Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TiMK15gWPzAmj3m7MbfCDBtz2LA.roa
File: TiMK15gWPzAmj3m7MbfCDBtz2LA.roa (raw, json)
Hash identifier: w84LlgJzKH7cEZL9hFK0i79Bo0aZzmFbKuQ6UGLoIbs=
Subject key identifier: 4E:23:0A:D7:98:16:3F:30:26:8F:79:BB:31:B7:C2:0C:1B:73:D8:B0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0817
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TiMK15gWPzAmj3m7MbfCDBtz2LA.roa
Signing time: Thu 26 Sep 2024 07:55:03 +0000
ROA not before: Thu 26 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2071 (0x817)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 26 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4E230AD798163F30268F79BB31B7C20C1B73D8B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:a5:1f:01:fe:b0:f8:16:a2:4b:4d:79:11:
e7:04:ba:29:8f:ef:cc:4d:cb:38:85:89:d4:54:47:
19:8e:52:f9:3c:87:5d:ba:7c:68:dd:93:67:6e:4b:
8e:01:5c:8a:4b:e7:b7:ab:05:83:8f:ae:82:04:98:
09:f5:c9:0b:96:4b:2d:fd:3b:21:af:bb:7f:0b:4c:
86:d3:73:d9:db:a3:d5:d4:67:5e:e8:26:42:4a:6c:
b8:13:19:d6:6a:7a:01:7f:76:8b:59:a5:31:d3:6c:
c1:29:d2:db:6e:88:b9:52:84:29:a1:19:b2:1e:a6:
44:63:a9:90:d2:74:85:18:58:ac:62:cb:06:4d:6e:
cc:51:83:e2:3a:64:da:51:25:f5:4c:5b:f6:c4:fc:
5b:78:64:d1:9a:b6:5f:d0:67:27:63:98:a3:ad:1d:
69:e3:13:9f:59:b8:dc:da:25:da:79:b5:e2:20:db:
b0:d1:c6:20:2f:05:e9:21:8c:93:33:e4:b9:35:39:
f2:0c:ff:20:c7:2d:62:22:90:2d:c4:f4:c5:6f:49:
41:f1:bd:2b:8f:d1:7e:97:a9:8b:9d:ad:3f:21:c5:
f9:a7:b8:90:ca:7e:b2:0d:72:73:5c:0c:9e:b3:cc:
03:32:57:ab:1b:c5:b5:5f:af:0b:c7:8b:91:c1:c1:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:23:0A:D7:98:16:3F:30:26:8F:79:BB:31:B7:C2:0C:1B:73:D8:B0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TiMK15gWPzAmj3m7MbfCDBtz2LA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:b0:16:f6:a7:27:a7:ad:65:77:18:72:ff:89:8f:44:21:98:
3a:44:ed:a4:c4:b4:50:7e:f2:fa:3c:a3:d4:93:c0:a3:4c:b6:
86:e6:48:d6:75:3a:5a:d7:15:d9:90:ed:04:e8:16:c6:a2:d0:
11:42:a3:1d:6f:dc:f9:7f:61:40:6f:b5:19:a0:2e:86:9f:09:
bc:79:87:a0:2e:3c:75:68:bb:58:d5:07:d2:bb:d3:3b:9d:24:
bb:92:66:bf:a8:b4:61:f5:ad:b7:d6:fe:d2:f6:a5:89:f8:22:
38:0e:62:65:cb:6f:23:01:b2:5b:35:37:32:22:45:ea:33:f7:
4a:9e:05:97:0c:37:32:5d:9f:ac:9a:14:26:cb:22:1b:7e:9e:
14:e8:c7:36:88:0c:cb:6c:00:31:4d:14:83:0d:f8:e5:ee:a4:
33:12:b3:d4:c4:8b:1f:62:a7:04:b2:a0:a2:bf:03:4d:a4:62:
d5:ac:af:bc:af:9b:bc:5c:d9:78:58:b8:f1:fb:3c:af:37:62:
ef:69:87:5d:05:0e:3a:fa:e7:15:13:e4:80:67:7b:ff:4a:0a:
49:b0:63:e0:fb:b2:36:0b:74:e6:5a:d3:b1:92:74:44:40:d7:
e8:d5:f4:62:63:cc:b4:67:8b:71:df:d7:63:47:49:17:80:41:
90:ac:4f:75
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCBcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjYw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRFMjMwQUQ3OTgxNjNG
MzAyNjhGNzlCQjMxQjdDMjBDMUI3M0Q4QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJBaUfAf6w+BaiS015EecEuimP78xNyziFidRURxmOUvk8h126
fGjdk2duS44BXIpL57erBYOProIEmAn1yQuWSy39OyGvu38LTIbTc9nbo9XUZ17o
JkJKbLgTGdZqegF/dotZpTHTbMEp0ttuiLlShCmhGbIepkRjqZDSdIUYWKxiywZN
bsxRg+I6ZNpRJfVMW/bE/Ft4ZNGatl/QZydjmKOtHWnjE59ZuNzaJdp5teIg27DR
xiAvBekhjJMz5Lk1OfIM/yDHLWIikC3E9MVvSUHxvSuP0X6XqYudrT8hxfmnuJDK
frINcnNcDJ6zzAMyV6sbxbVfrwvHi5HBwePZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTiMK15gWPzAmj3m7MbfCDBtz2LAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RpTUsxNWdXUHpBbWoz
bTdNYmZDREJ0ejJMQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMywFvanJ6etZXcYcv+Jj0QhmDpE7aTEtFB+
8vo8o9STwKNMtobmSNZ1OlrXFdmQ7QToFsai0BFCox1v3Pl/YUBvtRmgLoafCbx5
h6AuPHVou1jVB9K70zudJLuSZr+otGH1rbfW/tL2pYn4IjgOYmXLbyMBsls1NzIi
Reoz90qeBZcMNzJdn6yaFCbLIht+nhToxzaIDMtsADFNFIMN+OXupDMSs9TEix9i
pwSyoKK/A02kYtWsr7yvm7xc2XhYuPH7PK83Yu9ph10FDjr65xUT5IBne/9KCkmw
Y+D7sjYLdOZa07GSdERA1+jV9GJjzLRni3Hf12NHSReAQZCsT3U=
-----END CERTIFICATE-----
Generated at Thu Sep 26 16:48:09 2024 by rpki-client on console-ams.rpki-client.org