Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/1zQkr-QsGP1va_ak7TtigVfkEIc.roa
File: 1zQkr-QsGP1va_ak7TtigVfkEIc.roa (raw, json)
Hash identifier: ymjG9lJ12kamQ+vcTIAME3sBc6rQwtdbF5XJNh4mHcg=
Subject key identifier: D7:34:24:AF:E4:2C:18:FD:6F:6B:F6:A4:ED:3B:62:81:57:E4:10:87
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0802
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/1zQkr-QsGP1va_ak7TtigVfkEIc.roa
Signing time: Mon 23 Sep 2024 23:55:03 +0000
ROA not before: Mon 23 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2050 (0x802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 23 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D73424AFE42C18FD6F6BF6A4ED3B628157E41087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a8:7e:26:33:2d:e9:54:fe:83:f7:98:ec:a4:
06:1c:d7:e6:4a:71:e8:56:03:c6:3a:74:65:b7:64:
25:ff:46:b2:9f:6b:e3:fe:3a:83:60:a4:44:7c:4c:
46:56:f5:e7:83:2c:e7:10:30:24:d7:62:83:9c:c3:
cf:27:0d:25:7e:06:87:51:3b:a4:eb:1a:91:d7:27:
c4:75:e2:71:a9:4f:b8:5e:b1:d0:ba:59:09:60:01:
3e:54:75:aa:55:70:c4:05:dd:9c:b6:58:0a:21:96:
70:76:27:6b:e0:b3:68:7e:f8:72:a5:b4:ba:dd:24:
26:91:de:17:9d:1b:ab:1b:01:99:11:2f:b7:b5:7a:
e8:d9:35:2a:d5:b8:94:03:0b:85:bf:54:c5:1e:da:
39:4d:b8:12:dc:45:4a:8d:ba:3d:d3:e6:f5:b0:af:
8e:64:71:91:cd:ac:4d:36:f6:59:b4:26:c9:ce:50:
ab:f6:96:85:58:48:c0:99:99:83:59:5b:e4:6f:1f:
0f:32:a2:23:c6:b4:6c:54:a9:24:63:a8:64:55:24:
23:17:3e:81:b1:ce:9c:66:a8:8c:22:e2:45:78:43:
a8:14:66:d5:78:b3:f8:ac:e0:5a:e1:b2:ed:05:55:
a4:71:be:89:8a:7d:5d:6f:b9:fe:fb:f7:25:e5:af:
c7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:34:24:AF:E4:2C:18:FD:6F:6B:F6:A4:ED:3B:62:81:57:E4:10:87
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/1zQkr-QsGP1va_ak7TtigVfkEIc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
94:7a:5d:de:88:5c:97:55:1a:85:4a:7f:b5:cd:18:e0:58:0f:
30:3a:94:f5:52:63:06:ea:16:df:ed:5b:4e:9c:98:4b:5a:d4:
1d:01:60:de:2d:05:85:82:8a:76:27:e0:fd:77:fc:20:67:00:
b4:a4:10:15:4d:b9:87:61:be:94:5c:a1:2e:02:7f:7f:95:cb:
6f:5b:0d:ca:00:fb:03:09:1f:6f:8f:42:cb:11:a5:02:73:17:
22:3d:b3:ca:11:a5:35:e8:4a:75:a6:62:25:5e:6e:b4:0b:1c:
3f:03:80:27:b2:80:18:32:a6:04:8e:34:74:2c:87:b3:c1:51:
48:cf:e4:39:e9:50:b6:1e:bf:a3:ca:aa:3f:cd:9c:f6:dd:70:
3e:ee:ac:d0:92:af:c5:ab:79:8e:14:a9:60:d0:bc:78:2c:c2:
49:48:82:3b:87:ef:d1:37:a6:24:94:20:17:0b:45:6f:80:d9:
5e:6c:d6:f7:a3:5d:aa:39:24:df:ec:b5:aa:0a:c3:0f:f6:dd:
c0:e0:6b:76:a5:88:6b:5c:74:76:61:87:66:9b:b0:fe:15:9f:
b4:c2:a8:9b:1a:a9:6b:ef:27:c5:77:46:c8:50:c1:ff:46:64:
34:25:3f:af:d1:e2:2f:be:16:0e:7b:30:78:e5:c0:cd:2c:a8:
09:ea:8e:b0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjMy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ3MzQyNEFGRTQyQzE4
RkQ2RjZCRjZBNEVEM0I2MjgxNTdFNDEwODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJqH4mMy3pVP6D95jspAYc1+ZKcehWA8Y6dGW3ZCX/RrKfa+P+
OoNgpER8TEZW9eeDLOcQMCTXYoOcw88nDSV+BodRO6TrGpHXJ8R14nGpT7hesdC6
WQlgAT5UdapVcMQF3Zy2WAohlnB2J2vgs2h++HKltLrdJCaR3hedG6sbAZkRL7e1
eujZNSrVuJQDC4W/VMUe2jlNuBLcRUqNuj3T5vWwr45kcZHNrE029lm0JsnOUKv2
loVYSMCZmYNZW+RvHw8yoiPGtGxUqSRjqGRVJCMXPoGxzpxmqIwi4kV4Q6gUZtV4
s/is4Frhsu0FVaRxvomKfV1vuf779yXlr8dlAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU1zQkr+QsGP1va/ak7TtigVfkEIcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzF6UWtyLVFzR1AxdmFf
YWs3VHRpZ1Zma0VJYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJR6Xd6IXJdVGoVKf7XNGOBYDzA6lPVSYwbq
Ft/tW06cmEta1B0BYN4tBYWCinYn4P13/CBnALSkEBVNuYdhvpRcoS4Cf3+Vy29b
DcoA+wMJH2+PQssRpQJzFyI9s8oRpTXoSnWmYiVebrQLHD8DgCeygBgypgSONHQs
h7PBUUjP5DnpULYev6PKqj/NnPbdcD7urNCSr8WreY4UqWDQvHgswklIgjuH79E3
piSUIBcLRW+A2V5s1vejXao5JN/staoKww/23cDga3aliGtcdHZhh2absP4Vn7TC
qJsaqWvvJ8V3RshQwf9GZDQlP6/R4i++Fg57MHjlwM0sqAnqjrA=
-----END CERTIFICATE-----
Generated at Tue Sep 24 04:39:26 2024 by rpki-client on console-fra.rpki-client.org