Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/2RCuZKxnfKDOl1aV2KUm6-ZRj80.roa
File: 2RCuZKxnfKDOl1aV2KUm6-ZRj80.roa (raw, json)
Hash identifier: rujMKTDdInm7fxjovgmNlTFTllKe7GNFnVveakgWgoA=
Subject key identifier: D9:10:AE:64:AC:67:7C:A0:CE:97:56:95:D8:A5:26:EB:E6:51:8F:CD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0631
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2RCuZKxnfKDOl1aV2KUm6-ZRj80.roa
Signing time: Sat 03 Aug 2024 07:55:04 +0000
ROA not before: Sat 03 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1585 (0x631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 3 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D910AE64AC677CA0CE975695D8A526EBE6518FCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:d5:2b:98:4e:33:eb:9f:79:9a:78:9f:23:
12:a5:20:cf:64:d6:c2:36:3e:a6:e9:64:e5:54:b7:
06:c2:3c:68:21:a9:a5:96:eb:9c:35:5a:ac:11:4f:
c1:bc:fa:3e:3f:c3:d9:d6:c2:0e:9d:9b:ce:ac:9e:
74:62:63:07:4b:8c:59:ff:01:1b:98:f2:2d:1c:a7:
64:55:dc:41:5f:bf:90:0d:92:24:0b:89:00:e0:2a:
0b:ca:93:92:56:0a:58:37:e9:d4:60:86:6e:44:3e:
74:49:7c:fb:9a:5f:df:30:98:65:63:71:f8:49:8e:
f5:d1:c0:26:c8:3b:8d:9b:b0:57:62:d1:20:eb:f6:
eb:91:81:ed:c5:9f:b3:ca:43:bd:91:5b:a1:50:8d:
8a:58:da:f4:6c:05:dc:e8:b3:e9:b1:22:d3:d2:21:
11:a1:4e:78:f1:45:c2:3e:31:84:04:05:e4:63:11:
ce:da:5e:02:c2:ee:e7:89:ca:63:eb:98:66:fe:d8:
f4:b6:d0:c2:9e:34:44:93:a4:35:6d:97:bd:be:af:
52:ba:31:4e:da:8e:14:52:01:08:a8:b0:50:77:5a:
b3:5a:42:b2:5c:40:8e:31:6a:5a:12:fb:b7:ab:e6:
d2:eb:a7:11:d9:87:a6:3f:5c:79:06:48:87:70:7c:
33:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:10:AE:64:AC:67:7C:A0:CE:97:56:95:D8:A5:26:EB:E6:51:8F:CD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2RCuZKxnfKDOl1aV2KUm6-ZRj80.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b5:bc:1f:61:36:e0:58:73:81:9b:75:ad:ae:ea:fc:dc:2c:
48:e0:03:2c:74:b9:98:af:b1:e0:4f:76:87:f2:99:c2:24:00:
de:81:1d:1a:95:5e:3f:7e:d4:13:b6:56:4e:e5:9a:01:a6:10:
2d:02:c1:1f:56:70:d4:e5:37:3b:f6:95:a1:1a:7e:8b:5a:26:
c3:e7:61:c6:7f:a8:23:15:d7:d4:87:24:5a:20:26:04:e1:41:
b9:0f:e7:47:82:22:ff:5a:97:ef:31:3a:e4:be:c3:39:cd:2c:
2c:6f:89:1c:67:d4:5b:28:54:a3:3b:32:f4:76:e1:4f:f2:ee:
2d:fc:d5:65:fc:9b:c7:be:8d:87:df:8d:3d:6a:c1:cc:6c:00:
63:0f:b2:59:84:60:60:fb:1c:2e:5a:28:2f:cd:95:0c:18:73:
69:2e:f5:1d:75:72:81:87:25:d1:59:f1:28:8f:b6:8e:20:6c:
3d:ba:61:5c:32:b6:ab:98:96:f6:bc:54:50:5a:88:be:fb:1c:
76:5a:ae:67:cf:61:0b:7b:af:ad:9c:7d:cf:a7:56:6c:d1:13:
b8:3f:ef:fd:bc:2e:a1:a3:61:11:7d:24:e6:7a:5e:7d:34:9c:
75:50:fb:1f:18:1c:38:ad:ea:8d:b1:ba:08:f7:fa:e4:1c:26:
cc:3a:eb:07
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDMw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ5MTBBRTY0QUM2NzdD
QTBDRTk3NTY5NUQ4QTUyNkVCRTY1MThGQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGetUrmE4z6595mnifIxKlIM9k1sI2PqbpZOVUtwbCPGghqaWW
65w1WqwRT8G8+j4/w9nWwg6dm86snnRiYwdLjFn/ARuY8i0cp2RV3EFfv5ANkiQL
iQDgKgvKk5JWClg36dRghm5EPnRJfPuaX98wmGVjcfhJjvXRwCbIO42bsFdi0SDr
9uuRge3Fn7PKQ72RW6FQjYpY2vRsBdzos+mxItPSIRGhTnjxRcI+MYQEBeRjEc7a
XgLC7ueJymPrmGb+2PS20MKeNESTpDVtl72+r1K6MU7ajhRSAQiosFB3WrNaQrJc
QI4xaloS+7er5tLrpxHZh6Y/XHkGSIdwfDOzAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU2RCuZKxnfKDOl1aV2KUm6+ZRj80wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzJSQ3VaS3huZktET2wx
YVYyS1VtNi1aUmo4MC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABS1vB9hNuBYc4Gbda2u6vzcLEjgAyx0uZiv
seBPdofymcIkAN6BHRqVXj9+1BO2Vk7lmgGmEC0CwR9WcNTlNzv2laEafotaJsPn
YcZ/qCMV19SHJFogJgThQbkP50eCIv9al+8xOuS+wznNLCxviRxn1FsoVKM7MvR2
4U/y7i381WX8m8e+jYffjT1qwcxsAGMPslmEYGD7HC5aKC/NlQwYc2ku9R11coGH
JdFZ8SiPto4gbD26YVwytquYlva8VFBaiL77HHZarmfPYQt7r62cfc+nVmzRE7g/
7/28LqGjYRF9JOZ6Xn00nHVQ+x8YHDit6o2xugj3+uQcJsw66wc=
-----END CERTIFICATE-----
Generated at Sat Aug 3 13:29:00 2024 by rpki-client on console-fra.rpki-client.org