
21:4a:e1:04:2c:57:b3:0d:c2:fe:15:0b:7a:3d:16:
3c:6f:27:6e:28:17:b3:e4:06:fe:d6:41:f8:9b:61:
de:96:ae:f3:52:c2:99:21:5f:72:b9:43:56:93:c5:
03:61:d9:e5:25:fe:03:12:a0:2f:e3:44:2a:42:3b:
18:30:17:0d:d8:84:71:b0:dc:8d:6e:89:39:b5:24:
2c:16:cc:51:7b:a2:de:78:43:bb:87:a6:48:a5:e0:
83:02:ff:6e:77:e2:5f:2b:46:5d:37:f0:c7:c7:21:
64:ba:ee:f2:52:1d:06:da:e2:a4:fe:41:de:c0:18:
7e:26:df:4b:c0:63:56:53:e7:52:be:1b:75:7d:16:
2e:f2:34:7a:76:42:42:29:0a:b5:92:43:45:f9:68:
08:74:f9:93:d9:01:cb:e5:e8:d0:f9:53:d2:d0:ac:
7e:6b:95:a9:9d:2d:bf:ad:f0:96:73:2c:9e:ae:4d:
6b:79:c0:6f:de:6f:b5:a0:4b:b5:8c:60:cb:f9:fe:
70:86:b0:d7:05:d8:c3:72:2c:49:b9:ad:d5:ad:1b:
ac:f7:cd:42:18:01:89:ea:8c:98:99:87:17:f6:7d:
f4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:45:35:92:D7:0B:A3:B9:89:CB:8B:F7:3A:1B:DD:5E:59:86:16:3D
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/r0U1ktcLo7mJy4v3OhvdXlmGFj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.5.255
31.186.7.0/24
31.186.9.0-31.186.21.255
31.186.23.0/24
31.186.28.0/23
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8c:f7:65:fd:06:95:ed:42:8b:a8:10:ff:17:2a:5d:69:bf:71:
2e:91:2a:a1:1d:d1:1b:bd:71:98:7d:84:85:8d:1f:64:88:fa:
1a:84:00:2a:30:39:00:cb:18:0b:90:29:8e:8b:50:9b:d4:fa:
11:1b:1a:03:84:6e:65:1f:dc:db:4c:98:52:de:fe:c6:de:75:
9b:09:cb:d5:37:65:da:5f:5d:4c:e5:e6:e0:cb:ba:fd:55:ec:
90:cc:ea:77:21:05:00:4b:c0:38:c1:60:72:fb:e1:a1:4e:d2:
81:1c:47:b8:e9:fc:e9:47:bd:2e:8c:06:59:fc:6b:df:92:02:
99:b0:58:03:24:ba:b6:aa:ea:a1:c2:ec:1f:94:9f:28:07:e5:
f0:d6:5c:86:a3:01:4d:93:63:4e:60:6e:57:6e:8d:46:d9:cc:
1f:fe:4c:00:58:84:69:9c:df:50:9f:29:35:31:2e:14:ca:30:
1e:50:91:dc:da:bf:6a:f5:d7:57:40:8d:3c:51:9b:d7:44:7c:
f6:a3:78:13:ed:ff:ec:bb:24:50:84:34:0c:d9:0a:6d:bf:db:
68:1b:4a:b8:53:25:86:b6:96:e2:15:00:70:54:95:b7:ff:41:
91:a9:ad:ab:23:de:17:71:c4:82:52:92:4d:1d:d0:fc:88:0e:
2b:1f:07:b1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzHlHDMNX9BuIUHMEiCZsC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWYyYzcxNjZiYjM0YTY5NmZkZTJmYmFjZWY0MDAxYjBh
OGU3ZTIwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQ1MzU5MmQ3MGJhM2I5ODljYjhiZjczYTFiZGQ1ZTU5ODYxNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzeWPwV61ZgKOXLZzcBE44uYl4Go
W2O23GVATgohSuEELFezDcL+FQt6PRY8byduKBez5Ab+1kH4m2Helq7zUsKZIV9y
uUNWk8UDYdnlJf4DEqAv40QqQjsYMBcN2IRxsNyNbok5tSQsFsxRe6LeeEO7h6ZI
peCDAv9ud+JfK0ZdN/DHxyFkuu7yUh0G2uKk/kHewBh+Jt9LwGNWU+dSvht1fRYu
8jR6dkJCKQq1kkNF+WgIdPmT2QHL5ejQ+VPS0Kx+a5WpnS2/rfCWcyyerk1recBv
3m+1oEu1jGDL+f5whrDXBdjDcixJua3VrRus981CGAGJ6oyYmYcX9n30LwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFK9FNZLXC6O5icuL9zob3V5ZhhY9MB8GA1UdIwQY
MBaAFIavLHFmuzSmlv3i+6zvQAGwqOfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEt
ZTRmNTg3MDQ4MDRlLzEvcjBVMWt0Y0xvN21KeTR2M09odmRYbG1HRmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEtZTRmNTg3MDQ4MDRl
LzEvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA0BAIAATAuMAwDBAEfugID
BAEfugQDBAAfugcwDAMEAB+6CQMEAR+6FAMEAB+6FwMEAR+6HDAcBAIAAjAWMBQD
CAEqDaAAAAAKAwgAKg2gAAAAGjANBgkqhkiG9w0BAQsFAAOCAQEAjPdl/QaV7UKL
qBD/Fypdab9xLpEqoR3RG71xmH2EhY0fZIj6GoQAKjA5AMsYC5ApjotQm9T6ERsa
A4RuZR/c20yYUt7+xt51mwnL1Tdl2l9dTOXm4Mu6/VXskMzqdyEFAEvAOMFgcvvh
oU7SgRxHuOn86Ue9LowGWfxr35ICmbBYAyS6tqrqocLsH5SfKAfl8NZchqMBTZNj
TmBuV26NRtnMH/5MAFiEaZzfUJ8pNTEuFMowHlCR3Nq/avXXV0CNPFGb10R89qN4
E+3/7LskUIQ0DNkKbb/baBtKuFMlhraW4hUAcFSVt/9BkamtqyPeF3HEglKSTR3Q
/IgOKx8HsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:34 2024 by rpki-client on console-fra.rpki-client.org