Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/JKFz8yeHIXBmWcKyemCvKcXKYks.roa
File: JKFz8yeHIXBmWcKyemCvKcXKYks.roa (raw, json)
Hash identifier: nYSw0M1SMvws1IY4Y02a4aRhH5A3uWRg2fRmC6VBSRo=
Subject key identifier: 24:A1:73:F3:27:87:21:70:66:59:C2:B2:7A:60:AF:29:C5:CA:62:4B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 092F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/JKFz8yeHIXBmWcKyemCvKcXKYks.roa
Signing time: Sun 27 Oct 2024 07:55:03 +0000
ROA not before: Sun 27 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2351 (0x92f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 27 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24A173F3278721706659C2B27A60AF29C5CA624B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2f:9a:a6:ef:5a:51:bf:6d:86:79:a9:12:d1:
f1:4e:20:f9:b5:51:d0:54:72:08:5d:cc:66:c6:12:
b7:fd:72:e0:61:a3:a3:f0:c0:94:3e:19:6b:46:c7:
6d:1b:54:e1:c5:e3:4b:67:9b:73:fc:41:d2:ef:39:
28:36:ed:89:7a:a5:a5:25:df:3e:b8:b9:e8:74:2f:
60:83:b9:67:f6:34:db:48:66:8a:7c:b9:18:d9:db:
ae:97:88:a3:68:38:96:59:ac:cb:ca:3a:ec:87:96:
ec:0d:91:84:3e:8e:4d:6f:6d:28:bb:d2:0b:94:de:
f5:77:4d:8c:57:a7:bc:8f:22:75:e9:65:61:c0:bd:
29:58:a4:a5:bc:c0:29:cc:4c:b5:aa:c3:8c:79:55:
91:26:d2:1e:b7:9c:1d:c8:62:21:1c:4f:fc:f9:cc:
83:2b:46:89:87:52:8a:3c:bd:90:91:fa:a8:be:da:
e7:60:fe:1d:86:1d:70:c1:c2:29:e1:33:f4:94:11:
bd:69:93:c4:e9:c5:6a:bc:16:4a:0d:a8:05:70:8a:
f5:70:fc:55:a9:29:8c:3c:29:80:c0:bd:66:4a:b6:
30:2d:e1:67:67:ff:1b:1d:40:69:be:22:70:b6:e5:
ed:21:7c:d4:85:ee:dd:91:ab:4f:7c:57:e4:0f:ca:
c2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A1:73:F3:27:87:21:70:66:59:C2:B2:7A:60:AF:29:C5:CA:62:4B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/JKFz8yeHIXBmWcKyemCvKcXKYks.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:15:36:c4:4e:15:18:f6:04:d4:38:04:e4:09:61:d4:9b:96:
52:b5:b0:b4:9d:16:5f:03:c5:01:5e:2b:3c:46:ef:50:d5:82:
85:e6:79:e5:94:a8:e9:16:cc:46:3b:b2:ae:e9:fe:90:da:ed:
77:87:d7:e5:86:a9:88:61:56:a1:bf:ce:f6:f8:21:17:35:06:
b9:87:6a:5e:2b:d6:dc:40:c5:12:0f:ca:47:0e:2b:de:26:d9:
bf:17:d2:c7:f3:0f:a8:4f:67:a4:5c:d9:67:3b:62:e7:db:23:
43:ad:cb:c9:e9:d4:8f:1c:e7:c4:c5:22:a8:dd:0d:15:27:a7:
58:eb:eb:6b:f8:80:c5:d6:e4:bc:cd:db:30:f4:5d:3b:4d:70:
e8:25:23:63:40:d0:99:2b:f5:6a:92:38:e5:74:fd:ce:4e:0d:
35:42:3c:fb:55:92:dc:79:b2:e1:fc:d9:13:e4:bc:9d:6f:01:
1b:d5:b8:e9:8e:38:22:93:41:67:d9:cf:2e:68:3b:3a:78:39:
ab:75:61:18:98:e5:51:49:ff:9b:69:ef:8a:c1:8b:23:f5:ff:
af:d4:a2:9b:86:2b:61:cc:85:8a:a2:49:23:ba:71:2d:b8:92:
cd:de:aa:59:ba:91:f3:bf:0f:67:35:ac:bc:96:4f:6e:4e:e6:
71:4e:de:4a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCS8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI0QTE3M0YzMjc4NzIx
NzA2NjU5QzJCMjdBNjBBRjI5QzVDQTYyNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXL5qm71pRv22GeakS0fFOIPm1UdBUcghdzGbGErf9cuBho6Pw
wJQ+GWtGx20bVOHF40tnm3P8QdLvOSg27Yl6paUl3z64ueh0L2CDuWf2NNtIZop8
uRjZ266XiKNoOJZZrMvKOuyHluwNkYQ+jk1vbSi70guU3vV3TYxXp7yPInXpZWHA
vSlYpKW8wCnMTLWqw4x5VZEm0h63nB3IYiEcT/z5zIMrRomHUoo8vZCR+qi+2udg
/h2GHXDBwinhM/SUEb1pk8TpxWq8FkoNqAVwivVw/FWpKYw8KYDAvWZKtjAt4Wdn
/xsdQGm+InC25e0hfNSF7t2Rq098V+QPysJBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUJKFz8yeHIXBmWcKyemCvKcXKYkswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0pLRno4eWVISVhCbVdj
S3llbUN2S2NYS1lrcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMkVNsROFRj2BNQ4BOQJYdSbllK1sLSdFl8D
xQFeKzxG71DVgoXmeeWUqOkWzEY7sq7p/pDa7XeH1+WGqYhhVqG/zvb4IRc1BrmH
al4r1txAxRIPykcOK94m2b8X0sfzD6hPZ6Rc2Wc7YufbI0Oty8np1I8c58TFIqjd
DRUnp1jr62v4gMXW5LzN2zD0XTtNcOglI2NA0Jkr9WqSOOV0/c5ODTVCPPtVktx5
suH82RPkvJ1vARvVuOmOOCKTQWfZzy5oOzp4Oat1YRiY5VFJ/5tp74rBiyP1/6/U
opuGK2HMhYqiSSO6cS24ks3eqlm6kfO/D2c1rLyWT25O5nFO3ko=
-----END CERTIFICATE-----
Generated at Sun Oct 27 12:56:28 2024 by rpki-client on console-fra.rpki-client.org