Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/G0OTA_lpbM-kc3uHgTvjXyhHbE4.roa
File: G0OTA_lpbM-kc3uHgTvjXyhHbE4.roa (raw, json)
Hash identifier: gKnN8EYTMkbhvD+Vn5C1oNgX8h6HIpfoyqhLNMzkmDA=
Subject key identifier: 1B:43:93:03:F9:69:6C:CF:A4:73:7B:87:81:3B:E3:5F:28:47:6C:4E
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018CC56E4FC385AE4934372AA704DF4D592C
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/G0OTA_lpbM-kc3uHgTvjXyhHbE4.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 130.255.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 09:43:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4f:c3:85:ae:49:34:37:2a:a7:04:df:4d:59:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b439303f9696ccfa4737b87813be35f28476c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:01:61:9e:2d:32:ea:c7:05:67:0b:e9:1a:23:
e4:9c:4d:1d:d1:22:57:15:26:3b:63:b0:03:f7:49:
c9:1b:6d:8d:46:72:20:fa:f2:5e:3d:27:c5:24:f6:
3a:57:39:f5:4e:66:5b:30:b4:ea:a7:19:a5:4a:46:
e2:58:54:f3:93:8c:35:f3:c7:cc:95:c2:8b:be:51:
fe:03:0e:9d:32:7c:60:06:bb:7e:98:3d:fb:92:a1:
67:5f:28:f4:1e:4a:61:31:02:33:2e:9a:d1:ff:03:
2b:87:95:8c:58:53:90:b0:d2:c3:ab:5c:2b:40:78:
6b:56:f3:f8:15:2e:07:44:88:3b:53:dc:a0:35:fd:
0e:33:e3:02:5c:f7:ab:23:b9:f2:08:fe:a6:ca:6d:
82:aa:bc:5c:19:0e:ce:e5:49:3c:6d:02:fc:84:eb:
24:d4:2a:85:59:d6:80:32:1e:b2:4a:14:95:03:40:
7f:1e:de:f3:f4:94:23:92:51:d0:cf:17:21:b9:d6:
e4:b3:ec:87:ae:6e:93:bb:c0:66:55:95:9e:0d:d4:
2b:4e:be:44:66:80:b2:f1:5f:1e:e4:14:36:d3:40:
17:1e:3a:9e:f1:31:f2:f6:89:da:14:7d:ec:f6:e0:
8c:af:d9:7a:be:d1:dc:ba:7e:bd:c8:23:5f:6c:7d:
fa:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:43:93:03:F9:69:6C:CF:A4:73:7B:87:81:3B:E3:5F:28:47:6C:4E
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/G0OTA_lpbM-kc3uHgTvjXyhHbE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.168.0/24
Signature Algorithm: sha256WithRSAEncryption
51:bc:bc:29:16:5b:12:db:0b:21:62:00:57:6f:57:cb:90:01:
ee:21:60:45:df:11:58:fc:91:35:4c:95:dc:84:5c:29:e9:3e:
e8:69:a5:ed:28:b8:b2:a1:28:c4:bc:f1:7b:2e:1c:cc:4b:ec:
20:50:b5:6f:ff:36:0e:c5:8b:2f:e1:29:e7:0f:b0:29:e7:cc:
52:a4:11:bb:a8:9f:e4:f7:b5:76:cb:6a:7e:5e:64:61:37:cc:
9e:a3:a3:c2:24:de:35:3a:db:95:cc:d2:e9:7a:f6:4a:c6:51:
3b:71:b8:56:67:ff:01:7e:8b:2a:52:17:7c:66:d9:40:43:4b:
a4:a6:54:98:12:89:47:b9:cf:e3:e0:38:35:ef:6f:b4:80:d2:
be:14:91:d2:44:6a:f4:57:dc:e2:6b:70:07:4b:42:50:51:70:
b6:97:b8:8e:94:05:ad:1e:62:33:cf:6b:54:a8:7b:64:a5:45:
a9:ed:ff:a9:c5:81:62:bf:27:f0:e2:46:cd:0f:00:18:ed:fb:
5e:dd:4c:b0:3f:23:0b:89:f8:8e:be:c3:bc:51:47:ac:1c:34:
1e:d8:84:84:3a:53:17:cb:4e:e3:65:cc:e2:d5:26:c9:7e:81:
49:ee:3f:ef:00:71:f5:13:0f:72:6e:dd:cd:29:76:d4:95:2f:
a2:d4:f1:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbk/Dha5JNDcqpwTfTVksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQzOTMwM2Y5Njk2Y2NmYTQ3MzdiODc4MTNiZTM1ZjI4NDc2YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQFhni0y6scFZwvpGiPknE0d0SJX
FSY7Y7AD90nJG22NRnIg+vJePSfFJPY6Vzn1TmZbMLTqpxmlSkbiWFTzk4w188fM
lcKLvlH+Aw6dMnxgBrt+mD37kqFnXyj0HkphMQIzLprR/wMrh5WMWFOQsNLDq1wr
QHhrVvP4FS4HRIg7U9ygNf0OM+MCXPerI7nyCP6mym2CqrxcGQ7O5Uk8bQL8hOsk
1CqFWdaAMh6yShSVA0B/Ht7z9JQjklHQzxchudbks+yHrm6Tu8BmVZWeDdQrTr5E
ZoCy8V8e5BQ200AXHjqe8THy9onaFH3s9uCMr9l6vtHcun69yCNfbH36XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtDkwP5aWzPpHN7h4E7418oR2xOMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvRzBPVEFfbHBiTS1rYzN1SGdUdmpYeWhIYkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgv+oMA0G
CSqGSIb3DQEBCwUAA4IBAQBRvLwpFlsS2wshYgBXb1fLkAHuIWBF3xFY/JE1TJXc
hFwp6T7oaaXtKLiyoSjEvPF7LhzMS+wgULVv/zYOxYsv4SnnD7Ap58xSpBG7qJ/k
97V2y2p+XmRhN8yeo6PCJN41OtuVzNLpevZKxlE7cbhWZ/8BfosqUhd8ZtlAQ0uk
plSYEolHuc/j4Dg172+0gNK+FJHSRGr0V9zia3AHS0JQUXC2l7iOlAWtHmIzz2tU
qHtkpUWp7f+pxYFivyfw4kbNDwAY7fte3UywPyMLifiOvsO8UUesHDQe2ISEOlMX
y07jZczi1SbJfoFJ7j/vAHH1Ew9ybt3NKXbUlS+i1PFb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:52 2025 by rpki-client