Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pzKl-JcYQOZ6OXASMDtUH6Zurto.roa
File: pzKl-JcYQOZ6OXASMDtUH6Zurto.roa (raw, json)
Hash identifier: y+eKsw3PwKSdKpkh8OogHKQRgnpLcP/+/j2b0+BNlbo=
Subject key identifier: A7:32:A5:F8:97:18:40:E6:7A:39:70:12:30:3B:54:1F:A6:6E:AE:DA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D11563D0F8EFE6DCB24E727A8FB86D0E2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pzKl-JcYQOZ6OXASMDtUH6Zurto.roa
Signing time: Tue 16 Jan 2024 08:14:40 +0000
ROA not before: Tue 16 Jan 2024 08:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
89.40.76.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 05:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:56:3d:0f:8e:fe:6d:cb:24:e7:27:a8:fb:86:d0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 16 08:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a732a5f8971840e67a397012303b541fa66eaeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:cb:0e:c7:de:ca:5a:5b:38:63:97:96:89:94:
e1:14:ce:b7:f5:61:64:26:eb:be:4e:7f:15:d6:62:
f6:7c:2d:77:63:25:81:12:71:c6:87:ff:53:9f:46:
f7:32:03:87:0c:d9:ed:92:e3:82:46:5e:ee:0c:3f:
ab:53:2a:32:11:51:61:2b:a2:1a:9b:9e:6b:6b:5e:
00:81:a9:60:9c:52:7a:ba:49:d5:37:20:28:a4:7f:
2c:58:0b:7f:1e:dc:cd:81:77:46:4d:d1:b3:6c:0c:
a9:d4:ad:70:6f:d3:b9:44:4e:d4:2a:f5:a7:8c:50:
69:a9:e1:0a:c9:f8:a0:6f:0b:2c:53:e2:1f:06:df:
54:56:f7:d0:18:19:22:1d:69:6b:91:28:f6:fc:f7:
e0:d7:24:36:c0:67:4e:fb:1b:f4:c2:fb:7e:7a:eb:
d6:31:35:78:ba:7b:2f:e8:dc:dd:ca:63:12:1e:02:
00:9a:80:da:b7:52:b0:a5:c8:8b:5f:53:82:be:f5:
1a:40:7b:3d:9e:ff:90:ff:77:38:1a:f3:6a:3d:11:
fd:dd:35:12:9c:ae:8b:da:f3:4d:b5:9d:8c:b0:60:
38:9c:e5:44:08:9f:99:00:58:76:0c:4a:ce:58:4a:
da:f3:9e:fc:c9:b1:cb:e1:10:b9:2f:76:aa:20:8c:
c4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:32:A5:F8:97:18:40:E6:7A:39:70:12:30:3B:54:1F:A6:6E:AE:DA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pzKl-JcYQOZ6OXASMDtUH6Zurto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.33.84.0/24
89.35.154.0/24
89.37.62.0/23
89.40.76.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.240.232.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
33:a3:73:5b:19:96:80:52:b4:42:47:e7:eb:35:50:89:99:c8:
b3:97:92:f1:01:fc:df:56:f2:e6:67:4b:75:12:81:ac:7f:b2:
82:60:89:77:c3:17:e2:76:ad:f8:1d:9f:91:2f:ba:6d:ae:40:
95:ec:0c:e4:f8:3a:8e:f5:2c:87:83:e6:e5:a4:67:88:a4:91:
9e:c4:f4:15:e0:6e:a7:01:8a:43:6c:1b:4e:15:5c:06:52:4a:
69:0e:25:d3:a4:a6:1d:8e:d8:3c:94:82:c8:c3:88:21:3a:19:
06:5b:92:eb:37:90:d1:8a:f1:0f:1b:cd:e6:c3:37:c8:5a:67:
0a:12:8f:5f:9a:eb:f6:65:c1:f0:dd:50:dd:c0:28:f8:70:57:
e6:a4:5c:38:64:76:3f:b5:5b:fc:1f:66:38:f3:a1:7a:3d:0d:
ef:01:cf:67:45:fe:2b:15:2c:ca:75:4e:b6:86:26:7e:59:28:
29:cb:74:69:2b:6c:b7:7e:a0:80:ec:a4:c6:46:c5:5c:56:3b:
5f:d0:f3:06:8d:7c:e8:51:4a:63:d2:74:89:95:34:67:3e:06:
e2:3a:69:c6:20:37:e8:43:39:ed:6c:95:82:9b:e8:3d:4b:4d:
09:ba:85:4b:cb:b2:8d:77:8c:8e:43:bf:f2:22:c6:e8:74:45:
f3:35:ee:8a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY0RVj0Pjv5tyyTnJ6j7htDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTE2MDgxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzMyYTVmODk3MTg0MGU2N2EzOTcwMTIzMDNiNTQxZmE2NmVhZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ssOx97KWls4Y5eWiZThFM639WFk
Juu+Tn8V1mL2fC13YyWBEnHGh/9Tn0b3MgOHDNntkuOCRl7uDD+rUyoyEVFhK6Ia
m55ra14AgalgnFJ6uknVNyAopH8sWAt/HtzNgXdGTdGzbAyp1K1wb9O5RE7UKvWn
jFBpqeEKyfigbwssU+IfBt9UVvfQGBkiHWlrkSj2/Pfg1yQ2wGdO+xv0wvt+euvW
MTV4unsv6NzdymMSHgIAmoDat1KwpciLX1OCvvUaQHs9nv+Q/3c4GvNqPRH93TUS
nK6L2vNNtZ2MsGA4nOVECJ+ZAFh2DErOWEra8578ybHL4RC5L3aqIIzErQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFKcypfiXGEDmejlwEjA7VB+mbq7aMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcHpLbC1KY1lRT1o2T1hBU01EdFVINlp1cnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBABZIVQDBABZI5oDBAFZJT4DBABZKEwDBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAC81IUDBAG81J4DBAG81tADBAG8
8OADBAC88OMDBAC88OgDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBADOjc1sZloBStEJH5+s1UImZyLOXkvEB/N9W8uZnS3USgax/soJg
iXfDF+J2rfgdn5Evum2uQJXsDOT4Oo71LIeD5uWkZ4ikkZ7E9BXgbqcBikNsG04V
XAZSSmkOJdOkph2O2DyUgsjDiCE6GQZbkus3kNGK8Q8bzebDN8haZwoSj1+a6/Zl
wfDdUN3AKPhwV+akXDhkdj+1W/wfZjjzoXo9De8Bz2dF/isVLMp1TraGJn5ZKCnL
dGkrbLd+oIDspMZGxVxWO1/Q8waNfOhRSmPSdImVNGc+BuI6acYgN+hDOe1slYKb
6D1LTQm6hUvLso13jI5Dv/Iixuh0RfM17oo=
-----END CERTIFICATE-----
Generated at Fri Jan 19 08:55:00 2024 by rpki-client on console-ams.rpki-client.org