Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/20-BcmuVOrKfZIxopeIK5o4jXb0.roa
File: 20-BcmuVOrKfZIxopeIK5o4jXb0.roa (raw, json)
Hash identifier: Nr0aIEqlWs++Md6uU2Jlj6V+fCKIFXB9y041Lj3Q5ds=
Subject key identifier: DB:4F:81:72:6B:95:3A:B2:9F:64:8C:68:A5:E2:0A:E6:8E:23:5D:BD
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019675A46934B50AB15EF392BB934590B4D2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/20-BcmuVOrKfZIxopeIK5o4jXb0.roa
Signing time: Sun 27 Apr 2025 05:07:11 +0000
ROA not before: Sun 27 Apr 2025 05:07:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:a4:69:34:b5:0a:b1:5e:f3:92:bb:93:45:90:b4:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 05:07:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db4f81726b953ab29f648c68a5e20ae68e235dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ca:69:f5:a5:6c:25:fe:56:cd:f8:5a:91:75:
c6:c9:8a:db:8c:ef:d7:0e:bf:02:f6:0c:67:18:6b:
c7:a7:0b:4c:9d:e9:fb:78:1d:ef:aa:35:c0:ff:49:
b1:2f:2b:46:a5:42:96:48:53:94:40:46:cc:fa:80:
a7:4e:04:ed:15:b8:cf:08:85:66:76:f8:3d:fe:59:
02:60:6e:eb:b7:e8:a1:9d:61:68:68:b9:c7:56:a2:
7b:b0:28:04:39:06:58:12:2e:e1:cc:fc:89:01:08:
34:6d:05:0b:12:7c:9d:cf:4f:c3:37:44:ea:77:cb:
a8:e6:79:fe:7b:a3:7b:70:dd:5f:50:fa:fa:09:a8:
d5:07:6a:dd:bd:18:62:7c:ff:cf:c6:98:70:8c:63:
42:49:18:22:b4:cf:0e:ed:c2:5d:b6:ca:db:32:78:
e5:5d:25:a7:38:22:87:04:2b:5e:77:6f:6d:b7:da:
d5:2f:cc:9e:a7:3d:7a:53:33:e3:b3:5f:8f:07:b5:
39:bf:f1:d8:8c:0b:e6:0f:aa:07:7f:03:c0:b5:24:
db:50:15:d1:26:67:76:1b:0e:b9:d2:bc:26:6b:76:
cc:18:8d:60:3e:8a:b6:fc:fe:d0:ea:b6:19:b6:eb:
d4:e5:76:e5:aa:03:a7:cc:a6:ea:4d:6e:06:ff:11:
19:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4F:81:72:6B:95:3A:B2:9F:64:8C:68:A5:E2:0A:E6:8E:23:5D:BD
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/20-BcmuVOrKfZIxopeIK5o4jXb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
Signature Algorithm: sha256WithRSAEncryption
2e:48:8f:3a:82:f6:30:1f:b3:22:22:1e:2b:6d:7e:87:8d:2c:
b2:fd:29:b9:be:c0:ba:34:41:e4:ee:8c:19:a9:4c:c6:fe:79:
b6:72:23:53:76:5a:29:a3:24:f8:fc:2e:5a:9b:b2:ee:31:60:
f9:11:9f:12:e4:c8:e9:cf:7f:e6:20:96:bb:f1:47:2f:6b:f0:
c4:6c:47:5d:b6:45:fd:d5:34:eb:bc:cd:d6:21:e8:d7:30:8c:
c6:27:2b:6c:48:fa:67:0e:30:dc:d3:da:c3:71:75:79:43:48:
36:94:e7:46:03:b1:f4:39:87:54:07:ee:62:ef:3e:9f:6f:2b:
d5:cc:42:06:f6:07:c1:59:96:86:88:89:c4:da:63:84:b4:66:
e2:db:d3:0d:1b:1a:ca:8d:fe:1c:67:46:f6:7e:5d:f6:7d:a8:
96:49:4d:3f:cd:70:95:55:10:eb:33:d5:16:9d:a8:2b:5a:f6:
f4:df:65:e6:78:25:fd:aa:19:55:83:c6:17:35:96:3a:0a:bc:
4e:3d:25:6d:a2:88:26:7b:6a:89:8f:ac:bb:33:9e:ce:6d:c2:
70:57:e6:7b:08:51:44:0c:96:79:c2:34:9c:4b:60:f6:c0:e7:
ab:a7:9c:f9:fc:88:19:7e:61:a1:4f:fd:70:1b:72:91:dd:d7:
91:ee:9b:b7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZZ1pGk0tQqxXvOSu5NFkLTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDUwNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRmODE3MjZiOTUzYWIyOWY2NDhjNjhhNWUyMGFlNjhlMjM1ZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8pp9aVsJf5WzfhakXXGyYrbjO/X
Dr8C9gxnGGvHpwtMnen7eB3vqjXA/0mxLytGpUKWSFOUQEbM+oCnTgTtFbjPCIVm
dvg9/lkCYG7rt+ihnWFoaLnHVqJ7sCgEOQZYEi7hzPyJAQg0bQULEnydz0/DN0Tq
d8uo5nn+e6N7cN1fUPr6CajVB2rdvRhifP/PxphwjGNCSRgitM8O7cJdtsrbMnjl
XSWnOCKHBCted29tt9rVL8yepz16UzPjs1+PB7U5v/HYjAvmD6oHfwPAtSTbUBXR
Jmd2Gw650rwma3bMGI1gPoq2/P7Q6rYZtuvU5XblqgOnzKbqTW4G/xEZYwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNtPgXJrlTqyn2SMaKXiCuaOI129MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMjAtQmNtdVZPcktmWkl4b3BlSUs1bzRqWGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJcrBMAwD
BAAlysMDBAElysgwDQYJKoZIhvcNAQELBQADggEBAC5IjzqC9jAfsyIiHittfoeN
LLL9Kbm+wLo0QeTujBmpTMb+ebZyI1N2WimjJPj8Llqbsu4xYPkRnxLkyOnPf+Yg
lrvxRy9r8MRsR122Rf3VNOu8zdYh6NcwjMYnK2xI+mcOMNzT2sNxdXlDSDaU50YD
sfQ5h1QH7mLvPp9vK9XMQgb2B8FZloaIicTaY4S0ZuLb0w0bGsqN/hxnRvZ+XfZ9
qJZJTT/NcJVVEOsz1RadqCta9vTfZeZ4Jf2qGVWDxhc1ljoKvE49JW2iiCZ7aomP
rLszns5twnBX5nsIUUQMlnnCNJxLYPbA56unnPn8iBl+YaFP/XAbcpHd15Hum7c=
-----END CERTIFICATE-----
Generated at Fri Jun 6 20:33:59 2025 by rpki-client