Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/HXme650ovDpB9g1Fuc4s9xmm9dg.roa
File: HXme650ovDpB9g1Fuc4s9xmm9dg.roa (raw, json)
Hash identifier: Hlg/aCgrXBpoXv06hYEPTfBfM2ip+Q6wAPR6KOg29aE=
Subject key identifier: 1D:79:9E:EB:9D:28:BC:3A:41:F6:0D:45:B9:CE:2C:F7:19:A6:F5:D8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09C2
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HXme650ovDpB9g1Fuc4s9xmm9dg.roa
Signing time: Tue 12 Nov 2024 15:55:03 +0000
ROA not before: Tue 12 Nov 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2498 (0x9c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 12 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1D799EEB9D28BC3A41F60D45B9CE2CF719A6F5D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cc:d3:5c:22:ae:04:6b:05:5b:84:5a:6e:ee:
3a:49:4d:47:c7:62:02:72:cf:e8:62:b4:e0:66:10:
56:ec:2f:df:e0:fc:79:5e:27:2e:c2:18:e3:bb:c2:
76:ce:79:b4:8c:16:c0:f1:14:51:8d:1c:67:c2:ec:
06:a7:ab:a6:f6:91:6d:f1:36:ae:54:db:17:43:16:
81:4b:3c:e3:3f:35:df:97:19:ee:ce:1b:ee:d6:7f:
e4:97:a5:4c:b1:8d:d4:d4:75:e7:0b:e4:8d:bf:a2:
c0:9a:82:87:84:cf:ff:eb:de:b1:5d:63:4b:40:c9:
73:aa:47:62:c8:95:10:dd:ee:94:bd:8b:bf:43:9a:
46:cc:e7:98:f5:75:14:bd:d7:92:67:fb:ca:35:44:
78:d1:a3:56:7c:12:40:74:b7:61:d1:8e:7d:5c:73:
bb:fd:12:b9:aa:6a:46:82:b7:7f:85:de:7f:61:25:
4b:35:27:dd:1c:06:c4:03:08:93:a4:da:79:23:06:
5c:50:e2:2c:b7:29:83:d8:49:fe:cb:b2:53:be:d0:
ae:52:38:55:59:ff:c6:96:1e:5e:05:b1:6c:0e:d1:
e5:5d:a4:b3:b8:b8:62:3f:34:28:c1:76:82:eb:48:
96:23:1c:71:67:ed:48:d1:31:cb:5f:d1:ef:bb:69:
5d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:79:9E:EB:9D:28:BC:3A:41:F6:0D:45:B9:CE:2C:F7:19:A6:F5:D8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HXme650ovDpB9g1Fuc4s9xmm9dg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
97:2c:57:69:53:f3:0b:fd:70:8c:17:0b:07:20:c8:b6:0e:7a:
9c:e5:07:fe:d1:b2:24:cc:83:7a:39:c7:e5:a6:cf:a3:eb:9c:
60:ea:19:64:e3:39:d8:dd:c6:a4:61:ea:9e:46:87:6f:59:02:
d7:98:74:ac:c1:42:5a:da:0c:5f:35:bd:32:3d:19:52:de:41:
f2:5f:c6:07:1f:8a:d2:0b:35:b4:57:84:f6:1f:32:f3:c7:5f:
56:b1:83:1b:8b:3e:13:f6:d1:3e:64:29:30:b4:87:c6:7e:e0:
be:2e:4f:54:2e:4f:f0:50:3f:fb:55:d8:e6:38:bb:b0:da:03:
c5:a3:a9:b6:fe:05:36:b6:30:06:9b:c6:78:7d:59:a3:0e:53:
1f:5a:ff:13:17:f8:68:db:4a:e4:62:c5:67:9e:a4:30:78:1d:
fc:3b:2a:c8:1c:77:02:dc:0f:fe:81:7a:7c:fa:ff:33:ea:a6:
ea:73:db:da:f9:a8:70:ee:bc:b7:53:4c:b8:25:67:69:bd:c5:
74:78:28:7c:43:e0:14:fa:11:89:89:5e:d6:92:57:e2:ee:a6:
77:0c:90:29:5d:4f:72:98:ef:9b:b5:f1:d7:56:ba:f3:d9:cb:
19:9e:1b:c0:2c:34:35:32:6f:67:b8:bc:83:f2:0d:47:c7:c4:
13:d4:f8:4b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFENzk5RUVCOUQyOEJD
M0E0MUY2MEQ0NUI5Q0UyQ0Y3MTlBNkY1RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjzNNcIq4EawVbhFpu7jpJTUfHYgJyz+hitOBmEFbsL9/g/Hle
Jy7CGOO7wnbOebSMFsDxFFGNHGfC7Aanq6b2kW3xNq5U2xdDFoFLPOM/Nd+XGe7O
G+7Wf+SXpUyxjdTUdecL5I2/osCagoeEz//r3rFdY0tAyXOqR2LIlRDd7pS9i79D
mkbM55j1dRS915Jn+8o1RHjRo1Z8EkB0t2HRjn1cc7v9ErmqakaCt3+F3n9hJUs1
J90cBsQDCJOk2nkjBlxQ4iy3KYPYSf7LslO+0K5SOFVZ/8aWHl4FsWwO0eVdpLO4
uGI/NCjBdoLrSJYjHHFn7UjRMctf0e+7aV1xAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUHXme650ovDpB9g1Fuc4s9xmm9dgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0hYbWU2NTBvdkRwQjln
MUZ1YzRzOXhtbTlkZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJcsV2lT8wv9cIwXCwcgyLYOepzlB/7RsiTM
g3o5x+Wmz6PrnGDqGWTjOdjdxqRh6p5Gh29ZAteYdKzBQlraDF81vTI9GVLeQfJf
xgcfitILNbRXhPYfMvPHX1axgxuLPhP20T5kKTC0h8Z+4L4uT1QuT/BQP/tV2OY4
u7DaA8Wjqbb+BTa2MAabxnh9WaMOUx9a/xMX+GjbSuRixWeepDB4Hfw7KsgcdwLc
D/6Benz6/zPqpupz29r5qHDuvLdTTLglZ2m9xXR4KHxD4BT6EYmJXtaSV+LupncM
kCldT3KY75u18ddWuvPZyxmeG8AsNDUyb2e4vIPyDUfHxBPU+Es=
-----END CERTIFICATE-----
Generated at Tue Nov 12 20:49:34 2024 by rpki-client on console-fra.rpki-client.org