Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/21DKv6Mi6X2x3fRmdYR2hxDrtCs.roa
File: 21DKv6Mi6X2x3fRmdYR2hxDrtCs.roa (raw, json)
Hash identifier: etMFRY7Rocv5moyXI7qvatLzRZvbAJlwtq6IxoX+PRI=
Subject key identifier: DB:50:CA:BF:A3:22:E9:7D:B1:DD:F4:66:75:84:76:87:10:EB:B4:2B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0965
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/21DKv6Mi6X2x3fRmdYR2hxDrtCs.roa
Signing time: Sat 02 Nov 2024 07:55:03 +0000
ROA not before: Sat 02 Nov 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2405 (0x965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 2 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DB50CABFA322E97DB1DDF4667584768710EBB42B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ec:8d:54:41:49:17:27:f6:2f:47:51:8c:6a:
3f:a8:c6:70:9f:73:1c:72:f6:b5:cb:0f:ed:63:74:
b5:d7:f4:c1:8b:09:bd:d9:97:27:f2:a0:37:b8:d3:
a3:3b:97:7f:0d:19:63:17:e8:a1:92:5b:a0:c9:f7:
45:13:01:39:87:b8:d2:e1:ac:9d:9b:6b:b7:fa:6f:
6e:e8:04:3a:ac:6f:41:45:34:2e:28:dc:75:26:b0:
c7:fb:b1:21:11:a6:15:23:b5:75:f5:f0:6b:3b:31:
dc:81:88:78:5c:9d:43:b4:0d:1c:3d:40:c1:0c:71:
f8:0c:48:e8:f5:34:7a:07:82:3e:29:c7:4e:a7:e1:
1c:61:78:d2:1c:79:4e:45:09:a8:e0:ac:df:7e:4f:
47:f7:1e:9a:6b:8c:29:40:b5:0d:9b:38:09:21:2a:
39:8c:8e:dc:ce:83:64:b0:f2:0b:50:90:43:26:c5:
61:d5:91:fb:5c:36:84:d6:c2:c2:75:4b:6f:71:de:
54:27:cd:83:b5:10:7c:ea:ed:69:29:7a:a1:90:08:
17:b9:2c:9c:be:20:e4:ee:ba:45:75:2c:bb:87:04:
de:1b:b0:ef:f5:bf:73:2b:af:82:b6:9f:7a:a3:c2:
e9:a6:3a:3a:9a:02:77:4a:49:ed:2c:9f:c1:b2:0f:
65:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:50:CA:BF:A3:22:E9:7D:B1:DD:F4:66:75:84:76:87:10:EB:B4:2B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/21DKv6Mi6X2x3fRmdYR2hxDrtCs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f6:68:f5:07:0a:54:a5:0f:1b:39:21:e7:69:69:55:26:86:
73:c6:a0:9c:2d:de:0e:fb:e3:c1:90:94:2e:83:c4:1e:69:05:
7b:d8:b6:33:73:a5:a2:a5:18:93:54:22:c1:3a:68:2b:32:a6:
39:a0:65:55:00:5d:f5:ea:50:89:ef:4d:3b:88:f0:bd:43:18:
d5:67:db:73:5f:38:51:c8:bc:ac:93:af:1e:d7:01:86:56:58:
6f:f3:fd:88:54:64:67:bd:6d:6c:7b:96:50:f6:27:42:ed:06:
7f:29:20:a0:80:c6:cf:da:09:7a:fe:4d:bb:93:69:bb:3a:70:
e4:75:36:be:82:34:27:88:5d:42:72:7b:30:0c:b4:1c:c8:3a:
69:22:ac:7e:86:fe:14:ab:10:a8:62:da:e5:cf:74:cf:29:07:
a2:00:4e:74:bc:cd:ba:fc:5e:cf:9e:14:98:46:7d:50:97:af:
ab:b1:9c:5c:3e:4b:8b:e9:6f:e1:8a:c7:03:97:b8:5b:1c:f4:
e0:bb:89:58:40:4a:2c:b4:f3:9f:a3:cc:86:f3:1f:33:e1:e5:
c3:e7:ed:1e:16:d2:e8:ee:a1:7d:81:64:d4:9c:3d:94:03:a6:
3b:74:44:4e:23:c5:79:e6:26:43:1d:4a:22:34:05:8b:72:13:
e0:0f:f1:fb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDIw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERCNTBDQUJGQTMyMkU5
N0RCMURERjQ2Njc1ODQ3Njg3MTBFQkI0MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt7I1UQUkXJ/YvR1GMaj+oxnCfcxxy9rXLD+1jdLXX9MGLCb3Z
lyfyoDe406M7l38NGWMX6KGSW6DJ90UTATmHuNLhrJ2ba7f6b27oBDqsb0FFNC4o
3HUmsMf7sSERphUjtXX18Gs7MdyBiHhcnUO0DRw9QMEMcfgMSOj1NHoHgj4px06n
4RxheNIceU5FCajgrN9+T0f3HpprjClAtQ2bOAkhKjmMjtzOg2Sw8gtQkEMmxWHV
kftcNoTWwsJ1S29x3lQnzYO1EHzq7WkpeqGQCBe5LJy+IOTuukV1LLuHBN4bsO/1
v3Mrr4K2n3qjwummOjqaAndKSe0sn8GyD2ULAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU21DKv6Mi6X2x3fRmdYR2hxDrtCswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzIxREt2Nk1pNlgyeDNm
Um1kWVIyaHhEcnRDcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIn2aPUHClSlDxs5IedpaVUmhnPGoJwt3g77
48GQlC6DxB5pBXvYtjNzpaKlGJNUIsE6aCsypjmgZVUAXfXqUInvTTuI8L1DGNVn
23NfOFHIvKyTrx7XAYZWWG/z/YhUZGe9bWx7llD2J0LtBn8pIKCAxs/aCXr+TbuT
abs6cOR1Nr6CNCeIXUJyezAMtBzIOmkirH6G/hSrEKhi2uXPdM8pB6IATnS8zbr8
Xs+eFJhGfVCXr6uxnFw+S4vpb+GKxwOXuFsc9OC7iVhASiy085+jzIbzHzPh5cPn
7R4W0ujuoX2BZNScPZQDpjt0RE4jxXnmJkMdSiI0BYtyE+AP8fs=
-----END CERTIFICATE-----
Generated at Sat Nov 2 13:32:15 2024 by rpki-client on console-fra.rpki-client.org