Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/1vqYyLOJVQuWWUsbE0scHNizp28.roa
File: 1vqYyLOJVQuWWUsbE0scHNizp28.roa (raw, json)
Hash identifier: Lw0LUWbiCNqdRfGHeZlKYYi2Uu7RCevRH/IINBYwKNs=
Subject key identifier: D6:FA:98:C8:B3:89:55:0B:96:59:4B:1B:13:4B:1C:1C:D8:B3:A7:6F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08F5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/1vqYyLOJVQuWWUsbE0scHNizp28.roa
Signing time: Sun 20 Oct 2024 23:55:03 +0000
ROA not before: Sun 20 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2293 (0x8f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 20 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D6FA98C8B389550B96594B1B134B1C1CD8B3A76F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:b1:02:04:84:48:5b:5e:c5:98:44:0c:29:
42:06:5f:7f:fc:32:70:50:3b:1c:e2:7d:80:2a:f2:
8d:62:89:5c:6f:51:45:cb:34:e5:fa:ae:cc:97:f6:
fe:42:a4:c2:bf:ed:92:63:32:8d:24:43:8a:8f:bc:
d0:97:62:17:f8:92:3d:32:22:29:ce:22:76:4c:73:
c4:01:dc:2c:16:c1:b3:1a:83:e7:2a:bd:65:10:b1:
64:0d:2a:12:a6:0c:69:c7:38:22:1f:e1:3e:f5:bb:
5e:22:87:09:ad:6e:ab:54:6e:dd:ec:d5:98:3d:33:
96:12:db:93:a9:2e:05:57:63:03:b6:7c:e9:88:5a:
e8:72:f6:64:f3:a4:80:0f:87:06:bd:05:a1:5e:cb:
6f:c0:51:f5:c3:c7:0b:7c:99:d9:50:0a:c3:69:58:
ef:ed:f6:52:99:72:e7:48:8e:2c:95:70:5d:5a:33:
54:3f:3b:0e:9a:bb:70:45:39:e4:5f:e9:5f:f5:b4:
b3:28:9b:a2:48:24:cc:40:12:6c:d4:b0:7a:99:8a:
e7:db:e5:61:72:d1:c1:f4:bd:bb:70:6e:20:a5:aa:
a2:0c:f2:07:f1:5a:df:8c:1b:a4:b1:53:7b:d2:42:
88:41:91:3a:32:a5:a7:f5:4c:49:5d:86:79:75:da:
0e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FA:98:C8:B3:89:55:0B:96:59:4B:1B:13:4B:1C:1C:D8:B3:A7:6F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/1vqYyLOJVQuWWUsbE0scHNizp28.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
12:04:28:94:dd:92:38:03:6f:16:c7:a5:11:0e:2c:62:10:11:
d2:ba:52:80:5a:8a:d9:2a:dd:c0:ce:73:c2:41:7e:64:3d:71:
25:94:00:47:bb:df:42:4b:91:72:e0:21:ac:fe:7c:94:99:b7:
35:f7:e5:cb:d2:a9:a5:fa:34:03:27:33:05:68:b6:c9:1f:38:
bc:0e:8f:e8:7c:02:6a:46:40:bf:9f:24:76:b5:f7:aa:33:e0:
46:ec:f9:89:4c:1a:0a:b0:74:95:0a:87:ff:14:c7:e9:28:ae:
70:bd:90:10:40:8d:57:e2:f8:bf:34:2f:d2:d9:89:aa:55:13:
5a:00:67:ca:ef:2c:7c:e8:4b:af:86:71:0e:44:3e:57:13:cb:
3b:77:19:6a:fe:a2:a6:d6:47:7c:e1:20:79:bc:12:29:a7:7f:
3c:ec:11:8f:28:f6:a8:0f:28:f8:8a:99:8d:e2:f0:cf:3f:de:
6c:12:32:a9:aa:82:56:ba:9c:e3:e8:e4:58:1b:f4:6e:6c:6a:
4c:e8:17:6f:e6:e1:02:71:ce:0a:db:94:8f:8d:7f:62:69:8e:
20:85:47:c1:98:c3:d6:1d:69:d6:18:43:42:cc:29:4c:81:25:
99:9d:05:6c:93:73:b4:14:15:0a:6a:98:f1:a1:67:53:15:03:
9d:f5:67:bc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjAy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ2RkE5OEM4QjM4OTU1
MEI5NjU5NEIxQjEzNEIxQzFDRDhCM0E3NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeFbECBIRIW17FmEQMKUIGX3/8MnBQOxzifYAq8o1iiVxvUUXL
NOX6rsyX9v5CpMK/7ZJjMo0kQ4qPvNCXYhf4kj0yIinOInZMc8QB3CwWwbMag+cq
vWUQsWQNKhKmDGnHOCIf4T71u14ihwmtbqtUbt3s1Zg9M5YS25OpLgVXYwO2fOmI
Wuhy9mTzpIAPhwa9BaFey2/AUfXDxwt8mdlQCsNpWO/t9lKZcudIjiyVcF1aM1Q/
Ow6au3BFOeRf6V/1tLMom6JIJMxAEmzUsHqZiufb5WFy0cH0vbtwbiClqqIM8gfx
Wt+MG6SxU3vSQohBkToypaf1TEldhnl12g7fAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU1vqYyLOJVQuWWUsbE0scHNizp28wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzF2cVl5TE9KVlF1V1dV
c2JFMHNjSE5penAyOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABIEKJTdkjgDbxbHpREOLGIQEdK6UoBaitkq
3cDOc8JBfmQ9cSWUAEe730JLkXLgIaz+fJSZtzX35cvSqaX6NAMnMwVotskfOLwO
j+h8AmpGQL+fJHa196oz4Ebs+YlMGgqwdJUKh/8Ux+kornC9kBBAjVfi+L80L9LZ
iapVE1oAZ8rvLHzoS6+GcQ5EPlcTyzt3GWr+oqbWR3zhIHm8EimnfzzsEY8o9qgP
KPiKmY3i8M8/3mwSMqmqgla6nOPo5Fgb9G5sakzoF2/m4QJxzgrblI+Nf2JpjiCF
R8GYw9YdadYYQ0LMKUyBJZmdBWyTc7QUFQpqmPGhZ1MVA531Z7w=
-----END CERTIFICATE-----
Generated at Mon Oct 21 04:46:17 2024 by rpki-client on console-fra.rpki-client.org