Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/tipl35r-iEaNjhBErkEWNYADp00.roa
File: tipl35r-iEaNjhBErkEWNYADp00.roa (raw, json)
Hash identifier: mQ/9CGvMJ4lq8upZUlqqunKTmvo33MlLSY/2WOs5bBQ=
Subject key identifier: B6:2A:65:DF:9A:FE:88:46:8D:8E:10:44:AE:41:16:35:80:03:A7:4D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 010F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tipl35r-iEaNjhBErkEWNYADp00.roa
Signing time: Sun 10 Mar 2024 07:55:03 +0000
ROA not before: Sun 10 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Mar 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271 (0x10f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 10 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B62A65DF9AFE88468D8E1044AE4116358003A74D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:a9:fb:82:b7:2a:fd:6f:af:a2:9b:b6:54:
ef:88:32:c3:a8:41:0b:b7:8a:3c:d5:dc:0b:c2:50:
93:eb:48:5b:57:3c:84:11:76:89:09:87:a4:0b:d6:
10:f7:ea:c3:11:7c:01:b1:dd:df:c2:b1:7a:25:13:
bd:14:8b:08:6c:36:16:06:e6:20:30:d3:cc:5c:be:
1f:30:6f:24:43:62:cf:63:26:3b:e2:f9:88:0f:ba:
a1:60:43:a0:29:a2:6a:46:df:b4:81:6c:98:a3:fa:
32:2e:b4:35:50:29:90:d0:67:90:89:2a:c2:78:b7:
14:12:84:1e:7e:b3:79:9d:48:08:be:fa:54:59:01:
c1:ad:f2:29:0e:35:96:6f:aa:28:39:47:5f:61:4c:
c7:5a:72:19:3a:55:cd:8d:11:e1:21:2d:ce:68:16:
67:75:fa:eb:7d:3b:fe:28:3b:4e:9d:97:f5:d8:89:
77:94:95:38:7a:45:12:0e:03:2b:54:8a:c2:b6:26:
7c:1f:f1:a1:b4:fd:16:fe:28:20:32:25:ef:d9:d1:
a1:2c:0d:ee:43:a7:49:32:c8:e5:66:aa:5f:b0:6b:
f7:e1:9a:3f:fe:9d:0c:b7:4d:76:9a:f4:ba:d4:b8:
41:c4:18:30:24:d7:d1:8d:2d:6d:b2:20:45:1d:1c:
1c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2A:65:DF:9A:FE:88:46:8D:8E:10:44:AE:41:16:35:80:03:A7:4D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tipl35r-iEaNjhBErkEWNYADp00.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:39:b8:7e:fd:b3:1d:16:3d:35:6a:a8:84:7b:4f:d7:06:03:
01:a6:c1:f9:7e:9e:35:60:89:3f:ff:cd:dc:96:ad:1c:5a:8a:
cf:40:db:d0:28:e6:f7:ea:06:d1:bd:f7:08:bc:d2:f7:4b:99:
ea:1b:0b:a3:2d:76:c0:12:bb:71:0b:8a:e8:1a:22:68:ca:59:
3d:1f:d8:a8:70:c7:9c:0b:7d:e3:9a:c1:17:07:96:fa:6b:9f:
aa:20:4d:2a:3f:a1:85:e6:a0:1c:d1:e2:c1:3c:49:a0:50:76:
3b:c0:fd:39:f7:3e:d3:e8:46:e0:9d:22:77:09:7d:e3:af:5b:
2e:98:cf:02:0c:1a:82:6a:86:26:16:8d:cf:53:e1:4d:66:56:
a8:e3:0c:68:a6:ee:fd:95:63:f5:4e:a3:27:18:54:2a:59:54:
48:d5:a3:e5:6a:72:e6:04:67:8b:ba:e4:86:12:40:d5:58:9e:
97:a1:83:b3:21:64:f4:ed:f5:9e:25:2c:97:d1:a5:24:b8:22:
cb:1f:3f:c9:f6:8b:0b:f6:8f:1b:f1:7f:3a:03:2f:a0:4a:d1:
64:4b:f5:08:bf:ed:4b:22:03:36:39:e6:1b:c8:44:23:8d:cb:
cc:1d:93:86:2d:56:68:4b:a2:b1:b3:61:bd:ff:39:a2:09:14:
bd:f3:b5:80
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI2MkE2NURGOUFGRTg4
NDY4RDhFMTA0NEFFNDExNjM1ODAwM0E3NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYQan7grcq/W+vopu2VO+IMsOoQQu3ijzV3AvCUJPrSFtXPIQR
dokJh6QL1hD36sMRfAGx3d/CsXolE70UiwhsNhYG5iAw08xcvh8wbyRDYs9jJjvi
+YgPuqFgQ6ApompG37SBbJij+jIutDVQKZDQZ5CJKsJ4txQShB5+s3mdSAi++lRZ
AcGt8ikONZZvqig5R19hTMdachk6Vc2NEeEhLc5oFmd1+ut9O/4oO06dl/XYiXeU
lTh6RRIOAytUisK2Jnwf8aG0/Rb+KCAyJe/Z0aEsDe5Dp0kyyOVmql+wa/fhmj/+
nQy3TXaa9LrUuEHEGDAk19GNLW2yIEUdHByHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUtipl35r+iEaNjhBErkEWNYADp00wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3RpcGwzNXItaUVhTmpo
QkVya0VXTllBRHAwMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD05uH79sx0WPTVqqIR7T9cGAwGmwfl+njVg
iT//zdyWrRxais9A29Ao5vfqBtG99wi80vdLmeobC6MtdsASu3ELiugaImjKWT0f
2Khwx5wLfeOawRcHlvprn6ogTSo/oYXmoBzR4sE8SaBQdjvA/Tn3PtPoRuCdIncJ
feOvWy6YzwIMGoJqhiYWjc9T4U1mVqjjDGim7v2VY/VOoycYVCpZVEjVo+VqcuYE
Z4u65IYSQNVYnpehg7MhZPTt9Z4lLJfRpSS4IssfP8n2iwv2jxvxfzoDL6BK0WRL
9Qi/7UsiAzY55hvIRCONy8wdk4YtVmhLorGzYb3/OaIJFL3ztYA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org