Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nrc3_er3nkfZOlHF_x8AIb_kcmU.roa
File: nrc3_er3nkfZOlHF_x8AIb_kcmU.roa (raw, json)
Hash identifier: RKpDeanNB+AQUd6J2sO1Nbrgbx9FyQnJqG1JRaEsVRM=
Subject key identifier: 9E:B7:37:FD:EA:F7:9E:47:D9:3A:51:C5:FF:1F:00:21:BF:E4:72:65
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F28B727605D742370AC4A83D2E7617063
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nrc3_er3nkfZOlHF_x8AIb_kcmU.roa
Signing time: Mon 29 Apr 2024 07:17:22 +0000
ROA not before: Mon 29 Apr 2024 07:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 159.148.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 07:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:b7:27:60:5d:74:23:70:ac:4a:83:d2:e7:61:70:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 07:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eb737fdeaf79e47d93a51c5ff1f0021bfe47265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:4d:aa:50:cf:22:dd:ad:3a:c0:a2:aa:a1:
c8:35:c1:04:e5:fc:10:8f:78:57:33:8e:9c:bf:f1:
ca:b4:12:94:4a:39:f8:2c:3a:75:84:5e:a0:b1:aa:
c0:df:9e:33:cf:e1:63:74:b9:88:33:7c:e6:20:55:
cd:99:f7:22:b7:a3:c4:74:39:7a:87:5b:52:2c:d0:
97:8b:bd:1f:42:a7:bd:14:4c:5c:50:6d:ff:df:42:
53:18:d0:ad:43:ab:56:b8:83:94:76:a6:9c:bc:60:
14:5a:6c:a4:8d:cc:c9:41:6c:1e:b3:5a:70:a6:21:
7c:43:a4:d3:a4:55:7a:93:77:20:53:6f:f0:1c:4b:
78:82:16:02:f8:af:4d:3f:f4:0b:47:82:56:8a:b8:
98:dd:20:de:9d:ca:cd:9d:1e:76:3e:d4:e4:b3:09:
2e:0b:0f:46:01:b6:1d:65:51:ce:4e:8b:7e:59:84:
e5:c1:52:cf:b3:67:1d:87:80:27:06:41:b6:be:6f:
04:79:38:44:dc:dc:ef:84:53:24:18:ad:52:59:75:
08:59:00:d5:d5:21:e4:b7:33:0b:76:df:a1:b0:06:
f2:23:57:c5:bd:cc:ea:c0:42:d3:b9:9a:6f:27:79:
1d:42:61:a6:0c:5f:0d:61:d0:b3:82:6b:33:89:5a:
64:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B7:37:FD:EA:F7:9E:47:D9:3A:51:C5:FF:1F:00:21:BF:E4:72:65
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nrc3_er3nkfZOlHF_x8AIb_kcmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.109.0/24
Signature Algorithm: sha256WithRSAEncryption
02:1c:54:e1:db:a0:b2:13:2f:4e:78:a5:de:85:25:30:69:11:
05:c6:ae:b9:b1:53:aa:be:ae:ee:72:19:2e:6b:d4:08:9c:89:
b1:e0:45:8c:90:4e:83:ff:4c:12:d6:ab:18:8f:27:71:47:00:
8d:e3:52:2c:b0:85:4b:3e:ad:17:47:3b:54:5a:21:06:06:2f:
3d:93:df:fb:fd:47:31:a1:ed:42:75:70:b6:36:ac:6c:d8:c2:
ab:68:71:de:f8:7e:7f:b4:1d:37:6c:4c:e5:02:b0:0e:b5:bc:
95:55:c6:bf:8d:e4:5c:ec:e2:cd:d1:8f:73:c2:6f:67:96:75:
b7:aa:ed:b6:e7:0f:c5:1f:4c:81:2c:fe:c3:c1:b0:a8:6e:f2:
1f:c2:84:95:12:5e:35:e6:10:08:7d:ba:fa:bb:7d:2e:a6:e4:
3d:43:94:c8:90:c5:4b:ae:7f:30:36:a9:f1:1a:21:b3:9a:e8:
1d:98:d3:6d:e4:f9:4d:a2:bb:93:9b:87:49:e6:25:dc:ca:6d:
c6:c7:ca:5e:fa:05:f3:60:f6:5d:e8:11:c3:90:38:bc:1d:06:
91:04:10:96:61:40:34:11:e2:d5:6d:7f:b6:52:d3:8b:21:de:
b3:37:68:21:52:df:d2:22:44:86:5e:2f:27:ff:5d:7b:64:8c:
6d:60:53:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8otydgXXQjcKxKg9LnYXBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MDcxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWI3MzdmZGVhZjc5ZTQ3ZDkzYTUxYzVmZjFmMDAyMWJmZTQ3MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3VNqlDPIt2tOsCiqqHINcEE5fwQ
j3hXM46cv/HKtBKUSjn4LDp1hF6gsarA354zz+FjdLmIM3zmIFXNmfcit6PEdDl6
h1tSLNCXi70fQqe9FExcUG3/30JTGNCtQ6tWuIOUdqacvGAUWmykjczJQWwes1pw
piF8Q6TTpFV6k3cgU2/wHEt4ghYC+K9NP/QLR4JWiriY3SDencrNnR52PtTkswku
Cw9GAbYdZVHOTot+WYTlwVLPs2cdh4AnBkG2vm8EeThE3NzvhFMkGK1SWXUIWQDV
1SHktzMLdt+hsAbyI1fFvczqwELTuZpvJ3kdQmGmDF8NYdCzgmsziVpk3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ63N/3q955H2TpRxf8fACG/5HJlMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbnJjM19lcjNua2ZaT2xIRl94OEFJYl9rY21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5RtMA0G
CSqGSIb3DQEBCwUAA4IBAQACHFTh26CyEy9OeKXehSUwaREFxq65sVOqvq7uchku
a9QInImx4EWMkE6D/0wS1qsYjydxRwCN41IssIVLPq0XRztUWiEGBi89k9/7/Ucx
oe1CdXC2Nqxs2MKraHHe+H5/tB03bEzlArAOtbyVVca/jeRc7OLN0Y9zwm9nlnW3
qu225w/FH0yBLP7DwbCobvIfwoSVEl415hAIfbr6u30upuQ9Q5TIkMVLrn8wNqnx
GiGzmugdmNNt5PlNoruTm4dJ5iXcym3Gx8pe+gXzYPZd6BHDkDi8HQaRBBCWYUA0
EeLVbX+2UtOLId6zN2ghUt/SIkSGXi8n/117ZIxtYFPM
-----END CERTIFICATE-----
Generated at Thu May 8 04:21:32 2025 by rpki-client