Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/D8hZJZePgaDu52s89B4GySR4YWk.roa
File: D8hZJZePgaDu52s89B4GySR4YWk.roa (raw, json)
Hash identifier: ZiA2YAbz4pYLdX3AvvC2bwjHijaUz1r/KYGGGg1Wb2A=
Subject key identifier: 0F:C8:59:25:97:8F:81:A0:EE:E7:6B:3C:F4:1E:06:C9:24:78:61:69
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 04AB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D8hZJZePgaDu52s89B4GySR4YWk.roa
Signing time: Thu 20 Jun 2024 23:55:03 +0000
ROA not before: Thu 20 Jun 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1195 (0x4ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 20 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0FC85925978F81A0EEE76B3CF41E06C924786169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:35:dc:ac:81:c0:04:4d:c1:0e:1e:a6:b7:21:
93:26:7b:7d:77:d1:97:bb:73:d3:90:8a:fd:76:6b:
06:bf:a6:08:21:0c:1c:04:94:4f:f1:c9:e9:16:2f:
55:d7:b5:68:0c:72:07:0e:f2:1f:96:34:55:9a:ce:
38:79:a8:d2:5c:f9:62:14:09:16:3d:64:b3:af:f0:
ae:28:ec:9e:06:6f:ae:f9:7d:83:32:d8:29:a3:7c:
11:ff:6a:69:6b:a1:6a:4f:29:65:79:dc:ae:19:1e:
e6:5c:ed:b6:ad:fe:7f:c8:bb:47:2c:5e:98:de:f2:
bf:16:8e:3b:81:42:db:e7:0b:04:7d:b7:ee:a8:b1:
46:0b:a3:3f:37:dc:74:2c:ac:82:15:de:cc:8d:57:
6d:52:c1:9e:37:df:5f:31:86:48:f5:72:bf:e4:4c:
af:33:ac:c4:30:aa:f3:f2:0d:2e:d7:86:d6:2e:8a:
cc:2c:53:04:5f:a5:60:cb:c7:3d:d3:e0:d9:7a:43:
f5:f8:b2:fe:2d:55:a9:31:27:1d:63:67:cd:56:5c:
fc:a9:67:14:b5:20:c9:ec:fe:ce:73:25:fa:02:3f:
b1:73:7b:af:4f:ea:23:3c:3e:c5:95:49:14:e1:f8:
05:1f:c2:a6:ce:cb:90:72:5a:f2:86:d7:79:ee:ec:
ac:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C8:59:25:97:8F:81:A0:EE:E7:6B:3C:F4:1E:06:C9:24:78:61:69
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D8hZJZePgaDu52s89B4GySR4YWk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:74:eb:49:f7:f8:fc:d7:bc:97:3f:41:10:b5:b6:91:4f:75:
36:50:f4:4d:47:94:ae:a0:09:f8:6d:df:9d:9e:49:4b:e7:59:
7d:8e:72:ef:4a:61:a3:38:d0:f1:2a:7a:84:61:af:d8:cc:c4:
d8:41:bc:cf:4a:e3:e1:34:57:92:43:4e:2f:3a:e7:59:71:11:
9d:aa:ca:eb:25:31:00:c1:a1:f6:84:f9:b7:29:77:6d:58:65:
f2:92:40:3c:8b:85:cc:f8:7b:e9:48:b3:81:0a:3f:da:c5:8f:
b2:0a:b5:a5:08:65:1c:1a:2a:a7:7d:b6:8d:91:a6:da:61:22:
fb:d6:e3:71:f1:cf:f1:c3:48:57:c4:ba:bd:0f:27:4d:ef:87:
2c:a7:fd:c5:5a:5c:62:c9:27:bc:5f:f6:c4:bd:74:15:f2:1f:
9c:43:40:02:aa:a3:81:91:fe:a9:c0:08:e0:8e:4a:39:57:e4:
74:c1:4e:52:20:73:f7:a6:bc:ea:dc:77:9e:45:d5:91:4b:e9:
54:81:cc:5f:42:f3:17:f1:68:a0:ba:2c:c6:d7:b2:95:59:e8:
d8:c3:e3:b9:d8:7c:fa:20:e3:55:35:97:8c:cd:8e:4b:93:17:
a0:fd:2c:34:2c:44:b4:5e:42:0c:b6:ba:9e:8c:d7:5b:5a:05:
8b:f7:e9:ba
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MjAy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBGQzg1OTI1OTc4Rjgx
QTBFRUU3NkIzQ0Y0MUUwNkM5MjQ3ODYxNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeNdysgcAETcEOHqa3IZMme3130Ze7c9OQiv12awa/pgghDBwE
lE/xyekWL1XXtWgMcgcO8h+WNFWazjh5qNJc+WIUCRY9ZLOv8K4o7J4Gb675fYMy
2CmjfBH/amlroWpPKWV53K4ZHuZc7bat/n/Iu0csXpje8r8WjjuBQtvnCwR9t+6o
sUYLoz833HQsrIIV3syNV21SwZ43318xhkj1cr/kTK8zrMQwqvPyDS7XhtYuisws
UwRfpWDLxz3T4Nl6Q/X4sv4tVakxJx1jZ81WXPypZxS1IMns/s5zJfoCP7Fze69P
6iM8PsWVSRTh+AUfwqbOy5ByWvKG13nu7KxZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUD8hZJZePgaDu52s89B4GySR4YWkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0Q4aFpKWmVQZ2FEdTUy
czg5QjRHeVNSNFlXay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKd060n3+PzXvJc/QRC1tpFPdTZQ9E1HlK6g
Cfht352eSUvnWX2Ocu9KYaM40PEqeoRhr9jMxNhBvM9K4+E0V5JDTi8651lxEZ2q
yuslMQDBofaE+bcpd21YZfKSQDyLhcz4e+lIs4EKP9rFj7IKtaUIZRwaKqd9to2R
ptphIvvW43Hxz/HDSFfEur0PJ03vhyyn/cVaXGLJJ7xf9sS9dBXyH5xDQAKqo4GR
/qnACOCOSjlX5HTBTlIgc/emvOrcd55F1ZFL6VSBzF9C8xfxaKC6LMbXspVZ6NjD
47nYfPog41U1l4zNjkuTF6D9LDQsRLReQgy2up6M11taBYv36bo=
-----END CERTIFICATE-----
Generated at Fri Jun 21 06:43:18 2024 by rpki-client on console-fra.rpki-client.org