Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/DevgpMvRx7KW2M2mOGxyhbGKrKQ.roa
File: DevgpMvRx7KW2M2mOGxyhbGKrKQ.roa (raw, json)
Hash identifier: 1uIBsRjTrRSTXpA7CsoCfryWb5qloLWFlk3YkpEJuFI=
Subject key identifier: 0D:EB:E0:A4:CB:D1:C7:B2:96:D8:CD:A6:38:6C:72:85:B1:8A:AC:A4
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019423D6F93E930BBE5F973F24195487FCFE
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/DevgpMvRx7KW2M2mOGxyhbGKrKQ.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a0d:cdc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Feb 2025 11:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f9:3e:93:0b:be:5f:97:3f:24:19:54:87:fc:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0debe0a4cbd1c7b296d8cda6386c7285b18aaca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:47:9b:7d:4b:b4:13:23:91:58:07:e9:ab:70:
94:7e:27:17:82:70:bd:f7:f4:fc:42:f5:90:6c:2e:
30:86:e9:93:5b:51:ad:ec:20:a6:89:dc:8d:63:84:
db:ed:a4:13:3a:82:7c:98:5c:d6:e1:72:0b:18:17:
92:97:41:f4:05:9e:bf:6f:be:f5:e4:fc:36:13:b6:
45:7d:b1:10:8f:95:10:8d:b2:d8:de:3b:48:13:58:
03:22:7f:ff:0b:f1:82:32:96:26:61:a8:8c:78:69:
1e:90:6e:9e:20:7b:da:92:5d:a9:80:f2:26:d0:43:
8c:42:db:85:d3:23:75:5b:04:77:bd:4f:27:32:a7:
1c:89:71:8e:6b:57:2a:19:e3:cb:87:b7:94:1f:c4:
38:8a:7a:7c:37:dd:c4:ad:02:36:19:46:3c:62:a2:
b5:65:46:2f:bf:90:67:4d:c4:96:e4:3b:08:48:fd:
be:9c:f0:f3:05:30:78:c5:6e:4f:41:0a:30:71:91:
58:f2:0f:73:55:03:80:83:73:d4:72:2a:52:4d:dc:
c1:d6:1e:42:c7:26:f8:f0:63:99:fd:7f:f2:83:32:
89:f7:4a:d1:02:bb:8d:c5:8e:07:bb:ad:5f:9b:d6:
f9:d9:25:5c:ad:29:b4:74:2b:41:81:ec:3c:d9:ba:
bb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:EB:E0:A4:CB:D1:C7:B2:96:D8:CD:A6:38:6C:72:85:B1:8A:AC:A4
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/DevgpMvRx7KW2M2mOGxyhbGKrKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc6::/32
Signature Algorithm: sha256WithRSAEncryption
6d:c7:c7:1e:d6:dd:31:3a:68:17:a1:c0:7c:87:87:19:49:65:
dd:e9:9e:d9:74:a9:59:b6:ea:85:88:b6:43:12:a0:31:aa:6e:
08:fa:47:44:6a:04:40:8e:4e:44:0b:7b:1a:2f:9f:30:60:18:
9e:6b:74:aa:0a:86:33:de:ff:79:1c:38:b3:93:ae:49:a2:5d:
d9:36:8b:fa:eb:d7:44:d4:e9:2d:e5:7b:8e:df:88:b5:51:e1:
33:62:ef:c2:02:c0:fe:cb:19:60:e5:0b:e7:9e:88:34:0f:b9:
37:29:5d:e0:d5:80:6c:d2:aa:2f:62:f5:9f:20:45:b8:97:7a:
d9:d1:3a:6b:d6:92:b4:c7:25:49:e0:3f:2c:ba:72:85:c4:52:
d9:03:75:ce:7b:4e:a2:c6:46:7f:3a:06:f8:a5:5c:fc:72:43:
ac:9a:03:de:1f:46:59:44:b7:38:a0:65:ed:6a:1b:53:c7:bc:
00:60:cc:ea:3b:ed:9b:46:8c:c9:cb:13:b0:4a:4d:1e:07:c4:
c3:69:ac:02:8d:05:7a:8a:05:b0:ff:f0:f2:64:d5:72:27:2b:
e5:62:71:2c:4a:e7:05:be:47:1a:1f:ad:1e:3b:73:f7:c8:ad:
70:3a:c2:0b:30:f1:2a:ec:e6:cf:9d:96:17:ec:d6:1d:5c:04:
5e:38:ce:9b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj1vk+kwu+X5c/JBlUh/z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGViZTBhNGNiZDFjN2IyOTZkOGNkYTYzODZjNzI4NWIxOGFhY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEebfUu0EyORWAfpq3CUficXgnC9
9/T8QvWQbC4whumTW1Gt7CCmidyNY4Tb7aQTOoJ8mFzW4XILGBeSl0H0BZ6/b771
5Pw2E7ZFfbEQj5UQjbLY3jtIE1gDIn//C/GCMpYmYaiMeGkekG6eIHvakl2pgPIm
0EOMQtuF0yN1WwR3vU8nMqcciXGOa1cqGePLh7eUH8Q4inp8N93ErQI2GUY8YqK1
ZUYvv5BnTcSW5DsISP2+nPDzBTB4xW5PQQowcZFY8g9zVQOAg3PUcipSTdzB1h5C
xyb48GOZ/X/ygzKJ90rRAruNxY4Hu61fm9b52SVcrSm0dCtBgew82bq7+wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA3r4KTL0ceyltjNpjhscoWxiqykMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvRGV2Z3BNdlJ4N0tXMk0ybU9HeHloYkdLcktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3NxjAN
BgkqhkiG9w0BAQsFAAOCAQEAbcfHHtbdMTpoF6HAfIeHGUll3eme2XSpWbbqhYi2
QxKgMapuCPpHRGoEQI5ORAt7Gi+fMGAYnmt0qgqGM97/eRw4s5OuSaJd2TaL+uvX
RNTpLeV7jt+ItVHhM2LvwgLA/ssZYOUL556INA+5Nyld4NWAbNKqL2L1nyBFuJd6
2dE6a9aStMclSeA/LLpyhcRS2QN1zntOosZGfzoG+KVc/HJDrJoD3h9GWUS3OKBl
7WobU8e8AGDM6jvtm0aMycsTsEpNHgfEw2msAo0FeooFsP/w8mTVcicr5WJxLErn
Bb5HGh+tHjtz98itcDrCCzDxKuzmz52WF+zWHVwEXjjOmw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:51:15 2025 by rpki-client