Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/-DaBg3N57uEeQTqSpZM3FdnbUK8.roa
File: -DaBg3N57uEeQTqSpZM3FdnbUK8.roa (raw, json)
Hash identifier: MFXji3uP9y1UXlCJwgwj1CS+fwhVCbWHXngYy+1DY/M=
Subject key identifier: F8:36:81:83:73:79:EE:E1:1E:41:3A:92:A5:93:37:15:D9:DB:50:AF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0550
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-DaBg3N57uEeQTqSpZM3FdnbUK8.roa
Signing time: Tue 09 Jul 2024 07:55:02 +0000
ROA not before: Tue 09 Jul 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1360 (0x550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 9 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F83681837379EEE11E413A92A5933715D9DB50AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e3:28:67:92:2c:9d:61:c0:63:af:ef:dd:88:
86:b6:67:29:be:94:66:2a:0a:d0:1a:00:f1:64:4d:
e8:bd:4d:85:a8:a5:0f:32:d5:47:e4:35:c8:dd:97:
39:8c:15:07:ef:44:d4:f5:38:c2:28:47:38:9d:18:
ec:e5:f9:a6:35:d4:d5:2b:0b:97:4b:4b:44:6f:ad:
87:0d:fd:c7:a5:e8:84:f3:45:d0:e9:c7:57:ba:bd:
b6:94:f8:e9:da:e7:a1:52:b9:50:9d:cc:30:90:d1:
e9:84:d6:ef:32:37:b3:40:6a:0a:28:f7:d6:a7:22:
d7:d8:7a:23:77:cf:a9:1c:8b:e4:3e:db:33:f0:ba:
c7:1e:01:f1:fe:d4:9e:60:e4:df:bd:49:a0:db:9c:
c4:49:22:85:f6:a3:a6:18:ab:b7:3b:a3:0d:20:a0:
9d:6a:ec:bf:5e:0d:86:b7:96:6e:28:88:c0:6e:a6:
27:f0:a2:f9:7e:de:e5:69:f2:1d:68:b5:86:c3:1d:
24:ec:31:71:95:e1:58:21:48:86:55:22:fe:97:b4:
c7:db:7d:08:27:5f:a5:08:14:0c:74:11:15:c7:ca:
1e:2b:fd:41:69:0c:e6:5c:7e:86:cd:cd:d4:fb:c3:
ae:2b:da:52:0e:93:17:34:a5:37:76:1a:1e:aa:43:
7f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:36:81:83:73:79:EE:E1:1E:41:3A:92:A5:93:37:15:D9:DB:50:AF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-DaBg3N57uEeQTqSpZM3FdnbUK8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:13:89:01:a6:96:d4:ff:1d:cc:45:f8:fa:51:5b:97:b5:dd:
90:8e:20:ce:73:75:3c:00:7e:14:e5:f2:2b:4a:19:7b:86:cc:
96:58:59:c0:e5:5a:ba:46:98:06:a7:ea:91:39:2e:0f:7f:4a:
11:7c:09:6f:8d:35:69:13:6c:5d:54:69:ae:86:9f:41:4e:36:
64:67:d2:d3:54:31:f0:b9:8f:42:3f:cc:a5:09:b1:56:ff:17:
03:e3:7a:8c:04:b8:4d:67:1b:9e:e6:b2:3b:1c:e1:1d:84:d3:
ca:0c:8c:c6:af:09:a0:cd:35:9a:fb:91:a3:34:20:75:60:93:
47:3b:cf:70:33:b8:4a:d0:5c:b2:b2:5c:cd:23:60:47:a1:75:
b1:0c:5b:e2:05:f5:8d:93:1a:50:29:91:bc:50:ad:f3:60:29:
d7:18:85:a4:c6:bd:1d:a0:b5:44:c3:e9:46:4e:1f:48:71:71:
20:cd:70:c3:6c:87:14:fe:3b:2f:f2:05:82:1b:db:15:1d:30:
d6:ae:7e:fb:ba:eb:30:f1:7b:5d:b8:92:59:ca:ec:31:92:20:
4f:7c:c2:eb:0d:ad:d2:3c:c5:ee:c0:8f:13:b2:22:68:81:38:
f3:5a:88:48:62:45:fc:3c:84:e0:7c:f3:66:59:c5:a5:aa:bb:
79:1f:61:b8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MDkw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEY4MzY4MTgzNzM3OUVF
RTExRTQxM0E5MkE1OTMzNzE1RDlEQjUwQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG4yhnkiydYcBjr+/diIa2Zym+lGYqCtAaAPFkTei9TYWopQ8y
1UfkNcjdlzmMFQfvRNT1OMIoRzidGOzl+aY11NUrC5dLS0RvrYcN/cel6ITzRdDp
x1e6vbaU+Ona56FSuVCdzDCQ0emE1u8yN7NAagoo99anItfYeiN3z6kci+Q+2zPw
usceAfH+1J5g5N+9SaDbnMRJIoX2o6YYq7c7ow0goJ1q7L9eDYa3lm4oiMBupifw
ovl+3uVp8h1otYbDHSTsMXGV4VghSIZVIv6XtMfbfQgnX6UIFAx0ERXHyh4r/UFp
DOZcfobNzdT7w64r2lIOkxc0pTd2Gh6qQ39TAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU+DaBg3N57uEeQTqSpZM3FdnbUK8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLy1EYUJnM041N3VFZVFU
cVNwWk0zRmRuYlVLOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMQTiQGmltT/HcxF+PpRW5e13ZCOIM5zdTwA
fhTl8itKGXuGzJZYWcDlWrpGmAan6pE5Lg9/ShF8CW+NNWkTbF1Uaa6Gn0FONmRn
0tNUMfC5j0I/zKUJsVb/FwPjeowEuE1nG57msjsc4R2E08oMjMavCaDNNZr7kaM0
IHVgk0c7z3AzuErQXLKyXM0jYEehdbEMW+IF9Y2TGlApkbxQrfNgKdcYhaTGvR2g
tUTD6UZOH0hxcSDNcMNshxT+Oy/yBYIb2xUdMNaufvu66zDxe124klnK7DGSIE98
wusNrdI8xe7AjxOyImiBOPNaiEhiRfw8hOB882ZZxaWqu3kfYbg=
-----END CERTIFICATE-----
Generated at Tue Jul 9 13:32:03 2024 by rpki-client on console-fra.rpki-client.org