Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BzsEFah9k7LglXedfvV0pxvf234.roa
File: BzsEFah9k7LglXedfvV0pxvf234.roa (raw, json)
Hash identifier: L5T8Bzn4+jJwDWsG4RnA4s0j1LM/jd5qz2+P4WePNF4=
Subject key identifier: 07:3B:04:15:A8:7D:93:B2:E0:95:77:9D:7E:F5:74:A7:1B:DF:DB:7E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 142FA9F7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BzsEFah9k7LglXedfvV0pxvf234.roa
Signing time: Tue 15 Mar 2022 22:35:04 +0000
ROA not before: Tue 15 Mar 2022 22:35:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 212.90.102.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 338668023 (0x142fa9f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 15 22:35:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=073b0415a87d93b2e095779d7ef574a71bdfdb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fa:db:cf:19:55:06:9e:45:22:60:70:33:bf:
ed:e2:2b:63:5e:f5:89:98:7c:50:e3:ec:e2:30:64:
8f:ed:09:af:a1:30:bd:93:e7:cf:56:38:2f:90:3c:
0e:3b:bf:29:5f:8e:d0:5a:65:08:13:83:94:8b:5b:
27:7e:d6:68:ce:44:28:77:b1:43:ca:aa:74:15:a1:
5e:07:59:40:86:df:19:af:34:4a:ad:85:b7:f6:1e:
57:da:02:54:18:fc:d9:68:41:82:e4:b7:44:05:7d:
04:7d:9f:2b:4d:b6:7e:7b:43:bc:1e:a2:4c:96:a3:
30:91:1b:ee:c9:b0:ab:35:e1:ed:69:00:9b:bc:63:
12:4a:c6:ad:63:36:b7:65:b5:30:4b:bf:30:71:19:
51:bc:32:fc:2d:b5:be:e3:80:75:5f:f3:60:0b:7b:
20:9e:67:9c:70:ab:23:85:d2:43:36:9e:bf:34:57:
d4:bc:38:7d:3b:42:de:d5:c5:ab:75:41:41:85:12:
80:19:b8:ba:a5:42:81:22:d6:b0:3a:0e:59:f4:29:
53:54:fb:f1:83:6f:ef:79:09:eb:23:6c:fc:8b:27:
01:1f:d5:8c:d1:36:e4:ff:1f:29:80:f6:64:ff:48:
2c:2f:5b:90:39:21:f2:71:b6:2d:ae:72:0b:72:88:
d7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3B:04:15:A8:7D:93:B2:E0:95:77:9D:7E:F5:74:A7:1B:DF:DB:7E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BzsEFah9k7LglXedfvV0pxvf234.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.90.102.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:53:3a:5b:04:80:92:ee:09:d8:b6:6d:da:26:a9:bb:53:8c:
0b:40:b4:e7:55:13:6d:79:c9:fd:0c:84:62:27:b8:9b:ec:00:
f1:08:3b:95:f6:67:3d:0a:81:e5:eb:2b:a5:d5:3c:3f:26:79:
91:fb:f2:e8:c0:6d:0b:cc:16:96:b4:e5:63:ed:29:10:60:75:
51:11:60:97:75:01:85:b1:a2:aa:b8:e8:8f:8c:5f:d0:52:49:
78:9e:56:d5:a5:65:30:60:43:36:83:95:7e:f5:e9:f5:47:27:
ef:26:8f:bc:29:ab:38:89:de:00:92:4c:d4:19:b6:b5:01:ec:
c4:ee:a1:d5:e3:15:5c:81:ac:78:c5:22:52:af:f8:54:b3:a5:
72:93:fe:0a:8a:59:2e:f8:05:0e:d0:01:33:63:0f:b9:f8:50:
a0:32:f2:c7:d5:78:38:32:92:81:4a:5c:de:d7:46:b9:d4:f4:
8d:db:52:60:70:c1:16:47:d5:b7:00:88:4f:cc:cd:c8:4e:7e:
5a:74:dd:25:59:a3:e4:41:a4:12:c0:ad:42:70:2b:67:17:7c:
77:f7:64:ac:21:7e:1c:19:0b:7c:31:f7:fc:df:c6:38:89:22:
1f:f5:d3:82:6f:6b:ef:5d:17:15:ee:40:be:2c:03:1a:ad:1a:
83:d1:a2:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFC+p9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMx
NTIyMzUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDczYjA0MTVhODdk
OTNiMmUwOTU3NzlkN2VmNTc0YTcxYmRmZGI3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKD6288ZVQaeRSJgcDO/7eIrY171iZh8UOPs4jBkj+0Jr6Ew
vZPnz1Y4L5A8Dju/KV+O0FplCBODlItbJ37WaM5EKHexQ8qqdBWhXgdZQIbfGa80
Sq2Ft/YeV9oCVBj82WhBguS3RAV9BH2fK022fntDvB6iTJajMJEb7smwqzXh7WkA
m7xjEkrGrWM2t2W1MEu/MHEZUbwy/C21vuOAdV/zYAt7IJ5nnHCrI4XSQzaevzRX
1Lw4fTtC3tXFq3VBQYUSgBm4uqVCgSLWsDoOWfQpU1T78YNv73kJ6yNs/IsnAR/V
jNE25P8fKYD2ZP9ILC9bkDkh8nG2La5yC3KI1/8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQHOwQVqH2TsuCVd51+9XSnG9/bfjAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L0J6c0VGYWg5azdMZ2xYZWRmdlYwcHh2ZjIzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdRaZjANBgkqhkiG9w0BAQsFAAOC
AQEAilM6WwSAku4J2LZt2iapu1OMC0C051UTbXnJ/QyEYie4m+wA8Qg7lfZnPQqB
5esrpdU8PyZ5kfvy6MBtC8wWlrTlY+0pEGB1URFgl3UBhbGiqrjoj4xf0FJJeJ5W
1aVlMGBDNoOVfvXp9Ucn7yaPvCmrOIneAJJM1Bm2tQHsxO6h1eMVXIGseMUiUq/4
VLOlcpP+CopZLvgFDtABM2MPufhQoDLyx9V4ODKSgUpc3tdGudT0jdtSYHDBFkfV
twCIT8zNyE5+WnTdJVmj5EGkEsCtQnArZxd8d/dkrCF+HBkLfDH3/N/GOIkiH/XT
gm9r710XFe5AviwDGq0ag9GiOg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org