Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4cbFHhoHnp3_zOum9JWja4opX9w.roa
File: 4cbFHhoHnp3_zOum9JWja4opX9w.roa (raw, json)
Hash identifier: QhwPalBp0EC+JCopAb+KZLc/NRTFirXtvgxqoSytvjM=
Subject key identifier: E1:C6:C5:1E:1A:07:9E:9D:FF:CC:EB:A6:F4:95:A3:6B:8A:29:5F:DC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06C1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4cbFHhoHnp3_zOum9JWja4opX9w.roa
Signing time: Mon 19 Aug 2024 07:55:03 +0000
ROA not before: Mon 19 Aug 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1729 (0x6c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 19 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E1C6C51E1A079E9DFFCCEBA6F495A36B8A295FDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:eb:6a:d6:4a:fa:16:6f:a9:7e:4d:71:40:
03:6a:39:2c:07:a0:78:c7:c2:66:52:e0:e9:23:65:
a9:71:5c:91:37:c2:62:29:12:d0:f4:7d:8b:98:b5:
6c:8a:0d:09:26:7a:e7:76:b7:d1:31:0e:b2:8d:18:
07:63:e9:06:fa:12:88:04:9d:cc:20:97:8f:ca:44:
43:1b:03:fe:fa:c7:af:a9:73:c4:50:bf:1a:4c:c6:
3d:a7:7c:c1:c4:6c:08:48:62:e2:73:a7:89:79:8f:
25:62:51:29:3b:7f:61:ba:76:d0:db:31:69:6c:2f:
6c:3e:c4:64:69:a0:66:92:e5:f9:b4:e5:52:e5:03:
98:01:a5:4b:04:cb:c5:ac:16:56:6a:9f:c3:15:4c:
65:45:37:d3:71:cd:85:cd:fa:18:70:25:5a:d4:a2:
f2:26:b7:8e:2e:04:c6:aa:9b:f4:29:bd:93:be:bd:
f8:6c:70:d5:d7:c6:92:51:a8:b3:a7:74:cc:e2:ad:
fb:50:2c:a1:69:4c:0e:2e:cc:23:bc:dd:9a:ea:a9:
9d:69:3d:34:f3:52:ac:98:ec:50:a7:81:c5:12:2b:
9f:1f:91:6a:31:b3:2a:52:f5:9d:2d:1e:b3:94:c6:
47:34:79:16:5f:71:75:80:e3:7c:22:a3:62:2e:ff:
38:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C6:C5:1E:1A:07:9E:9D:FF:CC:EB:A6:F4:95:A3:6B:8A:29:5F:DC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4cbFHhoHnp3_zOum9JWja4opX9w.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:51:2e:15:94:5f:52:d6:a8:02:79:f9:c8:79:7e:3a:58:2b:
5d:57:5d:95:1f:00:02:d8:df:b3:93:df:bc:7e:40:95:81:2a:
28:aa:69:37:a3:e0:fd:27:d5:21:f9:63:e3:15:83:d0:b0:36:
4f:16:91:7a:1c:3d:a6:b5:76:97:74:47:df:22:77:09:f4:2d:
97:69:3c:67:76:c3:9a:30:27:4b:16:6a:93:21:e4:cd:91:87:
96:4d:0c:ad:9d:d3:e8:a8:55:47:47:30:2d:22:85:c7:29:78:
6e:45:41:7f:15:53:76:c5:87:77:2c:d0:c5:95:ac:ac:77:74:
75:23:0b:ff:c2:94:47:19:18:0e:ab:9f:5e:fe:6b:91:a9:69:
a2:27:5e:8b:6b:a5:e2:24:fa:f6:b6:10:6f:49:57:39:56:b3:
5e:9d:f9:73:9b:fd:6c:42:54:b8:09:e5:b0:ee:f5:b1:ef:16:
38:ff:d2:1a:f8:f2:6b:51:0c:b2:8e:65:67:00:1f:61:c2:34:
c1:c1:7c:7b:18:48:06:61:37:0e:01:a5:4f:13:0e:76:5d:31:
76:60:0c:92:ac:53:8a:06:f1:9b:f9:be:ef:52:d3:d4:1a:fd:
04:80:a0:8c:6a:ce:2b:6e:de:60:f4:93:e1:ee:e3:11:cf:41:
8e:e3:95:fa
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBsEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTkw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUxQzZDNTFFMUEwNzlF
OURGRkNDRUJBNkY0OTVBMzZCOEEyOTVGREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG8Otq1kr6Fm+pfk1xQANqOSwHoHjHwmZS4OkjZalxXJE3wmIp
EtD0fYuYtWyKDQkmeud2t9ExDrKNGAdj6Qb6EogEncwgl4/KREMbA/76x6+pc8RQ
vxpMxj2nfMHEbAhIYuJzp4l5jyViUSk7f2G6dtDbMWlsL2w+xGRpoGaS5fm05VLl
A5gBpUsEy8WsFlZqn8MVTGVFN9NxzYXN+hhwJVrUovImt44uBMaqm/QpvZO+vfhs
cNXXxpJRqLOndMzirftQLKFpTA4uzCO83ZrqqZ1pPTTzUqyY7FCngcUSK58fkWox
sypS9Z0tHrOUxkc0eRZfcXWA43wio2Iu/zhnAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4cbFHhoHnp3/zOum9JWja4opX9wwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzRjYkZIaG9IbnAzX3pP
dW05SldqYTRvcFg5dy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAG9RLhWUX1LWqAJ5+ch5fjpYK11XXZUfAALY
37OT37x+QJWBKiiqaTej4P0n1SH5Y+MVg9CwNk8WkXocPaa1dpd0R98idwn0LZdp
PGd2w5owJ0sWapMh5M2Rh5ZNDK2d0+ioVUdHMC0ihccpeG5FQX8VU3bFh3cs0MWV
rKx3dHUjC//ClEcZGA6rn17+a5GpaaInXotrpeIk+va2EG9JVzlWs16d+XOb/WxC
VLgJ5bDu9bHvFjj/0hr48mtRDLKOZWcAH2HCNMHBfHsYSAZhNw4BpU8TDnZdMXZg
DJKsU4oG8Zv5vu9S09Qa/QSAoIxqzitu3mD0k+Hu4xHPQY7jlfo=
-----END CERTIFICATE-----
Generated at Mon Aug 19 17:20:30 2024 by rpki-client on console-fra.rpki-client.org