Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/DIaHRWA4FYgHMC0g4SlF4rYHDJ0.roa
File: DIaHRWA4FYgHMC0g4SlF4rYHDJ0.roa (raw, json)
Hash identifier: VRndMlt/h9RjtvGurwkk14kdZ4tmTy6WdBVleSzldiQ=
Subject key identifier: 0C:86:87:45:60:38:15:88:07:30:2D:20:E1:29:45:E2:B6:07:0C:9D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08AD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/DIaHRWA4FYgHMC0g4SlF4rYHDJ0.roa
Signing time: Sat 12 Oct 2024 23:55:03 +0000
ROA not before: Sat 12 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2221 (0x8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 12 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0C8687456038158807302D20E12945E2B6070C9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:30:75:db:a8:64:ed:89:26:56:c0:b1:1f:
e8:14:77:ab:0a:a9:16:af:b7:26:90:0c:8a:ac:71:
ec:c2:1c:ad:a5:dd:75:8e:6b:be:1a:54:b8:e4:20:
e4:35:10:eb:99:49:3c:99:8c:3f:4d:65:33:8c:71:
ad:e8:dc:b0:a3:47:f8:28:ef:79:6e:f9:a6:22:ee:
c7:ce:12:27:b9:e6:47:b9:aa:b1:87:32:e8:bc:c3:
46:b0:35:9b:2b:61:53:33:af:e7:e1:fd:71:b0:bb:
7a:02:e3:03:48:7f:ac:af:20:e2:c2:b6:98:7e:5a:
45:a6:08:ad:60:a7:56:e2:c5:d7:29:44:dc:cc:b0:
dd:94:90:61:a7:53:59:05:92:73:62:0b:b7:8c:4b:
50:0b:8b:10:e5:c9:47:06:f0:e2:1e:3e:94:16:61:
4f:26:16:6b:a4:c2:f4:d4:22:16:1f:54:2a:e5:aa:
25:69:97:5c:33:33:ab:2b:7b:4c:39:5c:b5:82:e1:
54:9b:73:1b:8f:52:20:c8:89:13:de:c1:21:9d:d4:
c9:7a:2e:06:22:86:07:ee:b1:e1:42:41:4d:11:7a:
7f:24:9b:25:01:fd:d8:ce:0d:e7:54:43:dd:a0:e3:
ee:c6:fe:a5:12:7d:99:88:44:a2:dd:4d:3d:7f:40:
c7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:86:87:45:60:38:15:88:07:30:2D:20:E1:29:45:E2:B6:07:0C:9D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/DIaHRWA4FYgHMC0g4SlF4rYHDJ0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:14:cc:84:37:ed:51:b7:f2:53:93:80:1e:3d:a3:dd:53:4b:
08:81:4c:14:97:c2:4e:7d:0e:a6:c1:c4:f8:62:34:1f:69:09:
56:aa:b8:0a:d0:d2:55:ea:21:fb:e6:0c:59:4d:2d:10:39:7b:
82:42:9e:e2:ee:05:77:a0:a3:8f:01:cf:03:4f:31:21:7c:dc:
96:49:ab:59:51:2e:6c:aa:64:a8:11:6a:d7:a0:77:e9:b6:2a:
d5:22:73:2c:ac:01:ac:1d:72:eb:7e:6f:67:59:aa:7c:1f:7f:
5d:cc:7f:a2:e1:ce:4e:0b:da:9c:2f:0e:db:22:af:0b:bf:f5:
08:ef:0c:45:e7:aa:a2:4e:80:66:76:5a:8d:c0:13:d7:47:75:
a3:48:5d:ae:c7:db:5f:60:73:df:9c:d3:a1:c7:9b:dd:10:00:
df:d0:4d:b3:b3:96:41:3b:e0:1e:1e:b0:26:aa:08:f4:ec:fd:
b8:b9:29:39:93:a6:49:18:d2:df:46:6d:80:f3:6d:cd:e1:04:
06:2c:32:4a:28:c4:93:a1:50:20:42:ae:8d:e0:cc:16:ab:99:
4c:f7:60:5c:f5:b8:73:24:30:42:29:a6:09:97:f2:f1:8f:8c:
1e:06:8b:28:b6:b1:3e:df:e7:04:b3:46:2a:9b:7a:ba:1a:68:
75:15:d1:bf
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBDODY4NzQ1NjAzODE1
ODgwNzMwMkQyMEUxMjk0NUUyQjYwNzBDOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuvDB126hk7YkmVsCxH+gUd6sKqRavtyaQDIqscezCHK2l3XWO
a74aVLjkIOQ1EOuZSTyZjD9NZTOMca3o3LCjR/go73lu+aYi7sfOEie55ke5qrGH
Mui8w0awNZsrYVMzr+fh/XGwu3oC4wNIf6yvIOLCtph+WkWmCK1gp1bixdcpRNzM
sN2UkGGnU1kFknNiC7eMS1ALixDlyUcG8OIePpQWYU8mFmukwvTUIhYfVCrlqiVp
l1wzM6sre0w5XLWC4VSbcxuPUiDIiRPewSGd1Ml6LgYihgfuseFCQU0Ren8kmyUB
/djODedUQ92g4+7G/qUSfZmIRKLdTT1/QMfdAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUDIaHRWA4FYgHMC0g4SlF4rYHDJ0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0RJYUhSV0E0RllnSE1D
MGc0U2xGNHJZSERKMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAB4UzIQ37VG38lOTgB49o91TSwiBTBSXwk59
DqbBxPhiNB9pCVaquArQ0lXqIfvmDFlNLRA5e4JCnuLuBXego48BzwNPMSF83JZJ
q1lRLmyqZKgRategd+m2KtUicyysAawdcut+b2dZqnwff13Mf6Lhzk4L2pwvDtsi
rwu/9QjvDEXnqqJOgGZ2Wo3AE9dHdaNIXa7H219gc9+c06HHm90QAN/QTbOzlkE7
4B4esCaqCPTs/bi5KTmTpkkY0t9GbYDzbc3hBAYsMkooxJOhUCBCro3gzBarmUz3
YFz1uHMkMEIppgmX8vGPjB4Giyi2sT7f5wSzRiqberoaaHUV0b8=
-----END CERTIFICATE-----
Generated at Sun Oct 13 09:11:21 2024 by rpki-client on console-ams.rpki-client.org