Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/nrx_Go_DCIZeFoEXLpKxswIdl74.roa
File: nrx_Go_DCIZeFoEXLpKxswIdl74.roa (raw, json)
Hash identifier: xjqCwWTOR/lB5b8mgEQxmJODDZw4o72ENWE9U58uTZk=
Subject key identifier: 9E:BC:7F:1A:8F:C3:08:86:5E:16:81:17:2E:92:B1:B3:02:1D:97:BE
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 0194AD0A629E7CEB720A84CC3C0153FF009E
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/nrx_Go_DCIZeFoEXLpKxswIdl74.roa
Signing time: Tue 28 Jan 2025 13:12:06 +0000
ROA not before: Tue 28 Jan 2025 13:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.80.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 12:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:0a:62:9e:7c:eb:72:0a:84:cc:3c:01:53:ff:00:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 28 13:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ebc7f1a8fc308865e1681172e92b1b3021d97be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8f:5c:7f:9a:7d:ee:8d:9c:35:4b:2f:65:c9:
00:b1:a2:d2:cd:f9:5a:e5:04:38:f2:6c:23:8e:1c:
c4:22:f8:94:da:9b:0f:bd:08:8d:b9:63:6f:2f:d6:
c4:0d:f7:e0:64:40:5e:27:90:0c:0d:48:94:d2:4c:
d6:a1:e1:ad:31:89:65:8e:8f:02:3f:f2:37:e0:80:
67:66:46:67:11:0a:38:6c:4e:36:18:c8:e2:d5:8c:
76:24:3d:7f:3b:a2:99:43:64:b1:19:b8:65:2d:3b:
8a:ff:25:ce:02:38:8f:c2:6f:8a:48:8b:69:0f:4e:
52:ee:0f:c6:52:3c:16:8e:d2:01:8a:95:bc:9e:66:
23:eb:cb:4e:09:16:82:25:f1:1e:a3:28:0d:1f:71:
7a:6a:5f:d1:8f:60:9a:b5:4b:06:48:75:1d:11:bc:
f0:87:dd:c8:10:13:d2:3b:76:44:04:de:e9:fb:96:
25:d4:ef:aa:d9:59:b9:f4:bd:1c:32:43:28:e8:ee:
65:f9:13:71:dc:9c:ee:d5:9f:6d:8c:1e:cf:0f:6e:
c6:2b:ef:30:7a:c0:8e:56:35:7e:bd:46:ff:09:a7:
4b:3f:c9:54:38:60:5a:bc:ba:95:55:67:ee:a8:db:
f7:92:bf:04:f1:cb:4b:e5:62:81:c8:7d:cb:75:ff:
3b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BC:7F:1A:8F:C3:08:86:5E:16:81:17:2E:92:B1:B3:02:1D:97:BE
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/nrx_Go_DCIZeFoEXLpKxswIdl74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.141.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ba:26:a7:3d:5b:bb:5e:c6:ba:30:a8:5d:01:c8:b5:d9:9d:
72:46:97:23:a2:7f:83:22:30:f1:fc:24:f2:b5:9e:c8:f3:52:
e6:c2:65:a7:c3:1c:3f:40:49:17:f4:cc:7f:68:cb:96:1d:f8:
79:9d:81:b5:ed:29:07:d4:e0:32:fb:54:0c:ba:4d:c4:52:f4:
84:58:56:95:e4:ba:d4:56:40:76:e0:d2:99:af:dc:03:c2:78:
14:57:a4:87:40:2b:c4:91:17:83:0c:37:ac:dd:79:94:9f:20:
dd:ba:90:6b:c5:28:67:47:e2:2b:98:57:ca:80:42:6a:88:6a:
df:4e:ed:2f:42:66:b2:84:8e:fb:ac:b7:f3:bf:78:c1:00:03:
78:02:ba:3b:8f:cb:d7:20:9c:90:d8:dc:cf:e4:a6:b6:c1:55:
01:ae:dd:63:78:af:a4:1b:6c:55:77:e1:c2:63:2e:f7:ce:72:
07:48:d5:9b:22:0b:48:33:77:dc:42:9c:68:c1:29:c5:c4:76:
2d:a9:17:7f:3e:1e:11:be:7d:40:56:45:77:68:b5:61:a7:b8:
9e:a5:b5:8d:58:a3:2d:f0:5b:7b:4b:9b:92:2f:57:c9:ad:a1:
2c:86:81:94:4f:fc:2f:13:1b:36:7c:5b:9d:3d:ee:b8:51:04:
b8:40:c8:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZStCmKefOtyCoTMPAFT/wCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTI4MTMxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJjN2YxYThmYzMwODg2NWUxNjgxMTcyZTkyYjFiMzAyMWQ5N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx49cf5p97o2cNUsvZckAsaLSzfla
5QQ48mwjjhzEIviU2psPvQiNuWNvL9bEDffgZEBeJ5AMDUiU0kzWoeGtMYlljo8C
P/I34IBnZkZnEQo4bE42GMji1Yx2JD1/O6KZQ2SxGbhlLTuK/yXOAjiPwm+KSItp
D05S7g/GUjwWjtIBipW8nmYj68tOCRaCJfEeoygNH3F6al/Rj2CatUsGSHUdEbzw
h93IEBPSO3ZEBN7p+5Yl1O+q2Vm59L0cMkMo6O5l+RNx3Jzu1Z9tjB7PD27GK+8w
esCOVjV+vUb/CadLP8lUOGBavLqVVWfuqNv3kr8E8ctL5WKByH3Ldf87vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ68fxqPwwiGXhaBFy6SsbMCHZe+MB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvbnJ4X0dvX0RDSVplRm9FWExwS3hzd0lkbDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCNMA0G
CSqGSIb3DQEBCwUAA4IBAQBduianPVu7Xsa6MKhdAci12Z1yRpcjon+DIjDx/CTy
tZ7I81LmwmWnwxw/QEkX9Mx/aMuWHfh5nYG17SkH1OAy+1QMuk3EUvSEWFaV5LrU
VkB24NKZr9wDwngUV6SHQCvEkReDDDes3XmUnyDdupBrxShnR+IrmFfKgEJqiGrf
Tu0vQmayhI77rLfzv3jBAAN4Aro7j8vXIJyQ2NzP5Ka2wVUBrt1jeK+kG2xVd+HC
Yy73znIHSNWbIgtIM3fcQpxowSnFxHYtqRd/Ph4Rvn1AVkV3aLVhp7iepbWNWKMt
8Ft7S5uSL1fJraEshoGUT/wvExs2fFudPe64UQS4QMjR
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:47:02 2025 by rpki-client