Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NZFto_V6jpH1HSy24Uy6khuOsHQ.roa
File: NZFto_V6jpH1HSy24Uy6khuOsHQ.roa (raw, json)
Hash identifier: boawJlJtsW5UYeOXkv6ANUm988+2NdGMFJgBpgxUsdg=
Subject key identifier: 35:91:6D:A3:F5:7A:8E:91:F5:1D:2C:B6:E1:4C:BA:92:1B:8E:B0:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BEBF93D05ED6854702803C3D4AF344DFF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NZFto_V6jpH1HSy24Uy6khuOsHQ.roa
Signing time: Mon 20 Nov 2023 09:04:21 +0000
ROA not before: Mon 20 Nov 2023 09:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 146.19.151.0/24 maxlen: 24
37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
146.19.110.0/24 maxlen: 24
146.19.132.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
62.3.57.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
62.3.5.0/24 maxlen: 24
146.19.232.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.149.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
62.106.74.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
146.19.40.0/24 maxlen: 24
193.9.25.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
146.19.30.0/24 maxlen: 24
146.19.36.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
212.52.10.0/24 maxlen: 24
212.52.11.0/24 maxlen: 24
212.52.9.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
212.18.102.0/24 maxlen: 24
212.18.106.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
109.205.186.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
91.246.63.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
176.97.211.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.32.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:eb:f9:3d:05:ed:68:54:70:28:03:c3:d4:af:34:4d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 20 09:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35916da3f57a8e91f51d2cb6e14cba921b8eb074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:97:aa:03:7c:c7:d7:5f:8c:b8:ff:7c:d4:ea:
64:67:b7:e1:10:0d:5c:14:ba:73:04:8d:41:b9:d6:
4b:8c:f9:c9:e8:6e:df:c0:76:0f:71:56:4f:0e:f4:
96:ee:9e:36:6c:46:a8:9d:ca:0b:b5:4b:32:62:3b:
7f:50:56:eb:c5:ed:62:bc:58:ca:e0:e7:fb:6e:12:
f7:4f:63:28:8d:26:3a:7f:08:1d:a1:64:ba:dd:cd:
7d:1c:af:81:30:e4:f3:97:bf:45:bd:50:4f:de:bf:
8b:0e:16:8f:79:8a:bb:c6:b6:59:ef:e6:d8:31:cd:
d6:38:e5:3a:3a:4e:78:b1:26:c8:30:1a:03:55:27:
62:aa:50:62:e3:69:e6:b9:79:d7:3f:02:91:d2:2a:
c4:cf:4e:b3:4e:f4:e8:22:35:93:8a:5c:cd:24:67:
38:e2:bc:93:29:b5:63:dc:69:f4:3c:3d:83:c9:8c:
5c:f3:93:70:99:78:56:7b:11:75:50:d7:d1:f8:c8:
89:89:6d:35:98:70:27:9f:17:35:7e:50:e0:f9:a8:
57:f7:68:79:f6:bf:b2:31:5c:0b:92:2c:af:15:c2:
3d:9d:05:79:4e:4b:1d:0e:47:03:61:ef:f7:e8:30:
cb:f2:90:e2:02:10:e7:27:f5:72:c3:d9:c6:57:75:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:91:6D:A3:F5:7A:8E:91:F5:1D:2C:B6:E1:4C:BA:92:1B:8E:B0:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NZFto_V6jpH1HSy24Uy6khuOsHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.3.5.0/24
62.3.57.0/24
62.106.74.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.32.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.246.63.0/24
91.247.172.0/24
94.154.126.0/24
109.205.186.0/24
146.19.30.0/24
146.19.36.0/24
146.19.40.0/24
146.19.110.0/24
146.19.132.0/24
146.19.151.0/24
146.19.232.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.97.211.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.9.25.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.18.102.0/24
212.18.106.0/24
212.24.123.0/24
212.52.9.0-212.52.11.255
213.109.149.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:1f:a6:6a:c3:69:96:1f:1f:0d:26:78:85:90:25:57:3c:84:
90:83:02:51:9b:7a:e9:ca:71:93:e7:72:9c:ec:b2:e2:65:f8:
fc:90:f2:cc:43:48:75:b1:d1:ab:3c:de:43:c5:70:2c:49:80:
d5:7d:f6:91:82:e0:8c:f1:ab:cb:fc:c5:c3:8d:20:f3:cf:c9:
41:9b:53:dd:8c:0f:0f:57:75:c2:cd:da:94:b9:a3:12:06:70:
2a:34:d2:99:48:46:69:6b:f7:85:72:79:6f:a9:0b:b8:de:8f:
91:43:e9:50:f1:3c:af:0b:d0:15:24:eb:21:d2:91:85:12:d2:
b5:94:45:e4:30:04:de:0b:a0:b2:77:f8:15:9f:45:46:a2:b3:
b0:15:d3:a1:c3:d4:50:bd:d6:a9:b7:0a:a3:f2:e6:6b:89:9f:
a0:ac:5f:8b:9e:d9:c6:af:30:28:23:f3:c8:80:60:6a:20:90:
3c:36:13:5a:3b:70:ab:87:9a:bb:50:01:25:f3:e1:54:ad:a2:
72:e5:ec:86:0b:88:4e:4b:3d:ee:7b:9d:7c:dd:23:bb:69:76:
96:49:8b:07:1d:28:9e:72:a6:d5:5f:60:84:25:09:35:18:0e:
e1:e9:ea:82:1d:15:75:dc:36:eb:a0:c9:a7:45:f9:7a:8d:26:
aa:7f:0f:13
-----BEGIN CERTIFICATE-----
MIIGrTCCBZWgAwIBAgISAYvr+T0F7WhUcCgDw9SvNE3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTIwMDkwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkxNmRhM2Y1N2E4ZTkxZjUxZDJjYjZlMTRjYmE5MjFiOGViMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZeqA3zH11+MuP981OpkZ7fhEA1c
FLpzBI1BudZLjPnJ6G7fwHYPcVZPDvSW7p42bEaoncoLtUsyYjt/UFbrxe1ivFjK
4Of7bhL3T2MojSY6fwgdoWS63c19HK+BMOTzl79FvVBP3r+LDhaPeYq7xrZZ7+bY
Mc3WOOU6Ok54sSbIMBoDVSdiqlBi42nmuXnXPwKR0irEz06zTvToIjWTilzNJGc4
4ryTKbVj3Gn0PD2DyYxc85NwmXhWexF1UNfR+MiJiW01mHAnnxc1flDg+ahX92h5
9r+yMVwLkiyvFcI9nQV5TksdDkcDYe/36DDL8pDiAhDnJ/Vyw9nGV3XKaQIDAQAB
o4IDuTCCA7UwHQYDVR0OBBYEFDWRbaP1eo6R9R0stuFMupIbjrB0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTlpGdG9fVjZqcEgxSFN5MjRVeTZraHVPc0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzQYIKwYBBQUHAQcBAf8EggG8MIIBuDCCAbQEAgABMIIB
rAMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAG3NugMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIT
hAMEAJITlwMEAJIT6AMEALBhwwMEALBhxgMEALBhyAMEALBh0wMEALB2IwMEALB+
dwMEALmXkQMEALmhewMEALm42AMEALnqDwMEALnr4QMEALnr5AMEALn81QMEALzx
nwMEALzx+AMEALz0fgMEAcEDtAMEAMEDuwMEAMEJGQMEAMEmmgMEAcGjwAMEAMGj
wwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIayAMEAMKWTAMEANQSZgMEANQSagMEANQY
ezAMAwQA1DQJAwQC1DQIAwQA1W2VAwQA1W2cAwQA1W2fAwQA1a0lAwQA2XeHMA0G
CSqGSIb3DQEBCwUAA4IBAQB9H6Zqw2mWHx8NJniFkCVXPISQgwJRm3rpynGT53Kc
7LLiZfj8kPLMQ0h1sdGrPN5DxXAsSYDVffaRguCM8avL/MXDjSDzz8lBm1PdjA8P
V3XCzdqUuaMSBnAqNNKZSEZpa/eFcnlvqQu43o+RQ+lQ8TyvC9AVJOsh0pGFEtK1
lEXkMATeC6Cyd/gVn0VGorOwFdOhw9RQvdaptwqj8uZriZ+grF+LntnGrzAoI/PI
gGBqIJA8NhNaO3Crh5q7UAEl8+FUraJy5eyGC4hOSz3ue5183SO7aXaWSYsHHSie
cqbVX2CEJQk1GA7h6eqCHRV13DbroMmnRfl6jSaqfw8T
-----END CERTIFICATE-----
Generated at Mon Nov 20 11:29:15 2023 by rpki-client on console-ams.rpki-client.org