Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/NbDimERXg33ifDV7U0NPiUDibZo.roa
File: NbDimERXg33ifDV7U0NPiUDibZo.roa (raw, json)
Hash identifier: 24ClStp/9qEDzkTEkUBOeEwp9gLV84znei9mhkg37sI=
Subject key identifier: 35:B0:E2:98:44:57:83:7D:E2:7C:35:7B:53:43:4F:89:40:E2:6D:9A
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188B3841ED53189881900920392DDABF877
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/NbDimERXg33ifDV7U0NPiUDibZo.roa
Signing time: Tue 13 Jun 2023 06:49:20 +0000
ROA not before: Tue 13 Jun 2023 06:49:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 5.105.255.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:84:1e:d5:31:89:88:19:00:92:03:92:dd:ab:f8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 13 06:49:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35b0e2984457837de27c357b53434f8940e26d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:de:02:40:79:52:89:f2:5a:bd:3c:d9:7d:
41:ae:7e:72:ea:58:14:ba:70:63:da:60:85:4e:1b:
a9:4e:10:7f:dc:f8:b4:5f:cb:94:f3:dc:3c:82:b7:
57:c0:a9:f0:d1:31:8f:76:26:bf:0b:cd:30:d0:10:
d1:b0:2e:c2:87:b1:a7:62:84:fd:7d:c4:12:45:ae:
5e:d2:cb:de:82:d1:76:24:87:78:f7:35:3d:07:2b:
be:00:fd:1e:9b:2d:5b:d0:99:19:fb:32:ac:7c:fb:
22:fb:a0:14:e4:6e:cf:cf:1f:e4:c9:02:7e:97:c1:
71:86:57:4a:f3:7f:40:1e:70:a3:b0:b4:2c:48:90:
f3:be:8b:38:64:54:a6:20:9c:40:02:5d:e9:e5:e9:
09:c3:15:d0:76:76:b7:72:eb:03:d7:4e:08:77:ee:
a5:3f:ee:d3:15:27:28:c0:52:2b:fd:c6:eb:fe:9c:
3b:12:cd:7e:b0:d9:79:5d:b2:dc:32:35:25:30:fe:
fa:86:67:8a:5c:06:c0:49:03:49:44:2a:21:bc:2d:
39:46:17:fa:3b:52:f3:f5:19:8f:ff:86:5d:a2:24:
17:02:c1:e3:24:2a:6c:d5:57:d5:84:f3:16:85:53:
e0:df:ea:f9:aa:61:38:ce:ad:27:cf:f0:7b:a5:25:
0b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B0:E2:98:44:57:83:7D:E2:7C:35:7B:53:43:4F:89:40:E2:6D:9A
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/NbDimERXg33ifDV7U0NPiUDibZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.169.0/24
5.105.255.0/24
Signature Algorithm: sha256WithRSAEncryption
28:cd:b6:cd:30:54:fb:60:0a:40:a8:f7:ad:bd:bd:2e:72:55:
36:18:7e:f1:f9:f2:f2:5c:fb:99:1c:1b:03:6f:a3:ac:b9:16:
c0:54:c0:b3:74:07:b9:52:56:eb:31:af:79:5e:c7:c4:0d:96:
86:c0:cc:08:25:a8:ab:35:75:2a:dc:2a:b9:f9:04:79:a9:3a:
e0:48:34:21:fd:3a:a6:76:cf:4f:15:cc:4b:d4:81:f0:7f:1d:
39:59:19:70:94:a2:42:d5:74:b3:b8:66:0a:d6:6a:e4:0b:b6:
d7:d9:bc:e5:1f:f1:1a:6f:f5:4d:fa:61:2d:bf:dc:fe:75:3a:
33:7f:a3:ce:10:91:c3:c2:29:ed:88:e9:59:f9:13:34:e4:6f:
37:80:7f:9a:75:22:ce:d5:b5:94:61:6b:8f:04:50:1a:96:73:
1b:0c:79:f0:e1:9c:a1:27:12:ac:11:91:24:3d:d1:12:b6:7d:
89:f5:2b:17:70:87:6b:d2:c4:c3:29:19:0f:a4:69:cf:1f:ef:
31:28:be:f6:cf:8e:9b:fb:ba:c1:c6:54:b9:b8:15:0f:f1:b4:
10:c4:59:bb:e3:83:ee:11:2c:fa:1d:9f:f7:99:4f:e3:15:67:
07:4f:f7:fb:2a:86:22:3c:3c:e4:e9:8c:28:2f:6c:93:93:37:
f6:37:cc:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYizhB7VMYmIGQCSA5Ldq/h3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjEzMDY0OTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIwZTI5ODQ0NTc4MzdkZTI3YzM1N2I1MzQzNGY4OTQwZTI2ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmofeAkB5UonyWr082X1Brn5y6lgU
unBj2mCFThupThB/3Pi0X8uU89w8grdXwKnw0TGPdia/C80w0BDRsC7Ch7GnYoT9
fcQSRa5e0svegtF2JId49zU9Byu+AP0emy1b0JkZ+zKsfPsi+6AU5G7Pzx/kyQJ+
l8FxhldK839AHnCjsLQsSJDzvos4ZFSmIJxAAl3p5ekJwxXQdna3cusD104Id+6l
P+7TFScowFIr/cbr/pw7Es1+sNl5XbLcMjUlMP76hmeKXAbASQNJRCohvC05Rhf6
O1Lz9RmP/4ZdoiQXAsHjJCps1VfVhPMWhVPg3+r5qmE4zq0nz/B7pSULFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWw4phEV4N94nw1e1NDT4lA4m2aMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTmJEaW1FUlhnMzNpZkRWN1UwTlBpVURpYlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWmpAwQA
BWn/MA0GCSqGSIb3DQEBCwUAA4IBAQAozbbNMFT7YApAqPetvb0uclU2GH7x+fLy
XPuZHBsDb6OsuRbAVMCzdAe5UlbrMa95XsfEDZaGwMwIJairNXUq3Cq5+QR5qTrg
SDQh/Tqmds9PFcxL1IHwfx05WRlwlKJC1XSzuGYK1mrkC7bX2bzlH/Eab/VN+mEt
v9z+dTozf6POEJHDwintiOlZ+RM05G83gH+adSLO1bWUYWuPBFAalnMbDHnw4Zyh
JxKsEZEkPdEStn2J9SsXcIdr0sTDKRkPpGnPH+8xKL72z46b+7rBxlS5uBUP8bQQ
xFm744PuESz6HZ/3mU/jFWcHT/f7KoYiPDzk6YwoL2yTkzf2N8yk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:33 2025 by rpki-client