Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/PNwNw7X7nl9nLy5i11Mbd9gAxws.roa
File: PNwNw7X7nl9nLy5i11Mbd9gAxws.roa (raw, json)
Hash identifier: 98xxpPc368kBdKb0HDLUpE103zJnBEXoeCtG6pffFv0=
Subject key identifier: 3C:DC:0D:C3:B5:FB:9E:5F:67:2F:2E:62:D7:53:1B:77:D8:00:C7:0B
Certificate issuer: /CN=cce57dc8234df5f59d67fdc6856bb262e7193f52
Certificate serial: 0196B2D07E0B573941DE9763DBC96966210E
Authority key identifier: CC:E5:7D:C8:23:4D:F5:F5:9D:67:FD:C6:85:6B:B2:62:E7:19:3F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zOV9yCNN9fWdZ_3GhWuyYucZP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/PNwNw7X7nl9nLy5i11Mbd9gAxws.roa
Signing time: Fri 09 May 2025 02:12:10 +0000
ROA not before: Fri 09 May 2025 02:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48093
IP address blocks: 37.26.152.0/21 maxlen: 21
37.26.152.0/22 maxlen: 22
37.26.156.0/23 maxlen: 23
37.26.158.0/23 maxlen: 23
91.207.112.0/23 maxlen: 23
2a03:28e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 May 2025 02:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b2:d0:7e:0b:57:39:41:de:97:63:db:c9:69:66:21:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cce57dc8234df5f59d67fdc6856bb262e7193f52
Validity
Not Before: May 9 02:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cdc0dc3b5fb9e5f672f2e62d7531b77d800c70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:b6:c3:ce:dd:99:ab:91:9a:88:c0:9a:be:
6c:30:52:1a:b1:8d:6a:5d:64:74:87:2b:6b:82:f0:
c0:3e:21:f8:4e:88:3c:6a:fc:3e:c4:14:96:02:13:
40:40:1b:c2:ab:b6:44:06:b6:b9:b3:eb:9e:b4:17:
8e:c8:43:29:21:09:7b:6c:57:8d:fb:46:e5:85:cd:
53:4a:0f:be:29:1d:5b:df:e7:43:a3:26:c8:6f:e4:
2d:fd:b9:6d:fb:db:86:3b:03:cc:77:14:dc:26:ee:
6a:51:b5:56:77:14:01:bc:e6:d7:c1:53:68:38:bf:
dc:7c:be:8d:fa:79:8f:09:c6:01:bc:a3:cf:61:98:
05:8b:ff:80:1c:49:43:db:6f:7a:c1:9e:8a:19:ab:
79:23:15:a7:85:79:78:d3:0b:cb:1b:f8:be:0d:a8:
f8:d5:f8:fa:b0:c3:c8:96:9c:7b:b5:f5:63:1e:0a:
86:e0:70:a3:bf:45:3a:d2:13:db:63:a1:53:30:f3:
20:55:6a:c7:80:d3:53:7f:1e:82:d9:ef:e4:88:ca:
6b:a4:ce:82:7a:16:91:df:f7:e3:ca:65:2a:7f:62:
4d:c7:dc:2f:56:e8:da:79:ce:f8:f6:1d:ea:ab:af:
50:a1:4e:42:b3:b4:65:f3:ea:04:5e:16:5a:67:63:
3b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DC:0D:C3:B5:FB:9E:5F:67:2F:2E:62:D7:53:1B:77:D8:00:C7:0B
X509v3 Authority Key Identifier:
keyid:CC:E5:7D:C8:23:4D:F5:F5:9D:67:FD:C6:85:6B:B2:62:E7:19:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zOV9yCNN9fWdZ_3GhWuyYucZP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/PNwNw7X7nl9nLy5i11Mbd9gAxws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/zOV9yCNN9fWdZ_3GhWuyYucZP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.152.0/21
91.207.112.0/23
IPv6:
2a03:28e0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:52:16:bf:f7:28:25:08:05:57:81:66:57:2c:e1:7f:34:72:
2c:bc:83:e4:c4:39:14:4b:44:30:96:4b:17:79:0b:01:9f:75:
1e:b2:8e:60:a2:85:c2:a2:2f:10:78:49:99:2c:3f:0b:02:9f:
01:62:6f:ea:3e:e8:6c:95:95:4d:89:52:4c:f3:dd:46:87:d2:
d8:0a:c9:dc:0a:19:e1:8a:0a:59:cf:ea:fb:65:92:be:6c:75:
f8:4e:46:cc:d7:db:e4:0c:9f:ed:5d:2d:90:80:9d:44:60:a0:
fc:f6:51:90:fe:e6:dd:2e:98:16:31:76:2c:5d:ac:5a:b2:1c:
49:d9:5f:6a:e5:db:d3:e9:c9:1b:fa:5e:cf:5d:17:3a:9a:77:
bc:9f:29:08:a6:43:3b:9a:d2:d5:61:1b:4a:14:46:98:6e:03:
3f:8e:b1:8e:ba:08:53:3a:12:0a:74:6c:f6:83:4f:01:74:6c:
98:45:63:ce:8f:b4:11:84:c4:fc:c0:bc:4f:9f:b3:af:18:e3:
22:ae:ae:8b:56:8d:23:97:f3:16:da:a0:7f:44:c2:7e:58:16:
f6:a7:18:1a:f6:9e:da:d0:30:e6:6b:30:14:fe:4f:82:bf:9b:
e0:14:01:b1:ae:ac:99:18:c7:95:e8:80:c6:4a:5c:a6:f5:f5:
75:e5:6c:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZay0H4LVzlB3pdj28lpZiEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZTU3ZGM4MjM0ZGY1ZjU5ZDY3ZmRjNjg1NmJiMjYyZTcx
OTNmNTIwHhcNMjUwNTA5MDIxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RjMGRjM2I1ZmI5ZTVmNjcyZjJlNjJkNzUzMWI3N2Q4MDBjNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGG2w87dmauRmojAmr5sMFIasY1q
XWR0hytrgvDAPiH4Tog8avw+xBSWAhNAQBvCq7ZEBra5s+uetBeOyEMpIQl7bFeN
+0blhc1TSg++KR1b3+dDoybIb+Qt/blt+9uGOwPMdxTcJu5qUbVWdxQBvObXwVNo
OL/cfL6N+nmPCcYBvKPPYZgFi/+AHElD2296wZ6KGat5IxWnhXl40wvLG/i+Daj4
1fj6sMPIlpx7tfVjHgqG4HCjv0U60hPbY6FTMPMgVWrHgNNTfx6C2e/kiMprpM6C
ehaR3/fjymUqf2JNx9wvVujaec749h3qq69QoU5Cs7Rl8+oEXhZaZ2M7QwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDzcDcO1+55fZy8uYtdTG3fYAMcLMB8GA1UdIwQY
MBaAFMzlfcgjTfX1nWf9xoVrsmLnGT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek9WOXlDTk45ZldkWl8zR2hXdXlZdWNaUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zNGFjZjQtNzQ3Zi00NWZlLTgxMjkt
NDAyZjFmYjg0OGNmLzEvUE53Tnc3WDdubDluTHk1aTExTWJkOWdBeHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zNGFjZjQtNzQ3Zi00NWZlLTgxMjktNDAyZjFmYjg0OGNm
LzEvek9WOXlDTk45ZldkWl8zR2hXdXlZdWNaUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRqYAwQB
W89wMA0EAgACMAcDBQAqAyjgMA0GCSqGSIb3DQEBCwUAA4IBAQAdUha/9yglCAVX
gWZXLOF/NHIsvIPkxDkUS0QwlksXeQsBn3Ueso5gooXCoi8QeEmZLD8LAp8BYm/q
PuhslZVNiVJM891Gh9LYCsncChnhigpZz+r7ZZK+bHX4TkbM19vkDJ/tXS2QgJ1E
YKD89lGQ/ubdLpgWMXYsXaxashxJ2V9q5dvT6ckb+l7PXRc6mne8nykIpkM7mtLV
YRtKFEaYbgM/jrGOughTOhIKdGz2g08BdGyYRWPOj7QRhMT8wLxPn7OvGOMirq6L
Vo0jl/MW2qB/RMJ+WBb2pxga9p7a0DDmazAU/k+Cv5vgFAGxrqyZGMeV6IDGSlym
9fV15WwC
-----END CERTIFICATE-----
Generated at Wed Jun 18 23:12:03 2025 by rpki-client