Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/HvIoZvkxPINGup0KBfp6WQJsp1M.roa
File: HvIoZvkxPINGup0KBfp6WQJsp1M.roa (raw, json)
Hash identifier: Sa0I/Kyf2VG+8+Qgo7ZnyV5UyANbjjHEbgbQ//aGoeA=
Subject key identifier: 1E:F2:28:66:F9:31:3C:83:46:BA:9D:0A:05:FA:7A:59:02:6C:A7:53
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0706
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HvIoZvkxPINGup0KBfp6WQJsp1M.roa
Signing time: Mon 26 Aug 2024 23:55:03 +0000
ROA not before: Mon 26 Aug 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1798 (0x706)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 26 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1EF22866F9313C8346BA9D0A05FA7A59026CA753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:0b:55:03:76:fb:8c:01:7b:94:ca:6d:b3:
d6:ba:64:00:6d:ee:17:93:e2:59:76:78:b0:20:89:
0f:cd:63:03:2f:bf:52:48:c9:5e:a7:76:8b:3b:74:
40:3d:f1:22:61:c0:a7:a5:9b:43:20:ce:aa:db:9f:
e5:93:47:ee:15:64:86:a7:52:cd:76:e7:dd:d1:a1:
aa:cf:23:ad:78:21:11:6a:e9:b5:5a:7e:ef:af:af:
6f:8e:1a:dd:e0:71:65:36:94:af:3b:78:6f:95:0d:
72:61:f5:e6:38:2f:fa:03:dc:95:55:3f:e8:bc:d2:
a4:42:8b:d5:6c:db:0a:a4:aa:bb:e5:f0:ae:e8:cd:
51:4a:25:25:10:33:52:a7:b2:21:40:1e:98:c0:cb:
c7:e1:2e:92:0c:44:84:c5:19:ae:6a:c2:6b:82:18:
36:4f:a7:7c:38:c3:44:96:d7:f1:ef:46:1c:30:74:
4a:37:27:e9:7d:65:77:62:4a:47:be:93:13:31:5b:
4c:7b:ca:5b:6e:d8:43:6e:a5:e8:b9:04:dc:b1:89:
fe:62:cb:a0:bc:c9:20:0a:bb:99:1d:e8:be:67:36:
2a:f7:67:76:9f:51:77:6d:be:d0:59:5a:0e:86:e1:
5a:bd:e2:67:b2:df:76:99:c2:60:09:84:a6:82:05:
f9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F2:28:66:F9:31:3C:83:46:BA:9D:0A:05:FA:7A:59:02:6C:A7:53
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HvIoZvkxPINGup0KBfp6WQJsp1M.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f1:d4:da:85:e8:79:aa:75:86:01:9d:88:04:d0:3b:71:62:
4e:74:4f:52:70:19:54:e6:bc:ef:02:08:1c:31:9a:5b:74:47:
15:34:bc:dd:c8:77:c5:24:00:26:3a:a6:3f:7f:a5:10:32:94:
f9:11:c5:76:6a:04:fe:aa:57:84:13:e4:46:85:4f:19:bd:6e:
fa:28:3f:c0:50:db:b3:f1:71:a1:cb:0e:c1:ac:f3:8e:f6:37:
4b:0b:c6:e7:fe:28:0d:09:b6:e2:2f:f8:2d:5d:e3:33:4c:2a:
e6:17:dc:16:37:fb:10:84:ad:6f:0c:ac:df:bc:4e:60:a8:e3:
a6:c8:cf:66:46:a6:23:56:30:72:0b:62:d6:c4:c4:2f:53:10:
cf:aa:e5:ac:88:bc:3c:23:d9:64:16:53:e8:75:6d:a7:7b:d0:
db:22:22:90:d0:75:fe:e2:94:52:63:72:35:a9:7a:cd:58:02:
c3:f1:d3:2f:08:58:45:67:42:37:ad:ea:46:88:32:ba:e2:50:
b5:45:bf:d0:54:7f:6c:3a:52:b1:98:10:b4:02:b0:6d:45:e3:
33:af:57:aa:13:96:7f:44:e3:7b:2b:91:14:95:4e:56:a3:12:
2a:47:f7:e4:86:05:e3:23:d4:47:53:38:fb:b1:92:ea:ca:e9:
2e:5f:9d:27
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBwYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjYy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFFRjIyODY2RjkzMTND
ODM0NkJBOUQwQTA1RkE3QTU5MDI2Q0E3NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDqAtVA3b7jAF7lMpts9a6ZABt7heT4ll2eLAgiQ/NYwMvv1JI
yV6ndos7dEA98SJhwKelm0Mgzqrbn+WTR+4VZIanUs12593RoarPI614IRFq6bVa
fu+vr2+OGt3gcWU2lK87eG+VDXJh9eY4L/oD3JVVP+i80qRCi9Vs2wqkqrvl8K7o
zVFKJSUQM1KnsiFAHpjAy8fhLpIMRITFGa5qwmuCGDZPp3w4w0SW1/HvRhwwdEo3
J+l9ZXdiSke+kxMxW0x7yltu2ENupei5BNyxif5iy6C8ySAKu5kd6L5nNir3Z3af
UXdtvtBZWg6G4Vq94mey33aZwmAJhKaCBfkTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUHvIoZvkxPINGup0KBfp6WQJsp1MwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0h2SW9admt4UElOR3Vw
MEtCZnA2V1FKc3AxTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACbx1NqF6HmqdYYBnYgE0DtxYk50T1JwGVTm
vO8CCBwxmlt0RxU0vN3Id8UkACY6pj9/pRAylPkRxXZqBP6qV4QT5EaFTxm9bvoo
P8BQ27PxcaHLDsGs8472N0sLxuf+KA0JtuIv+C1d4zNMKuYX3BY3+xCErW8MrN+8
TmCo46bIz2ZGpiNWMHILYtbExC9TEM+q5ayIvDwj2WQWU+h1bad70NsiIpDQdf7i
lFJjcjWpes1YAsPx0y8IWEVnQjet6kaIMrriULVFv9BUf2w6UrGYELQCsG1F4zOv
V6oTln9E43srkRSVTlajEipH9+SGBeMj1EdTOPuxkurK6S5fnSc=
-----END CERTIFICATE-----
Generated at Tue Aug 27 06:11:48 2024 by rpki-client on console-fra.rpki-client.org