Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4g1wXxifD_5UEVtMpr4anSv9At4.roa
File: 4g1wXxifD_5UEVtMpr4anSv9At4.roa (raw, json)
Hash identifier: Ffy6SR0sRJoSO7OTUK3ixEV3IZpt9pKtOnBeOAVB2sM=
Subject key identifier: E2:0D:70:5F:18:9F:0F:FE:54:11:5B:4C:A6:BE:1A:9D:2B:FD:02:DE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0742
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4g1wXxifD_5UEVtMpr4anSv9At4.roa
Signing time: Mon 02 Sep 2024 15:55:03 +0000
ROA not before: Mon 02 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1858 (0x742)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 2 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E20D705F189F0FFE54115B4CA6BE1A9D2BFD02DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:80:35:3a:52:36:34:32:2f:db:eb:3d:fd:50:
37:ec:3f:df:1c:1e:52:70:e6:00:b3:d6:b6:69:56:
5f:5c:b6:30:9b:03:50:5a:c7:20:1a:82:51:3d:60:
df:cf:58:b6:f1:e4:c2:93:e7:5d:d0:de:4d:ef:4f:
8b:3c:e1:6d:5b:dc:09:8d:cc:24:df:be:9f:0e:06:
1d:4c:cc:2b:e8:2a:f5:0d:d9:45:b4:02:eb:7c:b5:
39:41:84:49:3b:56:ff:38:3a:af:bb:15:de:78:3e:
d4:28:d1:16:fc:69:65:5a:be:f1:47:07:0c:3a:bd:
72:85:17:fd:01:9e:1a:f0:a5:28:c1:d1:b6:37:39:
bd:af:84:86:fa:1e:b8:0e:c6:e5:4d:6d:b8:5c:5b:
8d:54:13:c8:31:20:7f:9c:16:2b:46:c0:b3:a0:23:
8d:d5:86:fd:83:3c:0e:b5:6f:86:26:c5:51:94:bb:
bc:ae:d6:3d:be:58:cd:f0:be:66:b7:34:ab:0f:48:
51:39:d0:d9:d0:c2:19:46:a1:98:bd:29:97:8f:be:
38:03:4d:95:25:96:ac:af:fd:91:8a:d8:71:08:c9:
ca:80:26:c5:e3:95:75:e2:e4:cb:95:eb:3a:e2:7d:
ca:4b:98:41:24:be:33:f7:44:02:eb:63:44:e0:24:
86:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0D:70:5F:18:9F:0F:FE:54:11:5B:4C:A6:BE:1A:9D:2B:FD:02:DE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4g1wXxifD_5UEVtMpr4anSv9At4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:72:60:d6:31:cb:f4:0b:a2:ad:fc:a6:b8:64:97:95:17:54:
88:f1:dc:6e:6e:32:d4:d6:47:72:2c:78:39:9a:a5:dd:90:89:
e2:ee:7f:b5:82:f4:c3:09:59:0d:3f:09:9f:12:04:90:83:ac:
07:2b:92:0d:34:c2:0d:2a:bc:23:bd:e2:3a:39:ba:73:f7:5b:
8d:18:b1:77:22:30:d4:b9:d0:99:2a:3e:f9:e0:59:ac:29:34:
9a:9a:c8:6a:ef:8d:09:6f:54:75:4b:5c:a1:8b:90:f1:dc:da:
03:54:b5:19:d5:4f:83:8d:92:df:ba:b8:b5:16:1c:ed:c1:30:
2c:35:4e:26:8f:7c:68:9d:5f:b6:c7:97:9a:85:77:fe:bd:2a:
a1:73:7d:21:5c:17:dd:23:ae:7b:ba:00:34:61:2c:fd:9e:ec:
6b:d1:4a:42:33:11:15:be:71:25:89:20:9c:b1:fb:98:32:c1:
6b:c1:7d:51:8e:c4:43:16:fe:1a:b0:bd:44:6f:f4:7f:35:25:
96:7a:bb:86:0f:13:15:c6:ec:f2:e7:47:f1:e4:0f:1e:f9:84:
02:aa:4c:bc:3f:2f:f9:c6:dc:27:bd:15:30:de:b7:1b:55:53:
e6:b2:4e:6a:26:d9:3f:b5:65:19:df:29:b6:e3:e5:c2:a5:9c:
ae:e2:4a:a1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB0IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUyMEQ3MDVGMTg5RjBG
RkU1NDExNUI0Q0E2QkUxQTlEMkJGRDAyREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmgDU6UjY0Mi/b6z39UDfsP98cHlJw5gCz1rZpVl9ctjCbA1Ba
xyAaglE9YN/PWLbx5MKT513Q3k3vT4s84W1b3AmNzCTfvp8OBh1MzCvoKvUN2UW0
Aut8tTlBhEk7Vv84Oq+7Fd54PtQo0Rb8aWVavvFHBww6vXKFF/0BnhrwpSjB0bY3
Ob2vhIb6HrgOxuVNbbhcW41UE8gxIH+cFitGwLOgI43Vhv2DPA61b4YmxVGUu7yu
1j2+WM3wvma3NKsPSFE50NnQwhlGoZi9KZePvjgDTZUllqyv/ZGK2HEIycqAJsXj
lXXi5MuV6zrifcpLmEEkvjP3RALrY0TgJIapAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4g1wXxifD/5UEVtMpr4anSv9At4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzRnMXdYeGlmRF81VUVW
dE1wcjRhblN2OUF0NC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAL9yYNYxy/QLoq38prhkl5UXVIjx3G5uMtTW
R3IseDmapd2QieLuf7WC9MMJWQ0/CZ8SBJCDrAcrkg00wg0qvCO94jo5unP3W40Y
sXciMNS50JkqPvngWawpNJqayGrvjQlvVHVLXKGLkPHc2gNUtRnVT4ONkt+6uLUW
HO3BMCw1TiaPfGidX7bHl5qFd/69KqFzfSFcF90jrnu6ADRhLP2e7GvRSkIzERW+
cSWJIJyx+5gywWvBfVGOxEMW/hqwvURv9H81JZZ6u4YPExXG7PLnR/HkDx75hAKq
TLw/L/nG3Ce9FTDetxtVU+ayTmom2T+1ZRnfKbbj5cKlnK7iSqE=
-----END CERTIFICATE-----
Generated at Mon Sep 2 21:16:52 2024 by rpki-client on console-fra.rpki-client.org