Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/tgvk02lPT8hUPcE3Wra4gyh5lmU.roa
File: tgvk02lPT8hUPcE3Wra4gyh5lmU.roa (raw, json)
Hash identifier: R+yomnxtPMF+GjKdjsKBX7Yx1V73deRCJRoUAGngPnM=
Subject key identifier: B6:0B:E4:D3:69:4F:4F:C8:54:3D:C1:37:5A:B6:B8:83:28:79:96:65
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 078D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tgvk02lPT8hUPcE3Wra4gyh5lmU.roa
Signing time: Tue 10 Sep 2024 23:55:03 +0000
ROA not before: Tue 10 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1933 (0x78d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 10 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B60BE4D3694F4FC8543DC1375AB6B88328799665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:c5:2f:35:64:6d:b1:32:0d:fa:54:89:56:
ae:39:1c:b3:90:db:75:3a:96:cc:dd:c4:40:a1:3c:
3c:a3:88:7b:c4:23:59:7e:28:16:67:87:da:d6:7d:
10:12:63:a6:ef:17:b7:df:71:b8:d1:34:37:9b:e0:
ec:f5:45:8c:58:93:02:14:42:b3:45:7b:bb:2c:ad:
f7:bc:9c:33:a5:43:b9:21:4a:c1:46:f6:ab:9a:fa:
81:4c:bd:f2:c9:54:f3:59:b2:ee:f8:3d:94:83:75:
7f:c5:80:a3:3c:ae:60:2d:91:79:90:81:0c:8b:bd:
8d:8d:50:58:26:79:7c:f1:9d:2c:b4:5c:dd:83:33:
07:a5:0e:af:a5:30:80:7f:df:91:7b:03:f4:67:f8:
0d:2f:87:85:6a:45:c2:c5:d7:08:c2:48:bb:9e:2d:
b5:82:65:4f:28:73:ba:64:a6:bb:ba:e3:f5:c2:30:
09:45:3a:bc:aa:97:f5:cb:6d:ea:88:d4:2c:20:6c:
8c:b3:b0:52:5d:9b:95:8f:05:91:ea:68:12:41:fc:
03:1c:ee:f1:0b:3c:a3:eb:61:3c:c1:20:99:7d:cc:
e6:36:f9:98:7f:d3:3e:aa:45:f3:37:97:ac:83:f8:
ae:19:5c:1a:49:da:4b:85:77:dc:7e:fd:f5:60:d2:
3e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0B:E4:D3:69:4F:4F:C8:54:3D:C1:37:5A:B6:B8:83:28:79:96:65
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tgvk02lPT8hUPcE3Wra4gyh5lmU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:30:c9:f8:df:2b:e9:bf:7d:ed:74:5f:b6:77:8e:a2:de:35:
b7:d2:e0:01:eb:c2:ff:19:99:ad:17:7c:8d:d5:d6:7f:0a:f3:
4b:f1:96:63:cd:1b:7d:25:32:94:75:c2:cd:f8:23:19:aa:9c:
8c:10:80:1b:ae:7f:08:0e:a8:9d:d9:c4:26:69:19:03:bf:88:
98:64:03:a3:33:b5:d0:a0:cd:05:a9:19:b3:59:e2:b1:65:04:
8b:88:00:3d:5b:03:ef:40:1e:1f:6f:54:b7:c5:43:6c:b5:af:
e8:89:9a:67:bd:8e:a8:7f:0f:17:ca:54:8a:76:50:31:9a:a6:
45:89:35:2d:84:f3:fd:1f:78:f2:eb:d1:67:38:48:c7:e1:3b:
8e:f0:7c:9e:65:f9:35:32:9f:b8:91:b9:ef:d8:f2:e2:49:f4:
f1:2b:73:17:38:e3:10:81:72:87:55:4f:0a:a9:0b:af:25:55:
f5:86:59:47:96:3d:88:e0:0c:33:58:69:85:77:49:27:9e:c1:
d6:2a:b4:de:4b:84:65:c2:88:07:be:fc:9d:fb:c4:f9:56:de:
e9:5b:1a:75:05:88:fd:55:b8:62:1e:cf:6a:10:4d:8f:d2:90:
11:97:7e:45:ff:a0:7d:1d:11:55:e3:cf:37:06:59:a1:cd:8e:
39:83:48:d1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTAy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI2MEJFNEQzNjk0RjRG
Qzg1NDNEQzEzNzVBQjZCODgzMjg3OTk2NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiIsUvNWRtsTIN+lSJVq45HLOQ23U6lszdxEChPDyjiHvEI1l+
KBZnh9rWfRASY6bvF7ffcbjRNDeb4Oz1RYxYkwIUQrNFe7ssrfe8nDOlQ7khSsFG
9qua+oFMvfLJVPNZsu74PZSDdX/FgKM8rmAtkXmQgQyLvY2NUFgmeXzxnSy0XN2D
MwelDq+lMIB/35F7A/Rn+A0vh4VqRcLF1wjCSLueLbWCZU8oc7pkpru64/XCMAlF
Oryql/XLbeqI1CwgbIyzsFJdm5WPBZHqaBJB/AMc7vELPKPrYTzBIJl9zOY2+Zh/
0z6qRfM3l6yD+K4ZXBpJ2kuFd9x+/fVg0j7fAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUtgvk02lPT8hUPcE3Wra4gyh5lmUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3RndmswMmxQVDhoVVBj
RTNXcmE0Z3loNWxtVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD4wyfjfK+m/fe10X7Z3jqLeNbfS4AHrwv8Z
ma0XfI3V1n8K80vxlmPNG30lMpR1ws34IxmqnIwQgBuufwgOqJ3ZxCZpGQO/iJhk
A6MztdCgzQWpGbNZ4rFlBIuIAD1bA+9AHh9vVLfFQ2y1r+iJmme9jqh/DxfKVIp2
UDGapkWJNS2E8/0fePLr0Wc4SMfhO47wfJ5l+TUyn7iRue/Y8uJJ9PErcxc44xCB
codVTwqpC68lVfWGWUeWPYjgDDNYaYV3SSeewdYqtN5LhGXCiAe+/J37xPlW3ulb
GnUFiP1VuGIez2oQTY/SkBGXfkX/oH0dEVXjzzcGWaHNjjmDSNE=
-----END CERTIFICATE-----
Generated at Wed Sep 11 04:50:14 2024 by rpki-client on console-fra.rpki-client.org