Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TF-5WPUXASJEgqhUvkV5sfCXsTI.roa
File: TF-5WPUXASJEgqhUvkV5sfCXsTI.roa (raw, json)
Hash identifier: UbkFQsqe2oJDWhao+7NCCVApSxxpH8mpnIeYER3tFs8=
Subject key identifier: 4C:5F:B9:58:F5:17:01:22:44:82:A8:54:BE:45:79:B1:F0:97:B1:32
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TF-5WPUXASJEgqhUvkV5sfCXsTI.roa
Signing time: Sat 10 Feb 2024 15:55:04 +0000
ROA not before: Sat 10 Feb 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 10 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4C5FB958F51701224482A854BE4579B1F097B132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:46:5c:ad:be:db:6f:ed:c9:06:58:c1:fe:36:
a4:5f:97:e1:56:06:36:99:e7:72:ef:3d:fc:89:81:
99:4e:05:91:37:de:09:6e:8c:b0:0e:3f:ff:cd:0e:
9d:74:ee:a5:6b:19:16:81:30:e4:34:4f:16:3b:6d:
30:e1:c1:cf:ef:38:28:4f:2b:64:7a:32:65:0d:b8:
39:d2:07:9e:7d:cb:15:98:c7:c3:e1:ce:9e:f9:6e:
b7:a2:38:df:73:d0:8d:6c:24:37:95:d6:9c:2d:00:
e0:7a:ab:a3:53:c6:3a:e5:73:de:87:5f:bd:c2:81:
ad:d8:ee:03:ae:54:77:ce:0c:c9:2a:b1:ee:75:14:
7e:44:45:a0:ad:50:4d:f7:71:04:92:bf:c7:ea:4f:
8f:44:22:f8:8f:b5:5d:8e:ac:38:0c:2d:20:da:60:
e2:06:68:61:f6:79:2b:c9:8a:f3:88:b6:56:50:7e:
20:30:29:2d:2a:65:d6:00:50:5c:c3:03:69:b8:09:
63:82:df:bf:81:e5:78:41:f0:41:52:e5:a1:38:e9:
ee:05:4e:a8:b5:b4:5e:b5:42:dd:d6:8d:39:ba:c2:
40:93:ca:2a:4a:ca:e4:8e:11:4b:0f:cf:b3:a4:c9:
8e:9b:8f:71:bc:e5:8e:2a:0f:0f:5c:79:0e:48:b1:
66:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:5F:B9:58:F5:17:01:22:44:82:A8:54:BE:45:79:B1:F0:97:B1:32
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TF-5WPUXASJEgqhUvkV5sfCXsTI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
62:58:67:0b:b7:ad:92:63:36:9a:5d:52:ed:60:09:8f:b0:ab:
63:15:bb:d5:80:5a:9a:06:a3:bd:5c:43:ba:ac:10:0d:9d:94:
e3:ac:c7:ba:90:55:39:02:d6:a8:19:02:5c:5e:db:fd:7a:01:
34:60:1f:f6:f5:25:c0:5e:9b:81:39:18:a2:6d:bb:26:60:0f:
21:97:7d:81:e5:4e:11:c0:cd:d1:7b:65:13:82:ec:2a:72:23:
96:d4:0b:2c:9b:42:64:65:76:19:38:b5:4f:3e:24:6a:97:5f:
3b:ad:03:b0:19:12:34:6b:ce:d0:e4:fa:89:99:f6:34:cb:9b:
f0:e7:2b:e4:50:12:ac:14:64:83:ee:17:e9:e2:b3:e1:de:1b:
01:dd:36:bd:36:fc:78:3d:d1:bd:ad:10:90:c5:31:07:a3:3d:
8c:eb:69:af:11:b9:ce:ba:7e:fa:9d:91:67:6a:60:37:29:d2:
67:87:98:ba:46:d7:d9:04:b1:f9:33:8c:48:a2:0d:c1:92:eb:
39:18:63:a3:95:e9:43:70:2f:46:ba:a0:e6:8b:f5:8f:81:f9:
03:dc:59:b4:23:c2:64:d9:88:bf:d8:75:f4:09:1c:c8:f9:da:
b5:8e:7e:33:14:02:cd:94:74:f7:83:a6:f4:49:92:2a:8c:f4:
19:de:70:eb
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMDE1
NTUwNFoXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNEM1RkI5NThGNTE3MDEy
MjQ0ODJBODU0QkU0NTc5QjFGMDk3QjEzMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL1GXK2+22/tyQZYwf42pF+X4VYGNpnncu89/ImBmU4FkTfeCW6M
sA4//80OnXTupWsZFoEw5DRPFjttMOHBz+84KE8rZHoyZQ24OdIHnn3LFZjHw+HO
nvlut6I433PQjWwkN5XWnC0A4Hqro1PGOuVz3odfvcKBrdjuA65Ud84MySqx7nUU
fkRFoK1QTfdxBJK/x+pPj0Qi+I+1XY6sOAwtINpg4gZoYfZ5K8mK84i2VlB+IDAp
LSpl1gBQXMMDabgJY4Lfv4HleEHwQVLloTjp7gVOqLW0XrVC3daNObrCQJPKKkrK
5I4RSw/Ps6TJjpuPcbzljioPD1x5DkixZgMCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBRMX7lY9RcBIkSCqFS+RXmx8JexMjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvVEYtNVdQVVhBU0pFZ3Fo
VXZrVjVzZkNYc1RJLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAYlhnC7etkmM2ml1S7WAJj7CrYxW71YBamgaj
vVxDuqwQDZ2U46zHupBVOQLWqBkCXF7b/XoBNGAf9vUlwF6bgTkYom27JmAPIZd9
geVOEcDN0XtlE4LsKnIjltQLLJtCZGV2GTi1Tz4kapdfO60DsBkSNGvO0OT6iZn2
NMub8Ocr5FASrBRkg+4X6eKz4d4bAd02vTb8eD3Rva0QkMUxB6M9jOtprxG5zrp+
+p2RZ2pgNynSZ4eYukbX2QSx+TOMSKINwZLrORhjo5XpQ3AvRrqg5ov1j4H5A9xZ
tCPCZNmIv9h19AkcyPnatY5+MxQCzZR094Om9EmSKoz0Gd5w6w==
-----END CERTIFICATE-----
Generated at Sat Feb 10 21:07:16 2024 by rpki-client on console-ams.rpki-client.org