Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/9AEK27obEqyG9LFHEQp6gHTtDxg.roa
File: 9AEK27obEqyG9LFHEQp6gHTtDxg.roa (raw, json)
Hash identifier: e8J17LlYwatgTgeWvU1CjsophThrYHeQ+e5/jYjy+/k=
Subject key identifier: F4:01:0A:DB:BA:1B:12:AC:86:F4:B1:47:11:0A:7A:80:74:ED:0F:18
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07AB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/9AEK27obEqyG9LFHEQp6gHTtDxg.roa
Signing time: Sat 14 Sep 2024 07:55:03 +0000
ROA not before: Sat 14 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Sep 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1963 (0x7ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 14 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F4010ADBBA1B12AC86F4B147110A7A8074ED0F18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:aa:0a:82:2a:53:e7:2a:46:df:d7:d6:63:9a:
30:8f:42:71:c2:d8:6f:2a:b2:05:d7:9a:ae:ba:b5:
d8:a0:17:36:9a:3f:f1:84:31:ef:9f:e8:44:ce:1b:
f5:e6:c2:e9:bd:c2:6b:53:76:d7:16:a0:58:fe:cf:
77:c9:c1:54:5f:6d:3c:88:49:ac:98:90:7e:f1:86:
af:86:05:d6:19:a3:dc:a8:be:5b:3d:2d:18:b5:3e:
0b:af:02:32:3c:e6:f7:d0:57:f0:97:82:ce:e9:e8:
50:e7:40:c3:a2:55:22:38:79:f0:d3:17:c4:e7:75:
88:c0:66:80:a4:38:d7:c0:ee:0e:6c:e4:1a:1e:58:
4b:a8:dc:94:d9:f5:8c:ac:f5:e9:d9:2d:6c:c2:b2:
42:54:2d:ab:57:36:9a:43:e3:8d:46:ab:17:51:90:
e5:1f:6e:f8:4b:72:b6:3e:88:03:01:be:9f:71:e6:
70:78:e5:17:0a:af:4a:eb:71:41:17:a2:22:28:e7:
48:c5:77:c6:32:81:18:99:7a:60:69:17:31:a9:58:
f6:17:60:50:d0:3b:63:72:a9:c9:c6:30:7c:f9:dd:
1a:46:b1:43:ba:bd:ff:1b:47:3c:94:3c:7a:5e:58:
d8:60:65:55:f2:58:2c:52:9a:48:dc:cf:a9:1c:69:
97:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:01:0A:DB:BA:1B:12:AC:86:F4:B1:47:11:0A:7A:80:74:ED:0F:18
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/9AEK27obEqyG9LFHEQp6gHTtDxg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:32:fa:16:bf:67:a2:7e:3a:8d:5e:63:cf:5f:8f:26:08:b1:
c9:f7:58:6c:e5:dc:6c:71:fc:16:fa:9c:83:8d:ad:6e:b1:2f:
26:12:0d:7d:54:45:15:a2:60:08:89:9d:da:ff:73:9e:e0:eb:
63:29:ff:c1:43:44:b8:62:43:8b:c3:f6:41:b1:c9:33:d8:dd:
84:7b:d6:78:56:d2:5e:ab:3b:aa:fb:d8:a4:d1:96:89:9b:05:
6b:99:f6:7d:c6:ff:3f:07:6c:be:11:6f:13:9a:a7:fe:02:90:
d5:05:64:0f:82:2d:bf:65:0e:4d:a1:3c:00:21:a8:fb:05:37:
f9:56:99:57:bc:3b:fb:ab:06:ad:5e:c5:da:27:e7:1b:6d:cd:
bd:0a:b9:8b:ea:bf:d7:c6:89:5a:09:2c:59:35:4d:88:62:04:
00:69:c2:d8:56:4c:93:55:68:fe:bd:04:bb:79:00:2e:f9:48:
48:5b:cc:82:66:c1:fd:59:2d:fd:80:ad:bf:f5:37:70:87:70:
02:05:38:a9:2d:13:bc:e9:fa:3b:07:28:43:92:f6:5b:15:b9:
d1:23:a0:1f:ef:bf:3d:fc:03:e3:35:86:5b:90:c5:3c:4f:47:
99:07:39:4b:1f:03:5e:64:68:6c:0d:20:da:c5:76:0a:33:8f:
35:fe:25:42
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB6swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTQw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEY0MDEwQURCQkExQjEy
QUM4NkY0QjE0NzExMEE3QTgwNzRFRDBGMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/qgqCKlPnKkbf19ZjmjCPQnHC2G8qsgXXmq66tdigFzaaP/GE
Me+f6ETOG/Xmwum9wmtTdtcWoFj+z3fJwVRfbTyISayYkH7xhq+GBdYZo9yovls9
LRi1PguvAjI85vfQV/CXgs7p6FDnQMOiVSI4efDTF8TndYjAZoCkONfA7g5s5Boe
WEuo3JTZ9Yys9enZLWzCskJULatXNppD441GqxdRkOUfbvhLcrY+iAMBvp9x5nB4
5RcKr0rrcUEXoiIo50jFd8YygRiZemBpFzGpWPYXYFDQO2NyqcnGMHz53RpGsUO6
vf8bRzyUPHpeWNhgZVXyWCxSmkjcz6kcaZezAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU9AEK27obEqyG9LFHEQp6gHTtDxgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzlBRUsyN29iRXF5RzlM
RkhFUXA2Z0hUdER4Zy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACwy+ha/Z6J+Oo1eY89fjyYIscn3WGzl3Gxx
/Bb6nIONrW6xLyYSDX1URRWiYAiJndr/c57g62Mp/8FDRLhiQ4vD9kGxyTPY3YR7
1nhW0l6rO6r72KTRlombBWuZ9n3G/z8HbL4RbxOap/4CkNUFZA+CLb9lDk2hPAAh
qPsFN/lWmVe8O/urBq1exdon5xttzb0KuYvqv9fGiVoJLFk1TYhiBABpwthWTJNV
aP69BLt5AC75SEhbzIJmwf1ZLf2Arb/1N3CHcAIFOKktE7zp+jsHKEOS9lsVudEj
oB/vvz38A+M1hluQxTxPR5kHOUsfA15kaGwNINrFdgozjzX+JUI=
-----END CERTIFICATE-----
Generated at Sat Sep 14 16:33:10 2024 by rpki-client on console-ams.rpki-client.org