Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/IWmQZxGjYowUICGJf1nJkuNtNpk.roa
File: IWmQZxGjYowUICGJf1nJkuNtNpk.roa (raw, json)
Hash identifier: F9rvi9l2qNrAF24WC9xO7VXC3mpDEM7aF2IOfdgIpyQ=
Subject key identifier: 21:69:90:67:11:A3:62:8C:14:20:21:89:7F:59:C9:92:E3:6D:36:99
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 099E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/IWmQZxGjYowUICGJf1nJkuNtNpk.roa
Signing time: Fri 08 Nov 2024 15:55:02 +0000
ROA not before: Fri 08 Nov 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2462 (0x99e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 8 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2169906711A3628C142021897F59C992E36D3699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b2:af:3f:ef:d7:9f:25:c0:69:5a:82:54:55:
12:84:d4:45:2f:00:63:c4:ea:6b:5f:5c:e7:68:e1:
ae:3b:bf:b7:be:2c:c6:57:ba:f4:d1:29:98:e4:02:
cb:c9:18:57:da:9a:7c:52:61:f1:8c:97:fa:51:8c:
a8:98:f7:92:88:93:a3:50:29:e3:fb:4d:00:65:4b:
1a:30:5f:ae:f7:83:ea:5f:da:e2:a5:0d:31:6f:b1:
8a:94:5e:c1:7d:7b:b2:b6:04:78:13:41:6e:ad:73:
72:77:9b:6e:6a:49:67:a9:fc:8a:dc:4d:ef:ba:71:
a0:4a:ac:99:f4:0f:fe:4a:3d:c8:dc:04:fd:40:81:
00:d3:74:19:9d:e9:8c:4b:65:c0:a0:8d:ca:e9:49:
13:d3:f1:c1:31:cb:84:ba:fd:30:7b:3b:23:b2:4f:
d2:1b:9c:2b:5d:ed:bb:71:71:c2:4a:a5:3d:18:13:
35:48:58:ff:8b:33:4f:18:6d:b9:1b:52:6a:90:6f:
8f:51:af:fb:00:d4:b8:05:8c:e1:64:84:68:b8:8b:
53:32:fb:50:52:c3:9b:b7:e9:b6:4b:83:19:e8:d2:
9b:9d:00:f3:b2:f8:12:dd:b4:dc:74:72:be:e0:0d:
42:17:5e:ec:37:11:22:3b:f2:0d:49:7e:48:0b:8b:
9d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:69:90:67:11:A3:62:8C:14:20:21:89:7F:59:C9:92:E3:6D:36:99
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/IWmQZxGjYowUICGJf1nJkuNtNpk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e4:f5:54:be:5b:d6:46:3a:24:bc:4e:36:bf:e7:d0:72:55:
99:57:8a:75:f1:40:e9:9d:be:5a:53:1c:0f:0c:11:12:d8:6f:
16:c9:32:06:b3:7e:11:ba:a2:93:2e:9c:19:46:36:06:e8:fd:
a9:58:e1:7f:ac:c5:fb:bf:01:c1:b8:36:4a:a1:8c:bf:d8:e7:
cb:4f:f9:5c:6a:31:92:52:47:6d:34:3c:4c:d5:8c:d3:18:88:
ae:93:8a:56:da:c4:4e:a4:44:80:a8:e7:d7:79:73:e1:ec:e0:
c7:c5:c7:8f:7d:f3:a8:95:48:ad:e6:27:95:96:a5:46:60:52:
e1:6c:55:18:81:73:4c:c7:32:28:9f:66:21:85:cf:b7:2d:af:
ec:f4:79:91:fe:95:17:59:61:e6:2a:59:c3:4e:98:97:06:34:
cd:48:18:ec:b7:ad:58:0e:eb:23:e7:43:c7:15:a1:fc:97:05:
cc:c1:10:14:0d:e3:92:b1:f5:2a:8d:75:7b:6d:8e:b5:80:64:
10:fa:7c:a0:a6:cf:bf:b5:82:cb:55:d3:84:e0:6e:31:32:30:
66:9d:a7:ce:73:6d:0d:27:ac:99:e3:68:49:76:e8:4a:8a:bc:
b8:a6:56:82:70:b0:4f:1c:ec:fa:41:7a:52:45:27:38:11:26:
bd:ca:e5:df
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDgx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIxNjk5MDY3MTFBMzYy
OEMxNDIwMjE4OTdGNTlDOTkyRTM2RDM2OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrsq8/79efJcBpWoJUVRKE1EUvAGPE6mtfXOdo4a47v7e+LMZX
uvTRKZjkAsvJGFfamnxSYfGMl/pRjKiY95KIk6NQKeP7TQBlSxowX673g+pf2uKl
DTFvsYqUXsF9e7K2BHgTQW6tc3J3m25qSWep/IrcTe+6caBKrJn0D/5KPcjcBP1A
gQDTdBmd6YxLZcCgjcrpSRPT8cExy4S6/TB7OyOyT9IbnCtd7btxccJKpT0YEzVI
WP+LM08YbbkbUmqQb49Rr/sA1LgFjOFkhGi4i1My+1BSw5u36bZLgxno0pudAPOy
+BLdtNx0cr7gDUIXXuw3ESI78g1JfkgLi53xAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUIWmQZxGjYowUICGJf1nJkuNtNpkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0lXbVFaeEdqWW93VUlD
R0pmMW5Ka3VOdE5way5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACLk9VS+W9ZGOiS8Tja/59ByVZlXinXxQOmd
vlpTHA8MERLYbxbJMgazfhG6opMunBlGNgbo/alY4X+sxfu/AcG4NkqhjL/Y58tP
+VxqMZJSR200PEzVjNMYiK6TilbaxE6kRICo59d5c+Hs4MfFx49986iVSK3mJ5WW
pUZgUuFsVRiBc0zHMiifZiGFz7ctr+z0eZH+lRdZYeYqWcNOmJcGNM1IGOy3rVgO
6yPnQ8cVofyXBczBEBQN45Kx9SqNdXttjrWAZBD6fKCmz7+1gstV04TgbjEyMGad
p85zbQ0nrJnjaEl26EqKvLimVoJwsE8c7PpBelJFJzgRJr3K5d8=
-----END CERTIFICATE-----
Generated at Fri Nov 8 22:21:20 2024 by rpki-client on console-fra.rpki-client.org