Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/2EtbppZ3n0Cibc2lf4qvdqfN4iw.roa
File: 2EtbppZ3n0Cibc2lf4qvdqfN4iw.roa (raw, json)
Hash identifier: 9rHLoFMj4HQ5py2BE1Ccok08JxdPv5mR7z/B5/S1k4s=
Subject key identifier: D8:4B:5B:A6:96:77:9F:40:A2:6D:CD:A5:7F:8A:AF:76:A7:CD:E2:2C
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01C9
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2EtbppZ3n0Cibc2lf4qvdqfN4iw.roa
Signing time: Sat 30 Mar 2024 23:55:03 +0000
ROA not before: Sat 30 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 457 (0x1c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 30 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D84B5BA696779F40A26DCDA57F8AAF76A7CDE22C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1d:c2:10:24:14:cc:6d:c4:7a:41:f2:71:d8:
55:be:cf:2d:27:a0:e9:d4:c8:5e:58:d0:f7:d6:1a:
70:c5:8b:2c:a1:07:9f:5c:12:c8:6d:e7:13:37:5e:
43:32:68:22:c1:75:62:43:46:81:96:0b:f5:e2:bc:
05:5a:29:64:ce:8f:a6:f6:78:df:50:7d:d0:ff:c6:
e1:69:c1:13:40:bb:c9:82:b2:2e:43:1a:a6:41:fc:
24:52:b8:10:12:09:77:c3:41:c9:76:76:76:89:79:
80:9b:02:04:22:aa:69:48:3b:8d:ab:a6:75:1a:13:
46:d4:01:54:d6:1e:1c:90:37:f1:7e:66:de:0c:c8:
9e:a9:68:a9:85:f9:b3:ab:88:9d:cb:d0:26:78:91:
53:3e:0b:83:0a:0d:d7:f4:f2:99:6f:cf:b9:28:22:
61:f2:7f:25:3b:73:f8:73:7b:95:3a:a7:ff:6e:20:
45:87:22:c2:d1:f0:5a:09:db:f8:73:ae:26:ea:08:
81:b0:78:ef:68:30:35:27:9d:1f:f2:ca:5e:70:e7:
ed:c2:1a:7a:c5:59:a0:6f:22:e2:96:80:b3:d2:c2:
14:db:13:ea:72:2b:29:f2:60:59:cb:1f:67:3f:18:
07:bb:4c:73:2f:40:70:95:6e:2b:67:3b:8c:09:a5:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4B:5B:A6:96:77:9F:40:A2:6D:CD:A5:7F:8A:AF:76:A7:CD:E2:2C
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2EtbppZ3n0Cibc2lf4qvdqfN4iw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:08:ee:d1:0a:9e:28:22:be:3d:16:66:e5:ec:e1:00:66:c6:
14:59:96:ba:83:86:09:b5:06:7a:2f:a9:c2:74:60:f8:da:1e:
b6:b9:61:93:ca:ce:8b:ba:72:a8:26:77:b3:6f:c1:83:01:a3:
35:16:6e:21:69:b6:54:9f:bd:86:14:f9:01:22:f3:7c:1d:f6:
a4:38:ad:16:2b:b6:28:c9:30:73:a1:62:41:26:01:80:cf:1e:
ce:89:a9:6a:02:8c:fb:1f:0e:08:8b:1a:60:85:84:30:7f:4a:
bf:9f:44:4d:b9:bb:3a:c9:09:4f:24:68:13:e4:8a:3a:d6:5b:
20:0b:27:f8:27:25:19:a1:af:18:59:08:7b:a6:90:19:f6:80:
1f:7b:30:13:56:35:c1:28:b3:63:39:b5:d2:8a:8c:21:8e:9b:
f1:39:97:33:2c:ce:af:78:ac:19:62:b9:b6:c7:08:e1:5f:c1:
d2:9c:31:c6:0c:d2:8b:9e:76:f9:d2:8b:d1:e5:30:e9:4d:f5:
52:8b:6e:10:58:11:34:26:6a:2b:71:45:2a:d3:b6:59:b5:93:
20:9e:c3:d9:ec:8d:c4:45:1e:17:30:4e:ee:ea:40:c2:b9:06:
55:18:7e:4d:10:da:ab:0e:69:49:c0:c9:6c:36:a9:6b:0d:32:
73:c3:4c:2d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMzAy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ4NEI1QkE2OTY3NzlG
NDBBMjZEQ0RBNTdGOEFBRjc2QTdDREUyMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJHcIQJBTMbcR6QfJx2FW+zy0noOnUyF5Y0PfWGnDFiyyhB59c
Esht5xM3XkMyaCLBdWJDRoGWC/XivAVaKWTOj6b2eN9QfdD/xuFpwRNAu8mCsi5D
GqZB/CRSuBASCXfDQcl2dnaJeYCbAgQiqmlIO42rpnUaE0bUAVTWHhyQN/F+Zt4M
yJ6paKmF+bOriJ3L0CZ4kVM+C4MKDdf08plvz7koImHyfyU7c/hze5U6p/9uIEWH
IsLR8FoJ2/hzribqCIGweO9oMDUnnR/yyl5w5+3CGnrFWaBvIuKWgLPSwhTbE+py
KynyYFnLH2c/GAe7THMvQHCVbitnO4wJpaFlAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU2EtbppZ3n0Cibc2lf4qvdqfN4iwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzJFdGJwcFozbjBDaWJj
MmxmNHF2ZHFmTjRpdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMEI7tEKnigivj0WZuXs4QBmxhRZlrqDhgm1
BnovqcJ0YPjaHra5YZPKzou6cqgmd7NvwYMBozUWbiFptlSfvYYU+QEi83wd9qQ4
rRYrtijJMHOhYkEmAYDPHs6JqWoCjPsfDgiLGmCFhDB/Sr+fRE25uzrJCU8kaBPk
ijrWWyALJ/gnJRmhrxhZCHumkBn2gB97MBNWNcEos2M5tdKKjCGOm/E5lzMszq94
rBliubbHCOFfwdKcMcYM0ouedvnSi9HlMOlN9VKLbhBYETQmaitxRSrTtlm1kyCe
w9nsjcRFHhcwTu7qQMK5BlUYfk0Q2qsOaUnAyWw2qWsNMnPDTC0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org