Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/BLrPCYThBp4bChaNKjjLz6MUb5s.roa
File: BLrPCYThBp4bChaNKjjLz6MUb5s.roa (raw, json)
Hash identifier: DmwKWChksKE1qq6tRRumsZbswmm2J640s4W5ZN+YYGM=
Subject key identifier: 04:BA:CF:09:84:E1:06:9E:1B:0A:16:8D:2A:38:CB:CF:A3:14:6F:9B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06EE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BLrPCYThBp4bChaNKjjLz6MUb5s.roa
Signing time: Sat 24 Aug 2024 07:55:04 +0000
ROA not before: Sat 24 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1774 (0x6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 24 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04BACF0984E1069E1B0A168D2A38CBCFA3146F9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:36:ca:ab:76:bb:6e:04:af:4e:b2:4e:f2:87:
89:e5:72:6d:f0:77:25:e6:42:5f:ef:45:6e:55:0a:
80:f3:0c:b9:6d:05:e0:bf:ec:c8:ba:a6:68:70:bd:
95:d0:ee:91:7f:b7:0d:ba:45:26:e8:5d:30:79:1e:
02:28:81:fb:0e:8e:80:90:a7:20:7a:d6:83:8f:24:
82:63:a1:e0:08:c7:10:c1:6e:9f:e4:01:a5:4a:b4:
60:f3:5a:92:9f:ce:7c:b8:7c:5b:62:97:ca:84:14:
d4:69:a2:82:2e:38:20:14:1a:51:9b:40:4e:bc:5d:
86:07:90:af:b5:68:bb:d6:bb:7f:74:63:60:8a:c7:
3c:3f:b4:44:48:32:8f:24:3e:11:4b:5a:ae:cc:7f:
24:c7:a2:37:05:83:eb:d0:03:9d:75:31:c1:f6:b8:
31:b9:18:95:82:99:6e:02:d4:89:5e:c6:ad:5a:07:
0f:5a:60:e2:c2:2f:17:2d:5f:3e:8d:d3:66:91:9e:
17:d2:71:3f:fe:83:0b:b8:21:57:df:60:ed:7c:12:
cb:07:e3:a7:e3:ac:8b:92:69:ce:f1:aa:96:0b:fc:
57:91:9e:50:46:9e:4b:92:da:4c:3b:16:4b:07:8c:
a0:e3:bd:57:10:cd:8d:79:43:cd:c1:fc:49:8a:16:
3a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BA:CF:09:84:E1:06:9E:1B:0A:16:8D:2A:38:CB:CF:A3:14:6F:9B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BLrPCYThBp4bChaNKjjLz6MUb5s.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:58:2d:ed:ea:74:fc:f9:d0:28:59:22:c1:12:3a:c6:11:8f:
6a:40:c2:e5:e0:3d:0c:e1:ca:d5:39:28:d2:3f:0d:09:5f:24:
00:27:db:2d:87:70:ac:c4:86:05:70:38:7e:4c:41:5a:2e:ba:
8f:cb:a9:30:35:69:32:12:cd:22:11:f9:f3:16:79:03:3d:83:
0a:5b:0e:9b:b5:d6:10:20:05:2a:5a:eb:30:bc:f2:b9:a6:0b:
10:01:fa:0b:57:38:80:71:ef:70:a0:5f:ec:d4:93:88:d0:83:
fc:62:d7:57:e6:61:ca:ea:15:ca:81:84:70:67:a7:90:ec:ed:
c1:eb:44:3b:c9:c3:e7:08:5e:04:9e:2f:01:1a:7f:bc:6b:0f:
8e:94:bd:cc:ae:a7:6a:b8:d5:3e:83:47:be:68:20:8f:6a:c3:
a6:b0:ad:1f:1d:03:ee:17:5f:66:eb:b8:b3:c0:91:ee:de:e2:
cd:0e:c9:09:42:c1:3f:59:35:6e:44:04:f6:1a:61:fe:e1:d1:
59:83:56:e9:e6:94:54:f7:44:5a:b6:fa:8b:02:c4:1b:fb:97:
ee:3b:a9:fe:c2:db:53:5c:19:9b:61:37:ac:4d:4b:28:b2:6e:
43:82:5f:e2:ad:e2:73:f6:a8:b6:30:67:e7:ae:51:ec:b6:66:
3e:de:0e:99
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjQw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA0QkFDRjA5ODRFMTA2
OUUxQjBBMTY4RDJBMzhDQkNGQTMxNDZGOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7NsqrdrtuBK9Osk7yh4nlcm3wdyXmQl/vRW5VCoDzDLltBeC/
7Mi6pmhwvZXQ7pF/tw26RSboXTB5HgIogfsOjoCQpyB61oOPJIJjoeAIxxDBbp/k
AaVKtGDzWpKfzny4fFtil8qEFNRpooIuOCAUGlGbQE68XYYHkK+1aLvWu390Y2CK
xzw/tERIMo8kPhFLWq7MfyTHojcFg+vQA511McH2uDG5GJWCmW4C1Ilexq1aBw9a
YOLCLxctXz6N02aRnhfScT/+gwu4IVffYO18EssH46fjrIuSac7xqpYL/FeRnlBG
nkuS2kw7FksHjKDjvVcQzY15Q83B/EmKFjrhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUBLrPCYThBp4bChaNKjjLz6MUb5swHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0JMclBDWVRoQnA0YkNo
YU5LampMejZNVWI1cy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAB5YLe3qdPz50ChZIsESOsYRj2pAwuXgPQzh
ytU5KNI/DQlfJAAn2y2HcKzEhgVwOH5MQVouuo/LqTA1aTISzSIR+fMWeQM9gwpb
Dpu11hAgBSpa6zC88rmmCxAB+gtXOIBx73CgX+zUk4jQg/xi11fmYcrqFcqBhHBn
p5Ds7cHrRDvJw+cIXgSeLwEaf7xrD46Uvcyup2q41T6DR75oII9qw6awrR8dA+4X
X2bruLPAke7e4s0OyQlCwT9ZNW5EBPYaYf7h0VmDVunmlFT3RFq2+osCxBv7l+47
qf7C21NcGZthN6xNSyiybkOCX+Kt4nP2qLYwZ+euUey2Zj7eDpk=
-----END CERTIFICATE-----
Generated at Sat Aug 24 16:11:45 2024 by rpki-client on console-ams.rpki-client.org