Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Cwg2oEdt6ZdYGlGNHHAY9jbSxv4.roa
File: Cwg2oEdt6ZdYGlGNHHAY9jbSxv4.roa (raw, json)
Hash identifier: HWiG2UhurjnibyjueGY2ACWBiOWJoKga3Tc08v2jhBk=
Subject key identifier: 0B:08:36:A0:47:6D:E9:97:58:1A:51:8D:1C:70:18:F6:36:D2:C6:FE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09FB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Cwg2oEdt6ZdYGlGNHHAY9jbSxv4.roa
Signing time: Mon 18 Nov 2024 23:55:03 +0000
ROA not before: Mon 18 Nov 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2555 (0x9fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 18 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0B0836A0476DE997581A518D1C7018F636D2C6FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:f9:41:a5:43:0d:f8:40:4a:b1:0c:4b:96:
4c:b9:cf:57:ee:c7:d5:4b:63:96:ae:bc:26:e6:28:
92:83:30:30:04:8b:4b:6b:95:6d:42:2f:bc:67:5f:
f5:40:ca:90:4d:26:c7:41:da:d4:5c:90:e7:bf:14:
9a:b2:f7:b8:aa:92:fb:42:41:5b:89:67:b1:ef:c6:
06:d8:3d:d4:c5:fc:e2:e2:df:07:ba:e6:f8:af:fc:
6d:4a:9b:20:54:32:c1:45:76:10:4f:3c:ed:3b:68:
f7:18:c7:6d:89:d0:6f:fd:cd:19:74:9b:95:56:d5:
66:12:e2:8a:51:29:83:dd:a9:62:dd:74:be:5b:88:
70:cb:ed:3b:f1:da:c4:19:1f:8f:0b:f5:23:ac:7d:
b9:22:69:9a:f2:56:5b:93:a8:87:13:09:53:51:fa:
fc:5d:c4:71:0d:45:21:ee:3e:4e:90:33:93:6c:7d:
64:84:4b:f2:5a:19:fe:66:6a:de:74:5b:63:4f:85:
b9:70:d3:0c:d0:59:d4:95:ae:23:2a:ee:e6:16:ec:
17:a1:77:e7:84:a7:c2:1e:06:cf:1a:06:05:37:8e:
4e:47:50:5b:18:2b:c7:a6:8d:f8:9e:15:ea:2e:df:
7d:e6:6b:1d:f9:6f:7c:a2:f8:44:9e:bf:52:4e:5a:
94:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:08:36:A0:47:6D:E9:97:58:1A:51:8D:1C:70:18:F6:36:D2:C6:FE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Cwg2oEdt6ZdYGlGNHHAY9jbSxv4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d4:24:27:9f:f3:bc:1d:80:d1:dd:c2:be:91:44:48:47:8d:
54:6a:1f:61:e4:91:6d:ce:9d:42:22:b9:9c:4b:9d:bf:1b:df:
7a:47:8c:8c:9d:ac:1d:04:ec:d8:10:00:f4:9d:60:1f:82:b1:
62:c9:53:e6:6a:3c:13:b4:b3:3d:9e:1e:04:7f:b0:42:8e:31:
5d:b2:c3:76:39:d6:53:5e:95:a9:ab:0f:66:b2:e5:ac:68:29:
d9:9c:7a:bd:a3:50:8a:30:f8:8c:fa:f1:de:11:69:42:56:b9:
26:29:ef:38:b0:ce:a3:58:68:30:99:46:92:3a:7a:04:9a:45:
4d:fd:01:a3:46:2e:45:bc:8e:3a:0d:4e:a8:9c:f7:97:51:73:
9c:c4:39:59:df:db:d2:c2:d5:34:5d:3a:cb:2a:cb:26:77:22:
06:f6:5d:ee:aa:f8:28:c8:a5:32:3d:93:30:cd:cc:bd:39:22:
1b:99:8e:3d:a2:53:0e:8f:17:62:24:4a:2b:64:15:11:77:be:
02:94:e1:3a:ef:12:c5:79:9d:b6:d4:12:0a:f5:71:ba:33:35:
b7:55:06:b3:9b:f2:c3:aa:19:97:93:01:de:86:1e:a2:bf:68:
73:7e:ef:8c:de:dd:9c:d2:89:3e:a3:64:23:3b:ea:7c:b1:9c:
44:ed:b4:2d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBCMDgzNkEwNDc2REU5
OTc1ODFBNTE4RDFDNzAxOEY2MzZEMkM2RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4nPlBpUMN+EBKsQxLlky5z1fux9VLY5auvCbmKJKDMDAEi0tr
lW1CL7xnX/VAypBNJsdB2tRckOe/FJqy97iqkvtCQVuJZ7HvxgbYPdTF/OLi3we6
5viv/G1KmyBUMsFFdhBPPO07aPcYx22J0G/9zRl0m5VW1WYS4opRKYPdqWLddL5b
iHDL7Tvx2sQZH48L9SOsfbkiaZryVluTqIcTCVNR+vxdxHENRSHuPk6QM5NsfWSE
S/JaGf5mat50W2NPhblw0wzQWdSVriMq7uYW7Behd+eEp8IeBs8aBgU3jk5HUFsY
K8emjfieFeou333max35b3yi+ESev1JOWpSrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUCwg2oEdt6ZdYGlGNHHAY9jbSxv4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0N3ZzJvRWR0NlpkWUds
R05ISEFZOWpiU3h2NC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAC3UJCef87wdgNHdwr6RREhHjVRqH2HkkW3O
nUIiuZxLnb8b33pHjIydrB0E7NgQAPSdYB+CsWLJU+ZqPBO0sz2eHgR/sEKOMV2y
w3Y51lNelamrD2ay5axoKdmcer2jUIow+Iz68d4RaUJWuSYp7ziwzqNYaDCZRpI6
egSaRU39AaNGLkW8jjoNTqic95dRc5zEOVnf29LC1TRdOssqyyZ3Igb2Xe6q+CjI
pTI9kzDNzL05IhuZjj2iUw6PF2IkSitkFRF3vgKU4TrvEsV5nbbUEgr1cbozNbdV
BrOb8sOqGZeTAd6GHqK/aHN+74ze3ZzSiT6jZCM76nyxnETttC0=
-----END CERTIFICATE-----
Generated at Tue Nov 19 06:55:13 2024 by rpki-client on console-fra.rpki-client.org