Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/36MR9njXpIqbqHH3wWRNMf57eHk.roa
File: 36MR9njXpIqbqHH3wWRNMf57eHk.roa (raw, json)
Hash identifier: zHOcmeEPit34OTZsHMPI62I+nH6zcCeuyOSbDwCGn7c=
Subject key identifier: DF:A3:11:F6:78:D7:A4:8A:9B:A8:71:F7:C1:64:4D:31:FE:7B:78:79
Certificate issuer: /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial: 018CC87058F340D7246D3CDDDBE69CCCFF48
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/36MR9njXpIqbqHH3wWRNMf57eHk.roa
Signing time: Tue 02 Jan 2024 04:30:55 +0000
ROA not before: Tue 02 Jan 2024 04:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44530
IP address blocks: 37.77.32.0/20 maxlen: 20
2a02:e5c::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 May 2024 21:08:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:58:f3:40:d7:24:6d:3c:dd:db:e6:9c:cc:ff:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Validity
Not Before: Jan 2 04:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfa311f678d7a48a9ba871f7c1644d31fe7b7879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:35:34:f2:be:79:19:b0:c5:65:61:5e:25:41:
de:6f:46:9d:b0:4a:6e:b4:40:19:77:0e:84:2b:27:
87:ee:e1:e1:22:f0:02:ab:68:5a:ed:62:dd:34:4b:
c2:2a:ed:47:50:24:26:bb:2d:77:64:e4:a6:1a:5c:
1d:4b:cc:80:ec:6c:49:b1:f5:37:48:c6:07:03:51:
8e:f4:50:24:6d:eb:26:ee:82:d7:45:c2:4e:92:22:
e2:85:c1:3e:0b:42:f1:5b:17:8c:c9:ac:d0:02:71:
11:54:9d:7a:cc:5f:6a:c3:50:2c:be:6f:e4:82:78:
0a:18:55:7e:45:1c:73:7b:92:61:89:20:e0:c9:3f:
20:bf:6a:34:00:60:98:80:ef:19:49:13:d7:7f:05:
be:39:96:12:ab:d9:b8:b2:fe:c7:b5:22:f3:17:64:
12:39:8e:a1:6f:60:4f:79:bf:fe:74:dd:39:b7:2c:
03:4e:66:7f:cb:1f:50:d9:92:64:1a:3d:d9:5e:37:
8e:78:fa:24:46:dc:16:13:97:f6:f5:e0:60:22:e0:
e1:7d:ae:07:73:f2:90:55:89:86:73:96:04:62:34:
26:3e:41:8a:33:98:a9:8a:b3:0c:52:f4:47:3d:d3:
a6:f9:45:b3:d8:ae:04:c0:6e:f2:41:70:b6:30:74:
cd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A3:11:F6:78:D7:A4:8A:9B:A8:71:F7:C1:64:4D:31:FE:7B:78:79
X509v3 Authority Key Identifier:
keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/36MR9njXpIqbqHH3wWRNMf57eHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.32.0/20
IPv6:
2a02:e5c::/32
Signature Algorithm: sha256WithRSAEncryption
76:8c:92:af:59:0f:4a:ac:d6:e0:f9:ce:f3:12:bb:16:93:b2:
3a:18:ad:f4:41:e8:80:50:5b:c1:10:d1:05:f7:42:88:f9:18:
06:c4:ed:5c:46:be:fb:49:63:7a:88:f5:92:8f:2d:b5:bf:14:
55:3f:cb:3e:ef:3d:48:ac:23:d4:d4:f4:b3:7a:47:67:15:e6:
48:1c:20:f9:8d:ed:4e:a7:b4:0b:3e:36:97:a8:7f:f1:fa:0a:
1a:7d:3d:48:36:56:33:f7:5b:1d:e4:91:2e:05:fe:ca:9d:8b:
7b:ec:b5:eb:8a:37:4a:ba:48:98:c5:91:c1:f7:61:82:60:86:
4a:7a:31:23:69:36:3a:b0:87:a0:7f:07:ba:ea:8d:32:a7:fd:
24:87:fa:88:f8:6c:f0:69:bb:21:06:48:62:02:5a:63:d2:8f:
f3:b9:d6:2c:dd:88:17:86:b6:ef:85:c7:c2:18:b2:af:60:04:
50:88:52:31:11:5e:86:a1:97:a9:e2:c9:4a:17:a6:36:4e:77:
05:36:12:d9:6f:2d:32:0b:75:3a:8d:86:20:9a:13:48:e3:83:
94:7c:bc:03:c3:9c:10:62:16:3c:4b:ce:71:da:15:e6:ec:ca:
e6:44:2b:73:5f:6a:e4:61:c7:90:d0:a3:93:55:15:37:ed:29:
0f:b8:5a:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcFjzQNckbTzd2+aczP9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWUzMWM5MDI5ZWU0NGJkNjgxYjUxNTMzMDMzNWM2YTFj
ZmRlZWUwHhcNMjQwMTAyMDQzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEzMTFmNjc4ZDdhNDhhOWJhODcxZjdjMTY0NGQzMWZlN2I3ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzU08r55GbDFZWFeJUHeb0adsEpu
tEAZdw6EKyeH7uHhIvACq2ha7WLdNEvCKu1HUCQmuy13ZOSmGlwdS8yA7GxJsfU3
SMYHA1GO9FAkbesm7oLXRcJOkiLihcE+C0LxWxeMyazQAnERVJ16zF9qw1Asvm/k
gngKGFV+RRxze5JhiSDgyT8gv2o0AGCYgO8ZSRPXfwW+OZYSq9m4sv7HtSLzF2QS
OY6hb2BPeb/+dN05tywDTmZ/yx9Q2ZJkGj3ZXjeOePokRtwWE5f29eBgIuDhfa4H
c/KQVYmGc5YEYjQmPkGKM5ipirMMUvRHPdOm+UWz2K4EwG7yQXC2MHTNHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN+jEfZ416SKm6hx98FkTTH+e3h5MB8GA1UdIwQY
MBaAFC2eMckCnuRL1oG1FTMDNcahz97uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMt
MDhkYTY2NTJhODY3LzEvMzZNUjlualhwSXFicUhIM3dXUk5NZjU3ZUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMtMDhkYTY2NTJhODY3
LzEvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEJU0gMA0E
AgACMAcDBQAqAg5cMA0GCSqGSIb3DQEBCwUAA4IBAQB2jJKvWQ9KrNbg+c7zErsW
k7I6GK30QeiAUFvBENEF90KI+RgGxO1cRr77SWN6iPWSjy21vxRVP8s+7z1IrCPU
1PSzekdnFeZIHCD5je1Op7QLPjaXqH/x+goafT1INlYz91sd5JEuBf7KnYt77LXr
ijdKukiYxZHB92GCYIZKejEjaTY6sIegfwe66o0yp/0kh/qI+GzwabshBkhiAlpj
0o/zudYs3YgXhrbvhcfCGLKvYARQiFIxEV6GoZep4slKF6Y2TncFNhLZby0yC3U6
jYYgmhNI44OUfLwDw5wQYhY8S85x2hXm7MrmRCtzX2rkYceQ0KOTVRU37SkPuFrj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:27 2025 by rpki-client