Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9ZGN2VN2u67--1rdQUf1ids3e88.roa
File: 9ZGN2VN2u67--1rdQUf1ids3e88.roa (raw, json)
Hash identifier: xH36X93EIPlttE5kSkNicCF48fCkobHi+y4FgF458m0=
Subject key identifier: F5:91:8D:D9:53:76:BB:AE:FE:FB:5A:DD:41:47:F5:89:DB:37:7B:CF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018808F3B6BF0AA81A652D3A6874FAECE514
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9ZGN2VN2u67--1rdQUf1ids3e88.roa
Signing time: Thu 11 May 2023 03:56:09 +0000
ROA not before: Thu 11 May 2023 03:56:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 217.19.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:08:f3:b6:bf:0a:a8:1a:65:2d:3a:68:74:fa:ec:e5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 11 03:56:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5918dd95376bbaefefb5add4147f589db377bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:57:f0:c4:fa:cf:cc:fa:d6:9f:ff:01:ba:89:
64:9a:68:ab:c6:7d:49:32:74:3e:53:02:29:6e:20:
15:d1:f8:e9:98:0a:e0:4a:1a:2a:3d:9e:e7:f3:22:
ef:85:c5:4b:51:e9:f0:d5:73:0a:46:1e:59:6d:bd:
f1:06:ad:ee:58:56:01:8d:da:68:d6:60:8b:e1:90:
19:a8:c2:f0:99:fc:33:a5:36:77:18:ed:b0:bf:34:
0f:3b:11:c3:4d:eb:a7:7b:13:a9:05:d3:40:00:71:
20:75:02:f1:a4:28:d9:9b:b9:9f:b5:06:59:20:88:
53:10:b9:93:7e:99:c1:09:21:2c:62:40:42:1c:06:
e5:45:49:dc:f8:93:2a:af:18:69:ac:a7:02:62:90:
dc:0e:50:60:f3:d9:a1:5e:aa:cb:b7:75:9b:f3:82:
ef:ea:f7:3a:02:55:f2:c2:98:c5:ae:d2:dd:05:e6:
ec:60:68:3d:27:89:46:e5:39:84:8b:55:4a:50:8b:
ee:93:04:df:a9:ab:56:60:f0:85:f8:96:6d:5a:d8:
97:49:64:ef:ec:e3:13:a0:af:23:bd:c0:c6:a0:02:
49:0c:df:6e:f9:da:36:4e:f0:64:80:6b:a6:c0:b5:
10:85:21:8f:39:50:01:e8:e0:85:97:db:45:7a:f5:
4c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:91:8D:D9:53:76:BB:AE:FE:FB:5A:DD:41:47:F5:89:DB:37:7B:CF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9ZGN2VN2u67--1rdQUf1ids3e88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:f0:02:7e:c8:9a:0b:95:50:6a:03:b3:73:88:d7:b2:93:c2:
9e:99:3c:f8:ca:56:4f:0a:88:80:87:aa:33:2f:e0:85:27:0b:
52:a2:bb:ec:84:ba:54:64:d3:b2:db:04:63:cf:8a:21:1b:f3:
fb:05:b4:27:7e:2c:31:2b:c7:85:36:ba:b9:36:82:29:a0:43:
43:7d:7a:94:4d:ea:f4:d3:5a:8f:82:0b:81:3d:ab:d5:0d:22:
ed:03:93:c0:33:25:d0:b5:fe:6e:26:82:33:22:33:52:7b:14:
d3:06:a2:af:86:61:1b:26:e4:a4:0d:d2:0e:04:1e:4e:ff:47:
8f:e6:29:ad:be:af:1c:f3:53:44:ed:d3:ea:06:95:e7:fe:76:
7a:c2:16:5f:f4:1a:d5:ce:66:1d:c5:f6:6b:59:62:f5:58:0e:
4b:6d:ac:d1:e9:32:06:1c:69:82:61:79:13:0c:1e:59:d3:11:
bb:4a:9a:57:19:dd:17:c0:a7:95:c9:cd:17:d9:13:f5:bb:9e:
b8:4d:ad:40:19:a0:12:de:4d:3a:f7:0e:44:47:37:a1:1b:d7:
71:87:e1:bd:f3:65:99:f1:64:ba:41:38:f8:ff:b3:d2:f2:fd:
57:ae:6c:df:ee:dc:af:a4:40:8c:59:10:bf:76:20:f7:3f:00:
15:cf:99:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgI87a/CqgaZS06aHT67OUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNTExMDM1NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkxOGRkOTUzNzZiYmFlZmVmYjVhZGQ0MTQ3ZjU4OWRiMzc3YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1fwxPrPzPrWn/8Buolkmmirxn1J
MnQ+UwIpbiAV0fjpmArgShoqPZ7n8yLvhcVLUenw1XMKRh5Zbb3xBq3uWFYBjdpo
1mCL4ZAZqMLwmfwzpTZ3GO2wvzQPOxHDTeunexOpBdNAAHEgdQLxpCjZm7mftQZZ
IIhTELmTfpnBCSEsYkBCHAblRUnc+JMqrxhprKcCYpDcDlBg89mhXqrLt3Wb84Lv
6vc6AlXywpjFrtLdBebsYGg9J4lG5TmEi1VKUIvukwTfqatWYPCF+JZtWtiXSWTv
7OMToK8jvcDGoAJJDN9u+do2TvBkgGumwLUQhSGPOVAB6OCFl9tFevVMeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWRjdlTdruu/vta3UFH9YnbN3vPMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOVpHTjJWTjJ1NjctLTFyZFFVZjFpZHMzZTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RMEMA0G
CSqGSIb3DQEBCwUAA4IBAQAv8AJ+yJoLlVBqA7NziNeyk8KemTz4ylZPCoiAh6oz
L+CFJwtSorvshLpUZNOy2wRjz4ohG/P7BbQnfiwxK8eFNrq5NoIpoENDfXqUTer0
01qPgguBPavVDSLtA5PAMyXQtf5uJoIzIjNSexTTBqKvhmEbJuSkDdIOBB5O/0eP
5imtvq8c81NE7dPqBpXn/nZ6whZf9BrVzmYdxfZrWWL1WA5LbazR6TIGHGmCYXkT
DB5Z0xG7SppXGd0XwKeVyc0X2RP1u564Ta1AGaAS3k069w5ERzehG9dxh+G982WZ
8WS6QTj4/7PS8v1Xrmzf7tyvpECMWRC/diD3PwAVz5kV
-----END CERTIFICATE-----
Generated at Mon May 12 23:00:29 2025 by rpki-client