Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/D1iOnsM3qHZIjLJaKCK_fjX5qIQ.roa
File: D1iOnsM3qHZIjLJaKCK_fjX5qIQ.roa (raw, json)
Hash identifier: KfAxRJxA1Qf90ycedAJfsGZ27FyeSpVUezVdHxWWWnU=
Subject key identifier: 0F:58:8E:9E:C3:37:A8:76:48:8C:B2:5A:28:22:BF:7E:35:F9:A8:84
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08FE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D1iOnsM3qHZIjLJaKCK_fjX5qIQ.roa
Signing time: Mon 21 Oct 2024 23:55:03 +0000
ROA not before: Mon 21 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2302 (0x8fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 21 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0F588E9EC337A876488CB25A2822BF7E35F9A884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:65:f8:15:3a:15:22:0b:10:4b:99:bc:70:02:
5f:e7:c2:9a:23:b3:b5:39:a9:46:a6:24:38:6d:df:
e1:8c:9a:5d:b5:32:91:bc:41:21:f8:2c:2c:9a:7e:
ab:5d:28:5a:7b:2e:f3:6f:40:c8:86:94:97:38:6e:
52:d0:a5:78:35:93:03:4e:a6:cb:e2:00:a1:68:09:
05:e7:60:d0:f3:f1:c0:ae:77:de:91:3a:0f:bd:bf:
c3:ff:2c:fa:97:0c:75:0a:58:e2:79:a0:06:37:3d:
aa:05:ca:45:d6:80:ae:5d:8b:7e:f4:ca:d0:4c:70:
e0:71:00:8d:d0:f3:31:21:f3:18:7f:ab:11:02:71:
c2:e9:4f:2b:68:01:c6:25:1e:78:de:4a:7c:9f:00:
8d:c2:d2:2c:15:09:c7:51:81:81:c9:9b:86:fd:8f:
d2:96:e7:50:2e:b0:61:83:00:3a:3f:94:6a:21:d6:
86:19:40:f6:07:c7:2f:55:88:42:bd:b2:3a:e9:d5:
9c:42:a3:d9:7b:e5:6a:66:6a:21:28:c8:0d:01:74:
90:ee:41:15:e2:78:ac:ee:85:f6:f3:9d:71:5d:52:
17:38:b6:9f:a4:35:ff:af:95:19:ab:63:d0:00:b9:
55:f5:ae:ff:98:c8:3e:21:fc:39:0f:13:16:22:0f:
46:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:58:8E:9E:C3:37:A8:76:48:8C:B2:5A:28:22:BF:7E:35:F9:A8:84
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D1iOnsM3qHZIjLJaKCK_fjX5qIQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
16:eb:6e:6e:8b:dc:b6:b3:4c:8f:c3:8f:d8:11:20:db:d0:35:
81:1c:94:67:71:5f:c3:a7:f8:17:0e:9a:c9:b4:c2:9d:e8:26:
30:2c:d2:28:32:78:6a:ca:13:2f:46:c9:d3:26:73:62:8e:22:
22:c0:f5:9d:bd:23:f6:6a:b1:ad:f1:07:69:6e:52:32:f5:51:
62:2b:c6:6d:3b:19:e3:5c:79:8b:26:2d:55:fe:eb:dc:f1:c8:
b3:8c:47:ed:1e:ca:01:13:53:d2:dd:3d:88:c4:29:05:95:7f:
db:f4:e3:8b:6c:a0:34:f1:30:74:58:f3:5b:05:a3:d0:57:6e:
eb:4a:85:e7:df:9e:81:f1:7f:dc:d7:26:d1:71:3d:12:8b:c2:
58:43:11:36:f4:5b:b7:9c:9b:6f:e6:bd:86:8e:08:b7:e4:54:
97:15:0e:bf:13:e8:9b:2f:e5:e5:c9:2e:2c:7e:76:76:52:41:
5b:9f:b4:ad:38:7a:ca:ae:12:e1:dd:90:2c:d0:09:24:4c:fe:
14:a1:12:42:f7:c7:98:71:25:34:6f:9e:9e:e2:55:d1:13:40:
f4:bd:2b:2d:d5:d5:1d:ad:b6:41:8c:88:7a:e5:bd:16:69:65:
f8:6d:95:bf:f2:a4:a6:eb:57:fc:a4:b8:08:30:47:d9:fb:b2:
27:bb:3c:2e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjEy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBGNTg4RTlFQzMzN0E4
NzY0ODhDQjI1QTI4MjJCRjdFMzVGOUE4ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVZfgVOhUiCxBLmbxwAl/nwpojs7U5qUamJDht3+GMml21MpG8
QSH4LCyafqtdKFp7LvNvQMiGlJc4blLQpXg1kwNOpsviAKFoCQXnYNDz8cCud96R
Og+9v8P/LPqXDHUKWOJ5oAY3PaoFykXWgK5di370ytBMcOBxAI3Q8zEh8xh/qxEC
ccLpTytoAcYlHnjeSnyfAI3C0iwVCcdRgYHJm4b9j9KW51AusGGDADo/lGoh1oYZ
QPYHxy9ViEK9sjrp1ZxCo9l75WpmaiEoyA0BdJDuQRXieKzuhfbznXFdUhc4tp+k
Nf+vlRmrY9AAuVX1rv+YyD4h/DkPExYiD0Y/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUD1iOnsM3qHZIjLJaKCK/fjX5qIQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0QxaU9uc00zcUhaSWpM
SmFLQ0tfZmpYNXFJUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABbrbm6L3LazTI/Dj9gRINvQNYEclGdxX8On
+BcOmsm0wp3oJjAs0igyeGrKEy9GydMmc2KOIiLA9Z29I/Zqsa3xB2luUjL1UWIr
xm07GeNceYsmLVX+69zxyLOMR+0eygETU9LdPYjEKQWVf9v044tsoDTxMHRY81sF
o9BXbutKheffnoHxf9zXJtFxPRKLwlhDETb0W7ecm2/mvYaOCLfkVJcVDr8T6Jsv
5eXJLix+dnZSQVuftK04esquEuHdkCzQCSRM/hShEkL3x5hxJTRvnp7iVdETQPS9
Ky3V1R2ttkGMiHrlvRZpZfhtlb/ypKbrV/ykuAgwR9n7sie7PC4=
-----END CERTIFICATE-----
Generated at Tue Oct 22 06:32:32 2024 by rpki-client on console-ams.rpki-client.org