Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/2i7WxmRrCVsu4bdhiPLtS7TcZXA.roa
File: 2i7WxmRrCVsu4bdhiPLtS7TcZXA.roa (raw, json)
Hash identifier: ok3vzHIVHTTfh0utQCvS9vBpeBYYNzsK97aqEUzM6Yg=
Subject key identifier: DA:2E:D6:C6:64:6B:09:5B:2E:E1:B7:61:88:F2:ED:4B:B4:DC:65:70
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 04B7
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2i7WxmRrCVsu4bdhiPLtS7TcZXA.roa
Signing time: Sat 22 Jun 2024 07:55:03 +0000
ROA not before: Sat 22 Jun 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1207 (0x4b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 22 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DA2ED6C6646B095B2EE1B76188F2ED4BB4DC6570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b9:97:86:8e:bb:f5:5f:02:52:0a:54:15:86:
c0:0c:5a:df:eb:e7:d3:ac:57:26:58:ca:13:00:3c:
9b:cf:47:99:5c:f4:eb:d6:ee:c2:5b:68:1a:b2:6f:
6d:79:23:ff:de:aa:0e:81:49:d1:66:3c:75:3b:de:
2e:c8:19:6f:6d:4d:00:51:46:86:5e:29:3d:e8:d6:
51:d1:ed:b2:16:fd:ad:c6:3d:77:ed:f3:a9:ea:ab:
56:f3:b0:e9:61:9e:87:a3:d9:cc:73:01:db:49:7d:
a5:ac:2a:7a:a0:6c:f5:d1:0b:ca:b4:7e:22:d5:d9:
eb:3b:b5:d9:1a:ae:76:b0:f3:1e:6a:d8:84:22:cd:
af:d1:aa:11:6b:20:0f:cd:99:cd:1d:59:d8:73:55:
e2:ae:77:5f:0a:2f:38:b8:21:fd:98:e0:24:44:ec:
c7:59:c6:e9:3c:70:50:5f:13:ee:32:c0:93:38:e0:
83:d8:be:74:26:a0:79:26:fe:91:94:c3:1d:a7:00:
7a:e0:87:27:64:ba:96:32:d9:c4:47:9d:80:f5:67:
56:f0:aa:2b:8d:f0:e5:11:2a:25:6c:67:53:47:fd:
6d:06:40:5e:39:eb:33:b5:52:2c:0b:13:61:0f:84:
59:89:8f:48:58:67:0f:2a:6c:ab:40:d6:44:40:34:
84:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2E:D6:C6:64:6B:09:5B:2E:E1:B7:61:88:F2:ED:4B:B4:DC:65:70
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2i7WxmRrCVsu4bdhiPLtS7TcZXA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:e8:28:f9:b7:31:21:c6:43:65:7e:ce:0f:19:b4:6c:1f:23:
b1:5f:cf:0b:cf:d8:73:81:13:1e:06:ef:10:42:71:84:49:e9:
77:6d:9c:03:1c:15:97:71:8b:0b:ad:0a:1a:57:7f:d2:8a:38:
1c:5c:6b:81:cd:4a:5e:33:21:4a:96:3c:d8:79:ad:4c:14:ca:
85:37:b9:8f:88:b6:4d:88:8f:78:72:a3:71:bf:bc:a4:32:7a:
ce:96:86:c5:89:04:32:7f:ad:6f:ea:dc:87:77:dd:44:09:53:
c6:f8:16:68:21:c9:29:81:b0:13:de:8a:87:19:f7:f5:65:5f:
b9:fc:e9:00:78:3e:83:c8:76:77:ee:fb:df:fe:11:59:7e:cf:
af:e8:16:e6:f5:6c:dd:10:1c:c9:52:8c:c5:a8:97:f7:13:77:
fe:80:03:45:9c:55:4b:27:f3:17:d0:d5:ff:5f:d4:ba:dd:f1:
cb:e5:8a:a7:24:2a:7e:7d:45:b9:6d:89:e5:84:c9:e4:aa:8f:
d7:c3:93:4b:08:71:53:88:f7:54:c2:db:13:c7:7a:6c:53:43:
ba:72:86:05:a3:1b:3f:fc:ba:83:b7:bb:b3:e4:2a:07:cd:10:
2e:f1:79:da:aa:a0:4e:e4:a1:a5:78:59:44:16:8a:ab:ba:ab:
10:ff:46:3a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MjIw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERBMkVENkM2NjQ2QjA5
NUIyRUUxQjc2MTg4RjJFRDRCQjREQzY1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYuZeGjrv1XwJSClQVhsAMWt/r59OsVyZYyhMAPJvPR5lc9OvW
7sJbaBqyb215I//eqg6BSdFmPHU73i7IGW9tTQBRRoZeKT3o1lHR7bIW/a3GPXft
86nqq1bzsOlhnoej2cxzAdtJfaWsKnqgbPXRC8q0fiLV2es7tdkarnaw8x5q2IQi
za/RqhFrIA/Nmc0dWdhzVeKud18KLzi4If2Y4CRE7MdZxuk8cFBfE+4ywJM44IPY
vnQmoHkm/pGUwx2nAHrghydkupYy2cRHnYD1Z1bwqiuN8OURKiVsZ1NH/W0GQF45
6zO1UiwLE2EPhFmJj0hYZw8qbKtA1kRANISrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU2i7WxmRrCVsu4bdhiPLtS7TcZXAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzJpN1d4bVJyQ1ZzdTRi
ZGhpUEx0UzdUY1pYQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALnoKPm3MSHGQ2V+zg8ZtGwfI7FfzwvP2HOB
Ex4G7xBCcYRJ6XdtnAMcFZdxiwutChpXf9KKOBxca4HNSl4zIUqWPNh5rUwUyoU3
uY+Itk2Ij3hyo3G/vKQyes6WhsWJBDJ/rW/q3Id33UQJU8b4FmghySmBsBPeiocZ
9/VlX7n86QB4PoPIdnfu+9/+EVl+z6/oFub1bN0QHMlSjMWol/cTd/6AA0WcVUsn
8xfQ1f9f1Lrd8cvliqckKn59RbltieWEyeSqj9fDk0sIcVOI91TC2xPHemxTQ7py
hgWjGz/8uoO3u7PkKgfNEC7xedqqoE7koaV4WUQWiqu6qxD/Rjo=
-----END CERTIFICATE-----
Generated at Sat Jun 22 12:40:12 2024 by rpki-client on console-fra.rpki-client.org