Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TtS1-IoShUQUNXGzgba1421Ffv8.roa
File: TtS1-IoShUQUNXGzgba1421Ffv8.roa (raw, json)
Hash identifier: HIDdIavrOF2SVFujR0FNAsbCXOSTx1PWBku3QKDMHYM=
Subject key identifier: 4E:D4:B5:F8:8A:12:85:44:14:35:71:B3:81:B6:B5:E3:6D:45:7E:FF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A10
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TtS1-IoShUQUNXGzgba1421Ffv8.roa
Signing time: Thu 21 Nov 2024 07:55:02 +0000
ROA not before: Thu 21 Nov 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2576 (0xa10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 21 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ED4B5F88A128544143571B381B6B5E36D457EFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d8:6e:61:e2:cb:0b:5f:d5:65:22:3d:31:fe:
e7:71:32:bf:f5:7a:0f:a2:93:b5:4c:d9:52:15:fe:
5d:b2:f2:db:7f:47:44:ab:21:5d:11:19:c7:b1:c3:
6a:b0:30:e1:99:51:f5:a8:88:3a:84:e7:2c:0c:77:
1e:82:4a:be:7e:24:5d:61:b0:20:c0:9c:a2:a9:95:
89:88:bd:2c:76:3b:84:15:b3:91:62:f0:95:2c:4a:
4c:53:a0:a6:59:a6:97:2c:41:3d:ed:b3:67:7d:c6:
d9:d3:a4:59:d4:8a:8b:72:16:11:db:89:c2:11:49:
42:33:fd:4e:1e:ea:e2:35:98:b1:1c:f7:bc:4e:f5:
67:8a:cf:9c:56:1d:2b:b9:16:62:1b:ad:13:c1:9c:
f0:11:59:e9:29:eb:51:04:5e:28:93:c2:d2:95:a7:
c5:6a:1b:a2:5f:90:e0:b2:1c:33:12:98:79:1c:71:
64:32:2a:9b:d7:44:cb:cd:c2:8c:22:4c:96:48:53:
66:cd:30:61:f1:c9:3c:b7:c2:60:2f:45:e1:a9:6c:
8a:1a:f7:a9:10:e1:23:84:92:b2:f6:84:17:39:97:
9c:80:11:d7:5f:a1:f6:14:75:fa:aa:29:c2:b2:02:
93:ea:07:12:2d:81:71:f1:3c:8a:68:92:b1:bf:0c:
b5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D4:B5:F8:8A:12:85:44:14:35:71:B3:81:B6:B5:E3:6D:45:7E:FF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TtS1-IoShUQUNXGzgba1421Ffv8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ab:7b:89:12:ce:d9:57:31:ec:12:36:65:16:23:84:77:31:
7d:84:18:28:bd:44:4d:40:a0:12:d6:9d:f3:83:01:88:56:f7:
14:29:6a:6c:29:39:fe:6e:14:bf:64:d6:76:16:27:c2:f7:c6:
5f:47:96:a7:4d:be:c1:59:b4:41:94:8d:17:be:ca:cc:7a:cb:
3e:7d:58:83:94:61:75:c5:49:e0:ce:18:83:d0:30:1b:56:fd:
bb:60:1c:5b:23:7d:4c:23:37:f3:47:ae:13:d3:e5:1b:c7:16:
d4:f9:d8:b0:05:62:40:3e:c2:9a:aa:c3:a5:5c:62:fc:25:e2:
3d:6a:7c:f3:a7:ff:a5:2a:86:ba:e3:26:c8:59:6c:7e:c6:92:
a5:65:f5:84:f3:71:19:81:7b:34:a9:9c:34:4c:2d:5c:4d:6c:
c6:68:2c:a4:6b:21:eb:c0:1e:47:19:f0:7f:85:0e:c1:2b:e5:
9a:ca:b2:69:56:f5:ef:b0:59:a2:02:0f:b0:10:50:0f:9d:3d:
c3:84:e3:b7:84:bd:eb:5e:e2:a4:ae:08:3b:12:41:a3:8c:44:
92:d3:c6:3c:0f:59:3d:cc:3e:3f:f0:28:ef:ad:ed:fb:5d:87:
aa:37:84:aa:0d:bb:29:2e:9b:56:0e:37:bb:cc:c7:c4:53:da:
80:97:88:af
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICChAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjEw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRFRDRCNUY4OEExMjg1
NDQxNDM1NzFCMzgxQjZCNUUzNkQ0NTdFRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh2G5h4ssLX9VlIj0x/udxMr/1eg+ik7VM2VIV/l2y8tt/R0Sr
IV0RGcexw2qwMOGZUfWoiDqE5ywMdx6CSr5+JF1hsCDAnKKplYmIvSx2O4QVs5Fi
8JUsSkxToKZZppcsQT3ts2d9xtnTpFnUiotyFhHbicIRSUIz/U4e6uI1mLEc97xO
9WeKz5xWHSu5FmIbrRPBnPARWekp61EEXiiTwtKVp8VqG6JfkOCyHDMSmHkccWQy
KpvXRMvNwowiTJZIU2bNMGHxyTy3wmAvReGpbIoa96kQ4SOEkrL2hBc5l5yAEddf
ofYUdfqqKcKyApPqBxItgXHxPIpokrG/DLV5AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTtS1+IoShUQUNXGzgba1421Ffv8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1R0UzEtSW9TaFVRVU5Y
R3pnYmExNDIxRmZ2OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALGre4kSztlXMewSNmUWI4R3MX2EGCi9RE1A
oBLWnfODAYhW9xQpamwpOf5uFL9k1nYWJ8L3xl9HlqdNvsFZtEGUjRe+ysx6yz59
WIOUYXXFSeDOGIPQMBtW/btgHFsjfUwjN/NHrhPT5RvHFtT52LAFYkA+wpqqw6Vc
Yvwl4j1qfPOn/6UqhrrjJshZbH7GkqVl9YTzcRmBezSpnDRMLVxNbMZoLKRrIevA
HkcZ8H+FDsEr5ZrKsmlW9e+wWaICD7AQUA+dPcOE47eEvete4qSuCDsSQaOMRJLT
xjwPWT3MPj/wKO+t7ftdh6o3hKoNuykum1YON7vMx8RT2oCXiK8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:51 2024 by rpki-client on console-ams.rpki-client.org