Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/BDYe0NyzsF3eGxmVDOK6EgFLfi8.roa
File: BDYe0NyzsF3eGxmVDOK6EgFLfi8.roa (raw, json)
Hash identifier: 6IqC6PrHB9juXKzcozd7kFlgvH526znOudduF5g8FB8=
Subject key identifier: 04:36:1E:D0:DC:B3:B0:5D:DE:1B:19:95:0C:E2:BA:12:01:4B:7E:2F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0947
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BDYe0NyzsF3eGxmVDOK6EgFLfi8.roa
Signing time: Tue 29 Oct 2024 23:55:03 +0000
ROA not before: Tue 29 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2375 (0x947)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 29 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04361ED0DCB3B05DDE1B19950CE2BA12014B7E2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:90:85:00:9f:04:46:cd:48:78:b7:08:4f:9e:
bb:d7:0f:9a:98:dc:0b:bc:91:86:7b:af:f2:16:73:
ea:72:b2:3c:ae:54:da:9d:6d:33:55:15:cc:16:88:
cf:2e:29:cc:c7:5d:a7:f7:92:5f:54:d2:1a:40:37:
b9:56:51:55:d7:f8:41:ea:9c:02:32:8e:09:66:33:
cc:ad:28:39:46:df:18:e6:58:fc:7b:7d:a3:61:9a:
a8:0e:35:be:30:b0:da:c6:d5:cc:ca:6d:75:c5:ec:
a7:ea:d2:dc:52:59:c4:de:ca:1d:a7:45:dc:fa:43:
4a:e0:2f:93:33:24:be:7d:92:a9:83:35:75:60:5c:
46:e1:b3:d2:a9:8a:a6:72:04:e5:51:90:75:46:77:
7f:0e:ab:af:76:eb:05:5b:7b:b6:a5:53:e6:ad:55:
f4:5d:48:ce:86:79:14:63:70:4f:82:aa:df:c7:9a:
e9:2f:7f:37:cf:f2:1b:ca:3a:dc:d0:68:b6:7e:5a:
9d:c6:0b:6e:81:dd:53:8e:6a:47:57:93:7a:ad:f3:
29:c9:d5:bf:95:08:e7:75:52:bd:bd:82:c6:02:05:
7b:a3:36:e5:a2:df:02:23:2b:ae:b8:1e:40:40:aa:
e9:dd:2b:6c:1c:00:af:85:bc:a0:24:58:e2:de:7d:
03:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:36:1E:D0:DC:B3:B0:5D:DE:1B:19:95:0C:E2:BA:12:01:4B:7E:2F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BDYe0NyzsF3eGxmVDOK6EgFLfi8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:4e:b2:3d:1e:d4:5b:68:73:65:63:76:75:0b:b0:46:f7:38:
79:29:78:4c:80:a4:64:5b:85:c4:cf:56:0a:03:e0:25:bd:62:
cc:5e:7e:67:67:05:22:45:ef:c5:e7:ae:84:b1:7b:b1:80:35:
ca:64:90:21:ac:4b:be:45:c4:48:f7:2b:95:08:86:78:48:37:
7e:73:0e:05:bd:e3:a3:4b:93:07:39:9e:7d:39:09:f2:53:ec:
90:ae:00:3c:4d:b3:88:89:fc:5f:a3:c7:54:2d:7d:21:14:41:
14:11:8d:7a:98:c4:7e:9a:67:a6:8d:30:c1:c8:47:0c:62:fc:
cc:5e:c1:af:25:95:79:6f:17:8e:d7:80:74:41:c4:e1:2b:5e:
08:e9:8e:01:c3:ff:38:4e:b0:1f:ee:3a:c4:92:1f:e6:19:6d:
34:a9:c7:df:07:89:67:3f:43:6e:ce:e6:bc:e3:60:9b:4e:ec:
67:aa:0f:2a:f8:70:1d:00:3a:ef:a1:c8:8d:2f:63:8b:7a:53:
0f:98:c5:6b:c9:59:7c:df:0a:13:2a:03:15:73:90:b6:1f:ac:
b6:a2:24:ca:2b:33:6c:ed:e7:2d:8d:cc:99:4b:a3:62:d1:35:
e3:90:ca:60:49:0f:cd:97:32:24:a4:66:1d:5f:cc:c1:a8:25:
e6:01:af:25
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjky
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA0MzYxRUQwRENCM0Iw
NURERTFCMTk5NTBDRTJCQTEyMDE0QjdFMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEkIUAnwRGzUh4twhPnrvXD5qY3Au8kYZ7r/IWc+pysjyuVNqd
bTNVFcwWiM8uKczHXaf3kl9U0hpAN7lWUVXX+EHqnAIyjglmM8ytKDlG3xjmWPx7
faNhmqgONb4wsNrG1czKbXXF7Kfq0txSWcTeyh2nRdz6Q0rgL5MzJL59kqmDNXVg
XEbhs9KpiqZyBOVRkHVGd38Oq6926wVbe7alU+atVfRdSM6GeRRjcE+Cqt/Hmukv
fzfP8hvKOtzQaLZ+Wp3GC26B3VOOakdXk3qt8ynJ1b+VCOd1Ur29gsYCBXujNuWi
3wIjK664HkBAqundK2wcAK+FvKAkWOLefQMXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUBDYe0NyzsF3eGxmVDOK6EgFLfi8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0JEWWUwTnl6c0YzZUd4
bVZET0s2RWdGTGZpOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMBOsj0e1Ftoc2VjdnULsEb3OHkpeEyApGRb
hcTPVgoD4CW9YsxefmdnBSJF78XnroSxe7GANcpkkCGsS75FxEj3K5UIhnhIN35z
DgW946NLkwc5nn05CfJT7JCuADxNs4iJ/F+jx1QtfSEUQRQRjXqYxH6aZ6aNMMHI
Rwxi/Mxewa8llXlvF47XgHRBxOErXgjpjgHD/zhOsB/uOsSSH+YZbTSpx98HiWc/
Q27O5rzjYJtO7GeqDyr4cB0AOu+hyI0vY4t6Uw+YxWvJWXzfChMqAxVzkLYfrLai
JMorM2zt5y2NzJlLo2LRNeOQymBJD82XMiSkZh1fzMGoJeYBryU=
-----END CERTIFICATE-----
Generated at Wed Oct 30 05:33:21 2024 by rpki-client on console-fra.rpki-client.org