Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/azrmTTe2tcZ5xBbYFjdtEt4dt_U.roa
File: azrmTTe2tcZ5xBbYFjdtEt4dt_U.roa (raw, json)
Hash identifier: DZFHD7ypDS8qPK8FcABmLEv5Hf//1ilQvd82HBu1C5w=
Subject key identifier: 6B:3A:E6:4D:37:B6:B5:C6:79:C4:16:D8:16:37:6D:12:DE:1D:B7:F5
Certificate issuer: /CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Certificate serial: 01857067562CC4B085051DEDCAB9CE53A839
Authority key identifier: 65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/azrmTTe2tcZ5xBbYFjdtEt4dt_U.roa
Signing time: Mon 02 Jan 2023 02:54:58 +0000
ROA not before: Mon 02 Jan 2023 02:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43229
IP address blocks: 185.213.12.0/24 maxlen: 24
185.213.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:56:2c:c4:b0:85:05:1d:ed:ca:b9:ce:53:a8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Validity
Not Before: Jan 2 02:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b3ae64d37b6b5c679c416d816376d12de1db7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e4:e3:49:ad:ae:d3:5e:eb:5f:d6:0f:25:fd:
6c:6b:bd:98:94:5e:8e:bf:2e:98:6f:fb:2b:ee:38:
22:c7:3f:29:75:23:d5:00:0c:18:51:74:01:af:22:
33:0b:72:c0:e2:75:59:de:53:91:09:3a:53:74:7f:
e3:86:05:a5:4a:0f:95:8a:8c:46:86:8f:57:7e:f6:
b5:68:c1:70:3c:8e:be:e7:9a:9b:58:a3:89:3c:05:
ee:c9:db:2c:d7:a8:60:00:68:ea:2a:8a:90:b5:8d:
ac:f3:05:65:48:72:da:b0:b4:63:93:b1:96:7c:c1:
64:6d:13:67:96:50:87:be:87:ba:58:62:fb:0e:bb:
f5:fa:c7:ea:0b:ef:6e:02:5e:d5:e1:2b:d4:8a:79:
d4:ef:2c:99:de:29:6d:93:b9:9f:39:ea:ea:2b:ea:
d7:7f:25:76:71:9f:7e:be:db:99:cd:7b:94:32:0d:
37:1d:a8:e2:03:dd:50:ae:5b:d8:9e:fc:0c:e7:5e:
47:c8:21:11:cd:8a:73:83:f8:aa:ed:2a:76:d2:eb:
a1:58:ba:59:5e:92:5c:58:3d:4d:0d:a4:1f:09:ce:
e4:b0:f9:8d:d3:ac:fb:fe:bf:44:9a:df:0d:67:d3:
83:9c:08:4d:f8:4f:6a:6b:a6:f5:8e:42:38:2a:47:
48:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3A:E6:4D:37:B6:B5:C6:79:C4:16:D8:16:37:6D:12:DE:1D:B7:F5
X509v3 Authority Key Identifier:
keyid:65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/azrmTTe2tcZ5xBbYFjdtEt4dt_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/ZWat35yg3kmm7vSYWDhPVPR6VvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.12.0/23
Signature Algorithm: sha256WithRSAEncryption
48:90:2b:75:3e:8b:51:b6:1c:ed:3e:7d:f8:06:2c:bc:fc:3f:
ba:2d:52:d2:3e:41:5c:1d:99:f9:78:5c:25:d0:7e:1e:da:22:
8d:b0:e8:50:3f:d5:a0:16:de:9d:15:97:e4:31:fe:9c:0a:96:
31:6a:8c:f9:a4:34:b0:2e:28:f9:9b:3d:ff:44:0f:81:f0:cc:
22:ca:c6:df:1c:3f:ab:61:01:31:ea:06:a8:84:2e:11:b2:85:
ff:f6:0d:eb:8d:c1:72:c9:59:46:ce:60:6b:84:31:2c:db:65:
99:47:1d:dc:7f:ea:22:7a:e6:29:ad:31:3e:ff:99:e5:c5:54:
85:70:78:12:ea:cd:02:6c:99:fb:92:ff:37:1a:0d:35:e4:af:
12:a7:d8:f3:b1:56:c8:4c:65:e4:e8:de:23:38:51:77:62:11:
a9:1e:47:e7:39:d3:c0:c0:f1:07:c9:06:52:20:8b:0a:18:70:
f7:5b:53:06:9a:37:cb:6c:4c:01:28:5b:f7:f9:80:df:8f:7b:
0a:23:04:37:e9:30:f4:bb:14:76:d7:39:5d:0b:aa:0a:1e:bb:
7f:69:a8:ec:8f:cf:85:2f:2a:8a:d7:e0:74:cd:40:8b:7d:e2:
27:3a:9b:fc:ed:aa:7b:8f:f6:42:93:8d:fd:9c:fd:bd:61:a6:
cb:48:eb:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1YsxLCFBR3tyrnOU6g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NjZhZGRmOWNhMGRlNDlhNmVlZjQ5ODU4Mzg0ZjU0ZjQ3
YTU2ZjAwHhcNMjMwMTAyMDI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjNhZTY0ZDM3YjZiNWM2NzljNDE2ZDgxNjM3NmQxMmRlMWRiN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uTjSa2u017rX9YPJf1sa72YlF6O
vy6Yb/sr7jgixz8pdSPVAAwYUXQBryIzC3LA4nVZ3lORCTpTdH/jhgWlSg+VioxG
ho9Xfva1aMFwPI6+55qbWKOJPAXuydss16hgAGjqKoqQtY2s8wVlSHLasLRjk7GW
fMFkbRNnllCHvoe6WGL7Drv1+sfqC+9uAl7V4SvUinnU7yyZ3iltk7mfOerqK+rX
fyV2cZ9+vtuZzXuUMg03HajiA91QrlvYnvwM515HyCERzYpzg/iq7Sp20uuhWLpZ
XpJcWD1NDaQfCc7ksPmN06z7/r9Emt8NZ9ODnAhN+E9qa6b1jkI4KkdIYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGs65k03trXGecQW2BY3bRLeHbf1MB8GA1UdIwQY
MBaAFGVmrd+coN5Jpu70mFg4T1T0elbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWldhdDM1eWcza21tN3ZTWVdEaFBWUFI2VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZDU2ZDctMzg5OS00MGU1LTk2MTIt
M2YyOGI2YWRiZGE5LzEvYXpybVRUZTJ0Y1o1eEJiWUZqZHRFdDRkdF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iZDU2ZDctMzg5OS00MGU1LTk2MTItM2YyOGI2YWRiZGE5
LzEvWldhdDM1eWcza21tN3ZTWVdEaFBWUFI2VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudUMMA0G
CSqGSIb3DQEBCwUAA4IBAQBIkCt1PotRthztPn34Biy8/D+6LVLSPkFcHZn5eFwl
0H4e2iKNsOhQP9WgFt6dFZfkMf6cCpYxaoz5pDSwLij5mz3/RA+B8MwiysbfHD+r
YQEx6gaohC4RsoX/9g3rjcFyyVlGzmBrhDEs22WZRx3cf+oieuYprTE+/5nlxVSF
cHgS6s0CbJn7kv83Gg015K8Sp9jzsVbITGXk6N4jOFF3YhGpHkfnOdPAwPEHyQZS
IIsKGHD3W1MGmjfLbEwBKFv3+YDfj3sKIwQ36TD0uxR21zldC6oKHrt/aajsj8+F
LyqK1+B0zUCLfeInOpv87ap7j/ZCk439nP29YabLSOub
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:17 2025 by rpki-client