Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/tCXY3LYv7qlsOYheBkMhMOtt6G0.roa
File: tCXY3LYv7qlsOYheBkMhMOtt6G0.roa (raw, json)
Hash identifier: G22J2wtyYB1qjI60QfFuJONtRXys/17Tp5ZKLt7ictc=
Subject key identifier: B4:25:D8:DC:B6:2F:EE:A9:6C:39:88:5E:06:43:21:30:EB:6D:E8:6D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06E8
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tCXY3LYv7qlsOYheBkMhMOtt6G0.roa
Signing time: Fri 23 Aug 2024 15:55:04 +0000
ROA not before: Fri 23 Aug 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1768 (0x6e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 23 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B425D8DCB62FEEA96C39885E06432130EB6DE86D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2a:c0:b8:97:96:b5:bd:58:f6:6a:9a:14:05:
19:68:a5:ff:d1:07:46:dd:bc:b6:cc:e4:9e:d6:59:
37:6a:16:b8:69:f5:d9:df:c8:85:98:3c:a9:1c:4d:
af:51:4a:80:08:ae:76:60:4f:be:46:b1:95:e0:97:
2d:2d:01:8c:2a:96:68:a2:85:49:d0:2c:4a:a8:c0:
1a:82:1f:3b:89:18:58:87:35:a9:ab:13:9a:ac:ae:
a0:5f:23:64:8f:ac:4f:32:53:4a:6f:90:d6:21:27:
26:24:34:96:b4:84:28:aa:a9:3f:d9:80:97:c1:e3:
01:15:07:39:96:1e:ae:0a:7f:dd:ff:ed:f7:ba:a3:
9e:00:ee:ce:64:cb:c3:05:ea:10:6f:e6:4e:4e:51:
e0:bc:03:51:ca:80:d2:d1:57:3e:75:45:84:d0:0e:
ed:1d:9b:f2:1c:97:6a:60:ba:38:e2:d1:8d:02:34:
fd:a6:bc:2d:41:5a:ec:cb:03:73:54:ab:4d:3a:f7:
75:76:52:58:52:e2:4e:81:e6:93:1a:25:db:fe:bf:
21:52:46:96:86:1b:da:f5:09:b2:9c:11:9a:b0:6d:
17:90:ac:1a:e2:80:01:1a:ae:d6:a0:5b:45:b6:ed:
6f:7e:69:9c:29:d0:ff:2e:c8:9d:59:80:90:f0:6d:
6b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:25:D8:DC:B6:2F:EE:A9:6C:39:88:5E:06:43:21:30:EB:6D:E8:6D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tCXY3LYv7qlsOYheBkMhMOtt6G0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:1c:b9:e2:0f:87:67:4c:96:bd:33:3a:72:bb:aa:5b:f8:02:
7d:da:d5:a9:3e:b6:3d:6b:79:91:9f:44:38:5d:dc:fa:68:c3:
97:91:f0:a1:bc:2d:2a:d5:8b:c5:67:e7:b9:5c:c5:e3:60:0a:
a3:8a:21:f2:d0:15:5c:cc:54:75:9a:2e:99:ee:2b:4a:59:6a:
91:e3:4d:c4:3d:61:17:ea:a8:1e:4b:5b:47:27:a8:49:67:f8:
eb:c5:0b:d6:26:f0:5b:56:ba:b7:2b:63:66:65:60:db:04:af:
b8:a5:f6:a4:54:2f:e0:41:bc:41:be:c3:b4:fa:d4:16:6f:3d:
3e:93:b4:d7:43:cd:bc:21:8e:75:cc:a4:25:09:8c:ac:5f:c2:
9c:07:be:9c:14:d0:70:dd:07:1b:c7:85:2c:0b:6e:bb:fd:8e:
e3:0e:16:7a:c3:e9:d0:73:1e:ac:70:16:de:d5:be:d2:3c:3f:
0d:f1:3a:67:d6:85:6f:e4:a7:79:9a:89:fb:26:ac:42:50:0f:
3c:7c:9c:6b:4c:79:16:ba:14:6d:2c:f2:6e:a1:ca:2b:64:1d:
d2:c5:40:7b:6c:86:99:cd:e0:6d:ab:77:8c:c2:b7:f8:e9:9b:
11:7f:ee:4d:ee:c1:d7:6e:96:cd:55:ee:fa:d6:77:27:52:15:
24:9e:9a:5a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjMx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI0MjVEOERDQjYyRkVF
QTk2QzM5ODg1RTA2NDMyMTMwRUI2REU4NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyKsC4l5a1vVj2apoUBRlopf/RB0bdvLbM5J7WWTdqFrhp9dnf
yIWYPKkcTa9RSoAIrnZgT75GsZXgly0tAYwqlmiihUnQLEqowBqCHzuJGFiHNamr
E5qsrqBfI2SPrE8yU0pvkNYhJyYkNJa0hCiqqT/ZgJfB4wEVBzmWHq4Kf93/7fe6
o54A7s5ky8MF6hBv5k5OUeC8A1HKgNLRVz51RYTQDu0dm/Icl2pgujji0Y0CNP2m
vC1BWuzLA3NUq00693V2UlhS4k6B5pMaJdv+vyFSRpaGG9r1CbKcEZqwbReQrBri
gAEartagW0W27W9+aZwp0P8uyJ1ZgJDwbWvbAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUtCXY3LYv7qlsOYheBkMhMOtt6G0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3RDWFkzTFl2N3Fsc09Z
aGVCa01oTU90dDZHMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMkcueIPh2dMlr0zOnK7qlv4An3a1ak+tj1r
eZGfRDhd3Ppow5eR8KG8LSrVi8Vn57lcxeNgCqOKIfLQFVzMVHWaLpnuK0pZapHj
TcQ9YRfqqB5LW0cnqEln+OvFC9Ym8FtWurcrY2ZlYNsEr7il9qRUL+BBvEG+w7T6
1BZvPT6TtNdDzbwhjnXMpCUJjKxfwpwHvpwU0HDdBxvHhSwLbrv9juMOFnrD6dBz
HqxwFt7VvtI8Pw3xOmfWhW/kp3maifsmrEJQDzx8nGtMeRa6FG0s8m6hyitkHdLF
QHtshpnN4G2rd4zCt/jpmxF/7k3uwdduls1V7vrWdydSFSSemlo=
-----END CERTIFICATE-----
Generated at Fri Aug 23 23:54:31 2024 by rpki-client on console-ams.rpki-client.org