Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/wHXyHpn16qELwe-XEMM2d6z02Z8.roa
File: wHXyHpn16qELwe-XEMM2d6z02Z8.roa (raw, json)
Hash identifier: V62bxRXe4IiUAEvYdziEwOQa+EVPqL66wTpLodD59W4=
Subject key identifier: C0:75:F2:1E:99:F5:EA:A1:0B:C1:EF:97:10:C3:36:77:AC:F4:D9:9F
Certificate issuer: /CN=252c4e2bf5f2138462ef4a5d9e0f6e7a763530fe
Certificate serial: 0185711E346698B2EAD3169A528D777D4DC6
Authority key identifier: 25:2C:4E:2B:F5:F2:13:84:62:EF:4A:5D:9E:0F:6E:7A:76:35:30:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSxOK_XyE4Ri70pdng9uenY1MP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/wHXyHpn16qELwe-XEMM2d6z02Z8.roa
Signing time: Mon 02 Jan 2023 06:14:43 +0000
ROA not before: Mon 02 Jan 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211987
IP address blocks: 185.234.102.0/24 maxlen: 24
2a10:da80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:34:66:98:b2:ea:d3:16:9a:52:8d:77:7d:4d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=252c4e2bf5f2138462ef4a5d9e0f6e7a763530fe
Validity
Not Before: Jan 2 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c075f21e99f5eaa10bc1ef9710c33677acf4d99f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:c9:61:5d:0c:fd:08:c3:2e:3a:a1:1d:cd:
ef:fd:fa:92:b4:2b:27:f1:b3:57:89:a7:6f:6a:22:
17:1e:c5:37:03:33:85:69:76:51:36:f7:04:4b:67:
78:1d:6f:6a:f2:64:6c:17:af:9c:db:57:7f:a6:3d:
73:6f:95:62:21:a5:26:c5:54:1a:af:40:5f:06:fe:
ea:03:bb:29:a3:50:b0:bf:ef:a7:8b:61:18:5a:de:
4b:5f:ac:a0:f0:aa:c5:b0:3b:7e:5e:a1:57:b6:f8:
86:06:9c:4a:93:67:dd:d4:62:bc:d5:e8:33:6d:ad:
3f:47:3b:fc:01:5b:f4:ab:60:26:5d:42:58:c8:20:
67:2d:6d:63:57:72:b1:73:ee:4f:8e:4b:7a:6d:df:
35:e6:bc:05:39:61:b3:e9:04:33:e1:3f:38:ba:5e:
b7:ac:58:bf:26:48:2b:a8:0a:99:f4:a1:00:c4:4f:
5b:f5:67:67:25:8c:23:59:47:70:ea:56:1a:17:60:
d9:99:c5:0f:e0:6c:d5:dc:a9:0f:68:0c:13:74:0e:
89:dc:04:29:f7:1c:12:2f:0c:58:c7:b6:93:d3:5b:
9b:68:34:0e:e4:42:da:e8:61:10:64:af:75:5f:c5:
78:45:bb:c5:90:9b:0a:c8:3b:a9:b8:e0:2e:b6:a9:
c0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:75:F2:1E:99:F5:EA:A1:0B:C1:EF:97:10:C3:36:77:AC:F4:D9:9F
X509v3 Authority Key Identifier:
keyid:25:2C:4E:2B:F5:F2:13:84:62:EF:4A:5D:9E:0F:6E:7A:76:35:30:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSxOK_XyE4Ri70pdng9uenY1MP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/wHXyHpn16qELwe-XEMM2d6z02Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/JSxOK_XyE4Ri70pdng9uenY1MP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.102.0/24
IPv6:
2a10:da80::/29
Signature Algorithm: sha256WithRSAEncryption
06:f4:da:fc:2a:2a:8a:e4:e0:43:57:e6:37:2f:29:77:b2:0b:
5d:58:69:10:12:b5:55:cf:cb:45:b3:99:46:2b:89:9a:55:55:
eb:8e:2b:89:35:c3:f7:d8:f4:12:93:17:ec:f3:22:ca:d8:51:
51:7d:19:04:e7:19:8c:f7:e5:0a:be:5c:41:68:bd:31:cf:f2:
d7:61:dc:e2:ad:66:6c:09:51:a8:d1:0a:27:af:0f:2a:af:8a:
c2:18:13:7f:5a:5e:06:42:0d:5c:6c:fd:4a:53:12:9d:a8:ae:
7a:a6:32:16:3b:74:f4:15:19:b9:27:14:a5:87:4a:12:56:e2:
93:b8:dc:4f:46:c1:85:bf:43:c8:0e:a1:78:42:19:40:6a:56:
c1:c1:66:e0:d2:0b:c4:c2:5e:28:ca:88:24:36:eb:cb:9c:a3:
58:36:72:0a:9d:d9:5f:4b:51:bd:a9:82:97:cc:5b:04:ba:23:
bd:79:3d:5a:05:78:39:40:ee:c4:3d:04:ab:d8:6b:b3:73:52:
a1:ee:8a:be:61:70:8b:11:b3:e7:99:f9:32:99:04:5a:7d:4d:
0c:e4:7c:f2:95:e8:69:15:fe:9e:4a:c2:5e:41:98:fd:74:ee:
50:ef:b8:17:f6:5b:88:ae:75:72:df:36:d9:98:2c:4d:21:bd:
6d:95:aa:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHjRmmLLq0xaaUo13fU3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MmM0ZTJiZjVmMjEzODQ2MmVmNGE1ZDllMGY2ZTdhNzYz
NTMwZmUwHhcNMjMwMTAyMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDc1ZjIxZTk5ZjVlYWExMGJjMWVmOTcxMGMzMzY3N2FjZjRkOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoXJYV0M/QjDLjqhHc3v/fqStCsn
8bNXiadvaiIXHsU3AzOFaXZRNvcES2d4HW9q8mRsF6+c21d/pj1zb5ViIaUmxVQa
r0BfBv7qA7spo1Cwv++ni2EYWt5LX6yg8KrFsDt+XqFXtviGBpxKk2fd1GK81egz
ba0/Rzv8AVv0q2AmXUJYyCBnLW1jV3Kxc+5Pjkt6bd815rwFOWGz6QQz4T84ul63
rFi/JkgrqAqZ9KEAxE9b9WdnJYwjWUdw6lYaF2DZmcUP4GzV3KkPaAwTdA6J3AQp
9xwSLwxYx7aT01ubaDQO5ELa6GEQZK91X8V4RbvFkJsKyDupuOAutqnAbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMB18h6Z9eqhC8HvlxDDNnes9NmfMB8GA1UdIwQY
MBaAFCUsTiv18hOEYu9KXZ4Pbnp2NTD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlN4T0tfWHlFNFJpNzBwZG5nOXVlblkxTVA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iYmJhODgtMTM0NC00ZDg5LThmNTIt
NmRmN2JmNTllMzI2LzEvd0hYeUhwbjE2cUVMd2UtWEVNTTJkNnowMlo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9iYmJhODgtMTM0NC00ZDg5LThmNTItNmRmN2JmNTllMzI2
LzEvSlN4T0tfWHlFNFJpNzBwZG5nOXVlblkxTVA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuepmMA0E
AgACMAcDBQMqENqAMA0GCSqGSIb3DQEBCwUAA4IBAQAG9Nr8KiqK5OBDV+Y3Lyl3
sgtdWGkQErVVz8tFs5lGK4maVVXrjiuJNcP32PQSkxfs8yLK2FFRfRkE5xmM9+UK
vlxBaL0xz/LXYdzirWZsCVGo0Qonrw8qr4rCGBN/Wl4GQg1cbP1KUxKdqK56pjIW
O3T0FRm5JxSlh0oSVuKTuNxPRsGFv0PIDqF4QhlAalbBwWbg0gvEwl4oyogkNuvL
nKNYNnIKndlfS1G9qYKXzFsEuiO9eT1aBXg5QO7EPQSr2Guzc1Kh7oq+YXCLEbPn
mfkymQRafU0M5HzylehpFf6eSsJeQZj9dO5Q77gX9luIrnVy3zbZmCxNIb1tlaoM
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:18 2025 by rpki-client