Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/H10JXBRMqi8F8av7XkyfNZBfLMw.roa
File: H10JXBRMqi8F8av7XkyfNZBfLMw.roa (raw, json)
Hash identifier: gtjFOPqo0/xOSlWzMt+f/my9DsSo685V3OnUD7mDuI8=
Subject key identifier: 1F:5D:09:5C:14:4C:AA:2F:05:F1:AB:FB:5E:4C:9F:35:90:5F:2C:CC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 073C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/H10JXBRMqi8F8av7XkyfNZBfLMw.roa
Signing time: Sun 01 Sep 2024 23:55:03 +0000
ROA not before: Sun 01 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1852 (0x73c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 1 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1F5D095C144CAA2F05F1ABFB5E4C9F35905F2CCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:20:fb:86:57:45:ec:3f:5c:e6:d8:88:38:c9:
1a:80:3d:32:33:98:b8:c5:57:55:37:b2:79:30:f2:
1c:9e:09:31:61:8e:8f:43:e4:70:f9:1c:c1:a1:8b:
31:9f:6e:e4:a6:77:d5:e4:c3:0f:3d:da:b4:ec:10:
0e:7b:ec:d6:04:47:09:c5:c8:3e:86:c6:68:16:d3:
0d:8e:70:d8:ab:26:b3:d1:c3:a2:66:3d:21:70:03:
ef:71:ba:5b:2a:11:3b:e7:f2:fa:93:21:4c:51:51:
18:8c:14:6f:0c:83:b5:f4:26:90:99:a0:72:f4:65:
61:76:86:1b:96:82:21:88:f7:3b:55:f4:3d:96:3b:
a4:5b:a5:ea:0a:b0:38:2b:5c:4a:90:4e:04:d8:fa:
33:e0:1f:ee:ed:96:9d:d1:3c:5b:e4:77:7e:1b:24:
0f:57:c2:c5:fd:0f:1e:03:e3:af:6b:03:ba:f1:b7:
ab:b4:c6:02:6f:af:d4:4c:76:96:52:7b:a6:37:d3:
ef:d5:57:3c:e1:d4:56:f3:fc:e1:e6:2f:df:f1:e8:
3d:71:c3:8b:88:7b:12:f5:a9:4b:a8:02:6e:da:cd:
43:f1:74:57:16:e6:6c:ca:a0:20:e6:98:bb:d6:73:
42:00:92:07:b6:9a:c9:0d:f5:44:8c:23:40:86:62:
b9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5D:09:5C:14:4C:AA:2F:05:F1:AB:FB:5E:4C:9F:35:90:5F:2C:CC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/H10JXBRMqi8F8av7XkyfNZBfLMw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:94:b9:e7:ff:31:0c:13:4e:f7:33:2d:95:8b:2f:ec:be:e8:
67:35:9b:99:77:df:2f:56:20:b2:52:5c:32:b7:71:e6:1c:e1:
f7:ad:26:2a:ed:3f:1c:11:08:cb:da:1d:c9:10:10:29:18:fa:
9b:6e:49:c2:e1:8f:39:af:7a:87:f5:77:5c:c8:97:87:94:a6:
31:e5:1e:e7:5e:09:48:5f:25:2d:20:34:38:c8:81:e4:bd:3f:
99:45:ec:53:39:9b:4e:9c:c8:dd:b7:f2:8c:dc:da:08:10:0e:
d9:ed:86:41:75:eb:83:d2:c0:4c:d9:4b:12:1a:b6:0a:32:06:
fa:88:b4:7b:7f:15:fd:07:51:a8:82:2f:26:7e:12:41:35:1c:
aa:d8:96:b5:89:0c:3d:e1:57:7f:e5:8b:b7:33:ea:f4:bc:a4:
a5:b2:c4:84:79:4f:fc:d6:39:9c:ba:f4:e6:ed:e5:de:ef:08:
a0:f7:47:d3:bc:51:44:94:16:fd:88:62:e0:13:46:dd:76:bb:
28:72:bd:d5:40:f2:6f:e0:eb:ce:35:df:38:93:22:b4:7d:48:
f3:e3:75:1d:ae:ed:7a:cf:7c:fa:aa:57:0b:e2:5f:44:6d:34:
0b:39:81:92:6d:fb:20:bf:9f:dc:db:69:3c:d4:5c:9a:4c:4c:
70:63:46:55
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBzwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDEy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFGNUQwOTVDMTQ0Q0FB
MkYwNUYxQUJGQjVFNEM5RjM1OTA1RjJDQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXIPuGV0XsP1zm2Ig4yRqAPTIzmLjFV1U3snkw8hyeCTFhjo9D
5HD5HMGhizGfbuSmd9Xkww892rTsEA577NYERwnFyD6GxmgW0w2OcNirJrPRw6Jm
PSFwA+9xulsqETvn8vqTIUxRURiMFG8Mg7X0JpCZoHL0ZWF2hhuWgiGI9ztV9D2W
O6RbpeoKsDgrXEqQTgTY+jPgH+7tlp3RPFvkd34bJA9XwsX9Dx4D469rA7rxt6u0
xgJvr9RMdpZSe6Y30+/VVzzh1Fbz/OHmL9/x6D1xw4uIexL1qUuoAm7azUPxdFcW
5mzKoCDmmLvWc0IAkge2mskN9USMI0CGYrmXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUH10JXBRMqi8F8av7XkyfNZBfLMwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0gxMEpYQlJNcWk4Rjhh
djdYa3lmTlpCZkxNdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALeUuef/MQwTTvczLZWLL+y+6Gc1m5l33y9W
ILJSXDK3ceYc4fetJirtPxwRCMvaHckQECkY+ptuScLhjzmveof1d1zIl4eUpjHl
HudeCUhfJS0gNDjIgeS9P5lF7FM5m06cyN238ozc2ggQDtnthkF164PSwEzZSxIa
tgoyBvqItHt/Ff0HUaiCLyZ+EkE1HKrYlrWJDD3hV3/li7cz6vS8pKWyxIR5T/zW
OZy69Obt5d7vCKD3R9O8UUSUFv2IYuATRt12uyhyvdVA8m/g68413ziTIrR9SPPj
dR2u7XrPfPqqVwviX0RtNAs5gZJt+yC/n9zbaTzUXJpMTHBjRlU=
-----END CERTIFICATE-----
Generated at Mon Sep 2 04:51:36 2024 by rpki-client on console-fra.rpki-client.org