Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/HF2kiQMgNUEXRi8_31PAJpKqemY.roa
File: HF2kiQMgNUEXRi8_31PAJpKqemY.roa (raw, json)
Hash identifier: HpNuY4n4AOTmz/8IgUf6GFo8mUFy7lA2fPIH9tkIQPg=
Subject key identifier: 1C:5D:A4:89:03:20:35:41:17:46:2F:3F:DF:53:C0:26:92:AA:7A:66
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A16
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HF2kiQMgNUEXRi8_31PAJpKqemY.roa
Signing time: Thu 21 Nov 2024 23:55:02 +0000
ROA not before: Thu 21 Nov 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2582 (0xa16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 21 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1C5DA4890320354117462F3FDF53C02692AA7A66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:60:cc:27:82:d7:b2:86:5b:4b:fa:36:36:ba:
4e:ce:fa:87:10:47:19:05:26:e3:1d:56:7d:74:40:
f0:8f:fb:60:45:4e:f9:a1:1c:4f:cb:fa:ea:10:e7:
8d:e1:2b:7c:ea:c9:ec:37:75:b8:95:a1:15:39:4a:
17:d2:92:e5:94:30:24:ae:03:8c:7a:e0:51:e3:3d:
4a:b3:bf:ae:62:3a:db:fc:50:2e:de:48:0a:41:98:
62:4a:74:f5:84:05:ce:f4:2b:3a:c4:79:4f:cd:2a:
a0:e0:48:bf:c5:1d:3a:9f:24:36:27:da:41:07:cc:
c9:5e:23:cf:98:36:7b:bd:5f:eb:47:59:3e:05:9d:
b6:7f:af:f7:05:f3:29:e9:48:db:5b:f3:86:86:77:
f4:50:41:b9:58:ac:ea:96:eb:19:7b:25:4b:0f:7f:
22:17:83:50:14:c7:04:83:55:42:ee:1c:73:7b:c5:
d7:27:df:d6:66:88:af:6c:c7:a6:65:4b:cc:09:4d:
8e:a9:49:1f:da:fe:0f:ca:9e:c4:24:f9:0a:7d:46:
3f:ea:48:de:21:f3:26:54:50:98:95:0d:be:5f:84:
d5:9d:ea:f0:10:bd:b3:97:af:db:71:ff:07:6d:c2:
ff:e1:97:90:9f:68:4d:6b:16:26:4a:2b:fc:46:cb:
74:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5D:A4:89:03:20:35:41:17:46:2F:3F:DF:53:C0:26:92:AA:7A:66
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HF2kiQMgNUEXRi8_31PAJpKqemY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
30:1d:a6:1c:8b:f0:ca:68:d7:bb:7f:24:78:d4:cf:2b:4f:a5:
dd:c0:5c:68:7f:9f:ef:3d:c0:83:e8:8d:77:20:d9:4b:8d:ab:
bf:05:ad:19:0a:be:59:33:3b:23:72:fd:c1:d9:b2:af:36:e0:
56:08:c0:46:9d:60:d3:94:16:bc:1d:f3:eb:8f:09:09:f2:ac:
06:c0:ad:d6:56:f1:cc:4e:d9:f9:77:db:09:21:4a:ab:73:dc:
dc:77:43:85:65:5c:c9:32:c9:b7:1f:eb:c4:72:38:60:a0:6c:
d5:42:9d:49:1f:65:9f:ee:96:44:01:95:4a:fd:74:39:26:19:
87:7e:c6:97:df:93:cb:55:16:a0:81:6f:eb:c8:74:de:be:91:
1c:8f:11:27:43:48:ae:d1:5a:09:72:09:3a:e0:6f:82:b8:b8:
8c:b2:6d:2d:45:09:c8:a4:88:ac:59:96:43:3c:72:e6:9c:ba:
93:b0:9e:b0:78:e7:af:73:95:9f:b2:93:8f:da:40:bf:e9:ad:
ea:59:68:5d:12:54:10:40:05:dd:80:01:7c:13:da:64:5b:8f:
17:b7:ea:f3:63:62:be:b8:4e:5b:25:50:9c:15:e0:5c:ea:ec:
29:b3:64:e4:2c:2a:4f:a1:fb:22:6e:db:33:02:18:d9:e2:e8:
5b:78:08:69
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICChYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjEy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFDNURBNDg5MDMyMDM1
NDExNzQ2MkYzRkRGNTNDMDI2OTJBQTdBNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoYMwngteyhltL+jY2uk7O+ocQRxkFJuMdVn10QPCP+2BFTvmh
HE/L+uoQ543hK3zqyew3dbiVoRU5ShfSkuWUMCSuA4x64FHjPUqzv65iOtv8UC7e
SApBmGJKdPWEBc70KzrEeU/NKqDgSL/FHTqfJDYn2kEHzMleI8+YNnu9X+tHWT4F
nbZ/r/cF8ynpSNtb84aGd/RQQblYrOqW6xl7JUsPfyIXg1AUxwSDVULuHHN7xdcn
39ZmiK9sx6ZlS8wJTY6pSR/a/g/KnsQk+Qp9Rj/qSN4h8yZUUJiVDb5fhNWd6vAQ
vbOXr9tx/wdtwv/hl5CfaE1rFiZKK/xGy3SDAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUHF2kiQMgNUEXRi8/31PAJpKqemYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0hGMmtpUU1nTlVFWFJp
OF8zMVBBSnBLcWVtWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADAdphyL8Mpo17t/JHjUzytPpd3AXGh/n+89
wIPojXcg2UuNq78FrRkKvlkzOyNy/cHZsq824FYIwEadYNOUFrwd8+uPCQnyrAbA
rdZW8cxO2fl32wkhSqtz3Nx3Q4VlXMkyybcf68RyOGCgbNVCnUkfZZ/ulkQBlUr9
dDkmGYd+xpffk8tVFqCBb+vIdN6+kRyPESdDSK7RWglyCTrgb4K4uIyybS1FCcik
iKxZlkM8cuacupOwnrB4569zlZ+yk4/aQL/prepZaF0SVBBABd2AAXwT2mRbjxe3
6vNjYr64TlslUJwV4Fzq7CmzZOQsKk+h+yJu2zMCGNni6Ft4CGk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:53:47 2024 by rpki-client on console-fra.rpki-client.org