Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ILx9DrEQpej49pWRTSB3SLA8m78.roa
File: ILx9DrEQpej49pWRTSB3SLA8m78.roa (raw, json)
Hash identifier: 3jMg7/ZptEDReT21AR3/cqB5kQM8yaPkYg6vTBEamN0=
Subject key identifier: 20:BC:7D:0E:B1:10:A5:E8:F8:F6:95:91:4D:20:77:48:B0:3C:9B:BF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 098F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ILx9DrEQpej49pWRTSB3SLA8m78.roa
Signing time: Wed 06 Nov 2024 23:55:02 +0000
ROA not before: Wed 06 Nov 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2447 (0x98f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 6 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20BC7D0EB110A5E8F8F695914D207748B03C9BBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cf:80:8c:7c:68:81:51:47:2c:40:57:8f:fd:
37:42:20:39:74:df:a1:9d:55:22:ac:06:3a:95:ab:
06:f4:d3:e6:93:ef:dc:02:81:26:a4:a7:ca:56:28:
dc:c2:81:43:26:b5:da:81:7d:69:5c:8e:ac:95:10:
a0:87:82:4e:50:1b:36:a6:39:f8:95:ff:c7:a9:52:
4c:69:4b:a3:57:ea:99:30:fe:9b:dc:36:4d:aa:9d:
13:47:00:00:9b:c3:82:c5:e5:dd:97:ac:69:62:8b:
74:10:24:65:b7:5b:7e:fc:42:26:62:56:63:08:c2:
22:ba:54:01:e4:b7:9c:6c:b1:03:f8:44:23:80:48:
2d:51:43:9f:81:cf:ec:82:32:8b:83:f2:f7:ed:4b:
3b:a5:30:ff:90:24:e0:cd:a8:a8:94:ec:45:39:10:
23:71:12:66:39:7f:d7:f0:1b:d4:3b:c8:ad:d1:8a:
a8:2b:db:46:af:94:43:ae:95:4b:c8:8f:0e:91:c5:
cf:ab:a6:e0:bc:8a:6d:69:fc:e3:a4:0f:a9:45:77:
66:d0:f6:d5:42:c9:3f:74:ae:5e:ee:4d:8b:b9:34:
23:6c:d2:12:15:bc:07:20:0e:57:68:3c:69:63:1e:
c8:38:e3:86:48:f0:f5:24:b0:db:b6:29:4b:9f:aa:
03:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BC:7D:0E:B1:10:A5:E8:F8:F6:95:91:4D:20:77:48:B0:3C:9B:BF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ILx9DrEQpej49pWRTSB3SLA8m78.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
89:00:15:e9:d3:77:8a:b8:78:26:b0:ee:5b:59:9c:a4:26:88:
c9:90:cc:68:c5:4e:fa:ea:18:c8:c4:cf:b8:10:2a:c4:1a:d5:
4d:b0:b4:c7:e5:13:b4:d8:d0:61:55:78:f1:3c:04:f9:bc:56:
d8:6d:9e:f3:0f:a2:d2:7c:93:37:14:7d:54:b6:97:6e:d0:27:
75:3f:e5:3d:14:19:de:25:99:fb:8b:cc:14:ea:e3:ee:9d:bb:
f7:6e:c2:0a:0c:86:70:f6:ad:98:07:11:ff:49:25:30:d6:66:
2a:42:ba:0c:01:82:b8:52:d6:f8:d7:5a:ce:8d:31:e4:f2:30:
75:d8:98:57:29:65:05:ae:e0:20:57:bc:50:59:2c:45:b2:2a:
b7:1a:33:8a:1d:06:61:9b:fe:6d:f1:c8:89:ad:3e:93:ed:be:
7b:30:ef:94:7c:c4:cd:3f:3b:be:4c:35:ab:94:49:d8:36:7b:
df:f9:d1:96:48:37:06:c9:c5:ba:11:9c:3e:9f:02:07:c7:6d:
a1:a2:42:a7:5b:ca:54:98:55:51:05:15:26:83:a4:a7:63:05:
1a:41:02:ec:37:1f:2c:9c:81:4b:b4:c3:a5:e9:75:13:9d:29:
cc:a9:68:d4:b0:23:0a:de:5d:04:40:07:ea:61:b4:4a:36:12:
d7:37:bb:5b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDYy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIwQkM3RDBFQjExMEE1
RThGOEY2OTU5MTREMjA3NzQ4QjAzQzlCQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGz4CMfGiBUUcsQFeP/TdCIDl036GdVSKsBjqVqwb00+aT79wC
gSakp8pWKNzCgUMmtdqBfWlcjqyVEKCHgk5QGzamOfiV/8epUkxpS6NX6pkw/pvc
Nk2qnRNHAACbw4LF5d2XrGlii3QQJGW3W378QiZiVmMIwiK6VAHkt5xssQP4RCOA
SC1RQ5+Bz+yCMouD8vftSzulMP+QJODNqKiU7EU5ECNxEmY5f9fwG9Q7yK3Riqgr
20avlEOulUvIjw6Rxc+rpuC8im1p/OOkD6lFd2bQ9tVCyT90rl7uTYu5NCNs0hIV
vAcgDldoPGljHsg444ZI8PUksNu2KUufqgOvAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUILx9DrEQpej49pWRTSB3SLA8m78wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0lMeDlEckVRcGVqNDlw
V1JUU0IzU0xBOG03OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIkAFenTd4q4eCaw7ltZnKQmiMmQzGjFTvrq
GMjEz7gQKsQa1U2wtMflE7TY0GFVePE8BPm8VthtnvMPotJ8kzcUfVS2l27QJ3U/
5T0UGd4lmfuLzBTq4+6du/duwgoMhnD2rZgHEf9JJTDWZipCugwBgrhS1vjXWs6N
MeTyMHXYmFcpZQWu4CBXvFBZLEWyKrcaM4odBmGb/m3xyImtPpPtvnsw75R8xM0/
O75MNauUSdg2e9/50ZZINwbJxboRnD6fAgfHbaGiQqdbylSYVVEFFSaDpKdjBRpB
Auw3HyycgUu0w6XpdROdKcypaNSwIwreXQRAB+phtEo2Etc3u1s=
-----END CERTIFICATE-----
Generated at Thu Nov 7 06:45:00 2024 by rpki-client on console-fra.rpki-client.org