Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/09J2mhP3ZI-G2ORaCLDoK2tAL8o.roa
File: 09J2mhP3ZI-G2ORaCLDoK2tAL8o.roa (raw, json)
Hash identifier: 7BFRNe6B1A4RutZ0IC9XbbgPDekuEBh2rVzDPtP3jRo=
Subject key identifier: D3:D2:76:9A:13:F7:64:8F:86:D8:E4:5A:08:B0:E8:2B:6B:40:2F:CA
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03D3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/09J2mhP3ZI-G2ORaCLDoK2tAL8o.roa
Signing time: Mon 27 May 2024 23:55:02 +0000
ROA not before: Mon 27 May 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 979 (0x3d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 27 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D3D2769A13F7648F86D8E45A08B0E82B6B402FCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:3b:06:7a:39:ac:5b:b7:da:cf:f1:6f:57:37:
ec:c7:5c:b9:7b:63:ea:b4:19:53:dc:d1:be:64:75:
0e:e5:cb:a9:90:67:7c:c9:fa:82:93:3f:52:05:a5:
b5:43:ec:d2:61:ee:99:59:9c:88:c5:39:8a:e6:f4:
2f:e4:f1:4b:5c:f8:8f:8b:33:7b:de:10:ca:c9:87:
dd:aa:40:66:e9:e5:74:f9:a1:08:e9:c7:3c:aa:e4:
2b:4a:8f:47:17:7e:49:38:d2:36:12:35:d5:d0:6e:
5f:b4:93:ad:10:8c:b6:04:a5:dd:d4:00:50:9e:9e:
e6:e4:79:8c:e7:6e:a6:fe:c6:6a:2b:8f:04:65:7d:
c3:fe:2d:48:3c:c1:38:01:74:98:24:35:2b:f6:5f:
05:03:ff:0d:d8:24:7c:3d:05:e9:99:ed:6d:0e:80:
39:4c:b9:c5:55:d8:ef:f8:36:2b:2d:66:de:4b:66:
ed:de:70:f7:30:ab:3c:06:fa:e2:0b:ad:49:bc:31:
28:e4:d6:13:c7:8c:51:9d:8d:89:0f:7b:12:2e:8e:
b8:db:21:e9:a8:f3:c2:4d:33:c3:a1:c1:46:49:06:
9c:48:14:7d:4f:40:6c:a2:5d:c5:81:79:b0:7d:84:
20:d9:ee:a8:13:fc:e9:5a:8d:a8:b0:6d:2d:c6:2a:
a0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D2:76:9A:13:F7:64:8F:86:D8:E4:5A:08:B0:E8:2B:6B:40:2F:CA
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/09J2mhP3ZI-G2ORaCLDoK2tAL8o.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:21:3d:17:75:2b:4c:75:92:23:74:0a:7c:90:05:d4:19:a9:
15:d2:9c:17:69:dd:b8:6e:aa:8d:2e:02:b8:c2:02:ed:2c:4f:
9e:9c:98:b0:96:e9:0d:65:d3:c2:45:3b:8b:5e:4e:62:ed:7b:
7e:21:c3:35:e3:70:eb:52:b2:98:4b:77:20:59:38:60:01:80:
1f:e6:68:a9:ea:d0:4d:dd:9f:f6:23:80:23:08:1d:74:db:7c:
f6:13:6e:94:18:ce:ae:37:a0:5c:73:fe:72:1b:85:03:83:d9:
ae:66:d7:9d:1a:e8:8e:f9:fc:a5:7d:fd:fb:e1:e6:7d:f5:d7:
0d:08:0e:3e:d8:06:dc:d2:0c:34:ae:1a:bb:fa:22:6e:8e:cb:
6a:47:84:3f:65:44:7b:1e:3e:85:40:4a:53:47:12:4d:d9:de:
78:f2:42:9b:fa:41:e7:23:f9:57:1e:95:f3:7b:09:90:57:8c:
86:5a:b7:18:f5:5d:54:ab:f7:15:47:40:e5:9c:eb:ed:19:67:
14:dd:05:6c:99:2a:06:16:a1:1e:a5:de:4e:23:9f:6e:f0:de:
43:95:20:4b:14:68:4a:cc:1a:d0:3d:d3:c2:8b:dc:ce:11:50:
b3:b5:a6:bd:f7:ad:6c:d9:e4:61:ef:94:56:0f:ad:46:e7:ea:
3d:a7:67:98
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA9MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1Mjcy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQzRDI3NjlBMTNGNzY0
OEY4NkQ4RTQ1QTA4QjBFODJCNkI0MDJGQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzOwZ6Oaxbt9rP8W9XN+zHXLl7Y+q0GVPc0b5kdQ7ly6mQZ3zJ
+oKTP1IFpbVD7NJh7plZnIjFOYrm9C/k8Utc+I+LM3veEMrJh92qQGbp5XT5oQjp
xzyq5CtKj0cXfkk40jYSNdXQbl+0k60QjLYEpd3UAFCenubkeYznbqb+xmorjwRl
fcP+LUg8wTgBdJgkNSv2XwUD/w3YJHw9BemZ7W0OgDlMucVV2O/4NistZt5LZu3e
cPcwqzwG+uILrUm8MSjk1hPHjFGdjYkPexIujrjbIemo88JNM8OhwUZJBpxIFH1P
QGyiXcWBebB9hCDZ7qgT/OlajaiwbS3GKqBFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU09J2mhP3ZI+G2ORaCLDoK2tAL8owHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzA5SjJtaFAzWkktRzJP
UmFDTERvSzJ0QUw4by5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAF0hPRd1K0x1kiN0CnyQBdQZqRXSnBdp3bhu
qo0uArjCAu0sT56cmLCW6Q1l08JFO4teTmLte34hwzXjcOtSsphLdyBZOGABgB/m
aKnq0E3dn/YjgCMIHXTbfPYTbpQYzq43oFxz/nIbhQOD2a5m150a6I75/KV9/fvh
5n311w0IDj7YBtzSDDSuGrv6Im6Oy2pHhD9lRHsePoVASlNHEk3Z3njyQpv6Qecj
+VcelfN7CZBXjIZatxj1XVSr9xVHQOWc6+0ZZxTdBWyZKgYWoR6l3k4jn27w3kOV
IEsUaErMGtA908KL3M4RULO1pr33rWzZ5GHvlFYPrUbn6j2nZ5g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org