Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/B850MjjqRVQazWUtLNtdR90aVmk.roa
File: B850MjjqRVQazWUtLNtdR90aVmk.roa (raw, json)
Hash identifier: GQOfiqsEATQ6SHBwnmJdEbPpJxcNwQDg4XA5/OEEAcU=
Subject key identifier: 07:CE:74:32:38:EA:45:54:1A:CD:65:2D:2C:DB:5D:47:DD:1A:56:69
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0814
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/B850MjjqRVQazWUtLNtdR90aVmk.roa
Signing time: Wed 25 Sep 2024 23:55:03 +0000
ROA not before: Wed 25 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2068 (0x814)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 25 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07CE743238EA45541ACD652D2CDB5D47DD1A5669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:16:bc:89:8f:7b:92:79:ad:94:95:4f:49:9d:
92:c6:a8:32:79:fe:43:8e:97:63:0f:31:d4:58:54:
ad:82:7f:5e:27:26:ff:ed:2d:65:de:fc:6d:9e:58:
95:b3:ee:d5:52:51:24:ff:62:79:07:ea:09:9d:1d:
00:d1:5a:10:1c:46:66:12:8f:3c:c0:cf:e8:59:40:
61:c2:37:e0:ff:c6:77:4a:aa:f6:26:7d:49:71:25:
7c:ef:f6:24:76:46:88:5a:39:95:6a:89:61:ec:e8:
04:11:67:bf:8d:0e:5d:01:9a:9f:98:c0:b8:00:0e:
12:7a:87:4e:b6:01:5e:5b:24:30:61:7b:9f:b9:04:
42:65:af:33:12:68:a5:7f:81:00:17:87:bf:36:4c:
ea:e2:87:28:6b:b8:5d:e2:ce:f3:36:5f:52:77:a2:
02:a6:e3:1c:b0:92:84:4d:af:2f:3f:95:fe:6e:6a:
49:f0:fb:e8:f6:97:97:83:c1:d5:68:80:fb:fe:4f:
15:32:e0:6c:97:97:01:c1:3d:0e:25:88:87:c5:2c:
fa:a3:fe:27:aa:88:39:30:b2:9c:da:e8:90:ed:9b:
d0:22:06:7b:2f:3a:4f:0d:57:e8:4e:f4:4c:91:b7:
38:86:86:e5:cd:37:3a:85:b6:63:1b:40:6d:9e:71:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CE:74:32:38:EA:45:54:1A:CD:65:2D:2C:DB:5D:47:DD:1A:56:69
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/B850MjjqRVQazWUtLNtdR90aVmk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:50:12:eb:d8:ad:02:9e:4f:81:d9:06:b2:b2:1f:82:d0:d5:
fd:d2:4e:be:d2:12:28:72:6b:6f:6c:6c:1c:6c:ef:5e:8a:2f:
2e:c4:b2:2a:a0:b1:c4:f9:d4:f4:d2:18:4a:17:bc:42:b4:d6:
f9:82:6f:ff:12:43:83:f0:ae:32:77:a2:7b:d9:e0:4d:ac:09:
dc:1d:22:49:81:f6:39:28:d8:20:d6:8f:c8:f9:cd:44:10:c6:
70:97:b9:cb:dc:78:e4:a2:5d:02:aa:05:d5:cc:c9:16:02:b6:
7d:52:0f:fa:cf:6f:35:a0:ab:06:f1:12:2d:47:e8:4d:02:0d:
bf:17:4b:d0:44:67:de:6c:4f:07:f2:03:e0:a4:93:f5:c8:be:
a2:77:bd:47:0d:66:43:16:7f:dd:31:09:fb:ab:94:c2:f6:d2:
aa:83:d5:05:e0:f3:26:a8:9b:2a:6a:59:f3:dd:44:7d:2a:49:
5f:60:b5:7a:64:0d:c0:a6:ba:26:13:3c:4b:af:77:f9:ff:a1:
77:20:f3:f4:85:16:f1:05:7d:f8:8d:52:e8:ea:74:f9:77:4f:
03:21:99:cb:a4:eb:be:fa:64:a9:64:96:4e:e2:74:33:1e:ea:
f2:6e:74:32:84:9b:3c:aa:e3:1d:a5:13:36:5f:f8:00:ea:ee:
5c:77:44:58
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjUy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA3Q0U3NDMyMzhFQTQ1
NTQxQUNENjUyRDJDREI1RDQ3REQxQTU2NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsFryJj3uSea2UlU9JnZLGqDJ5/kOOl2MPMdRYVK2Cf14nJv/t
LWXe/G2eWJWz7tVSUST/YnkH6gmdHQDRWhAcRmYSjzzAz+hZQGHCN+D/xndKqvYm
fUlxJXzv9iR2RohaOZVqiWHs6AQRZ7+NDl0Bmp+YwLgADhJ6h062AV5bJDBhe5+5
BEJlrzMSaKV/gQAXh782TOrihyhruF3izvM2X1J3ogKm4xywkoRNry8/lf5uaknw
++j2l5eDwdVogPv+TxUy4GyXlwHBPQ4liIfFLPqj/ieqiDkwspza6JDtm9AiBnsv
Ok8NV+hO9EyRtziGhuXNNzqFtmMbQG2eceUhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUB850MjjqRVQazWUtLNtdR90aVmkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0I4NTBNampxUlZRYXpX
VXRMTnRkUjkwYVZtay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMZQEuvYrQKeT4HZBrKyH4LQ1f3STr7SEihy
a29sbBxs716KLy7EsiqgscT51PTSGEoXvEK01vmCb/8SQ4PwrjJ3onvZ4E2sCdwd
IkmB9jko2CDWj8j5zUQQxnCXucvceOSiXQKqBdXMyRYCtn1SD/rPbzWgqwbxEi1H
6E0CDb8XS9BEZ95sTwfyA+Ckk/XIvqJ3vUcNZkMWf90xCfurlML20qqD1QXg8yao
mypqWfPdRH0qSV9gtXpkDcCmuiYTPEuvd/n/oXcg8/SFFvEFffiNUujqdPl3TwMh
mcuk6776ZKlklk7idDMe6vJudDKEmzyq4x2lEzZf+ADq7lx3RFg=
-----END CERTIFICATE-----
Generated at Thu Sep 26 05:00:51 2024 by rpki-client on console-fra.rpki-client.org