Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/KGvy1sZpi4HDjeQ6p0G6D55zVas.roa
File: KGvy1sZpi4HDjeQ6p0G6D55zVas.roa (raw, json)
Hash identifier: QHWo3sWNQo6Ivpq8QJe9cg9Nc5zRRZaRpRB2GSSuIcw=
Subject key identifier: 28:6B:F2:D6:C6:69:8B:81:C3:8D:E4:3A:A7:41:BA:0F:9E:73:55:AB
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0983
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/KGvy1sZpi4HDjeQ6p0G6D55zVas.roa
Signing time: Tue 05 Nov 2024 15:55:02 +0000
ROA not before: Tue 05 Nov 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2435 (0x983)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 5 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=286BF2D6C6698B81C38DE43AA741BA0F9E7355AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:b2:58:cc:45:13:21:93:21:a2:b2:13:83:
a4:50:26:76:ab:c9:26:52:ec:69:da:17:0c:2d:f5:
c1:64:ec:10:b9:75:83:a0:51:10:0d:ff:2f:2f:f5:
79:02:9a:0d:08:d5:7e:31:b4:76:2a:0c:36:93:a1:
9f:41:2d:c7:19:d4:f7:42:0e:b0:99:fd:fc:43:78:
a2:84:d0:59:c7:e2:d8:76:9a:7c:38:97:3e:39:98:
73:62:b8:78:85:2a:86:40:67:8d:67:5b:94:3a:c9:
04:ef:56:be:34:90:85:b9:98:29:85:f4:f2:9f:03:
6b:2b:b4:f2:57:6f:52:5c:8c:1f:27:4b:fd:5a:7a:
f8:aa:f8:f9:19:74:27:51:89:82:e9:89:88:f3:19:
dc:95:e8:bf:53:9b:53:9f:22:a5:d1:3f:9f:cc:d8:
78:e9:4b:fc:ca:e7:05:71:dd:13:23:d0:c3:ab:d4:
34:5b:9c:2b:cb:92:2b:69:51:b9:bd:1b:31:6f:04:
18:77:7a:69:9d:c0:2c:fe:f1:ea:bf:af:10:6e:f7:
2b:92:04:78:65:9f:e0:2d:30:26:e3:9a:7a:76:a4:
a9:b2:6f:16:f8:40:45:5f:59:76:54:67:1a:42:78:
f4:3e:63:ee:2e:52:3e:78:d7:d9:94:38:17:9f:a1:
68:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6B:F2:D6:C6:69:8B:81:C3:8D:E4:3A:A7:41:BA:0F:9E:73:55:AB
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/KGvy1sZpi4HDjeQ6p0G6D55zVas.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3b:1e:20:4d:8e:a6:4a:59:8c:ee:0d:76:3f:dd:6c:79:29:
b7:97:25:75:37:39:96:49:9d:7d:57:70:9e:78:ed:bb:8e:46:
49:77:2d:05:56:f7:5f:f7:fd:a1:16:57:f3:c3:82:d9:f0:b3:
d2:d2:9c:fd:50:f4:16:d2:9e:ad:01:8a:09:93:82:77:1b:4c:
c3:d7:81:e1:e2:70:18:67:36:32:4e:6c:b5:a5:d8:cf:c3:26:
30:f2:fc:68:8c:3a:45:22:88:50:1f:f2:6a:a7:b6:89:5a:74:
a3:6f:e1:c1:63:06:b8:4c:ef:10:4c:83:8d:8a:f8:d2:09:6f:
19:c9:45:b2:f0:62:9c:64:79:2a:09:b5:53:b9:4b:7a:61:c5:
28:7d:26:4d:ad:0e:51:1b:e8:b6:d0:d9:f7:a0:38:7f:66:31:
95:8e:28:01:d2:37:27:c3:6f:53:f6:82:6a:29:15:00:5f:e2:
56:44:2f:14:67:4a:bb:e6:83:64:f0:4d:d7:f1:87:b1:9b:5c:
0e:21:52:c9:fc:40:8a:33:1d:ac:97:89:71:fe:33:a4:58:3c:
bb:76:a9:a5:e1:4c:a1:1e:53:46:f9:c8:02:2f:9b:f2:28:ea:
0e:fc:63:01:ec:b8:93:7b:cf:fc:71:af:50:fe:75:46:76:f0:
0c:29:da:60
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCYMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDUx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI4NkJGMkQ2QzY2OThC
ODFDMzhERTQzQUE3NDFCQTBGOUU3MzU1QUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChnrJYzEUTIZMhorITg6RQJnarySZS7GnaFwwt9cFk7BC5dYOg
URAN/y8v9XkCmg0I1X4xtHYqDDaToZ9BLccZ1PdCDrCZ/fxDeKKE0FnH4th2mnw4
lz45mHNiuHiFKoZAZ41nW5Q6yQTvVr40kIW5mCmF9PKfA2srtPJXb1JcjB8nS/1a
eviq+PkZdCdRiYLpiYjzGdyV6L9Tm1OfIqXRP5/M2HjpS/zK5wVx3RMj0MOr1DRb
nCvLkitpUbm9GzFvBBh3emmdwCz+8eq/rxBu9yuSBHhln+AtMCbjmnp2pKmybxb4
QEVfWXZUZxpCePQ+Y+4uUj5419mUOBefoWiDAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUKGvy1sZpi4HDjeQ6p0G6D55zVaswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0tHdnkxc1pwaTRIRGpl
UTZwMEc2RDU1elZhcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEA7HiBNjqZKWYzuDXY/3Wx5KbeXJXU3OZZJ
nX1XcJ547buORkl3LQVW91/3/aEWV/PDgtnws9LSnP1Q9BbSnq0BigmTgncbTMPX
geHicBhnNjJObLWl2M/DJjDy/GiMOkUiiFAf8mqntoladKNv4cFjBrhM7xBMg42K
+NIJbxnJRbLwYpxkeSoJtVO5S3phxSh9Jk2tDlEb6LbQ2fegOH9mMZWOKAHSNyfD
b1P2gmopFQBf4lZELxRnSrvmg2TwTdfxh7GbXA4hUsn8QIozHayXiXH+M6RYPLt2
qaXhTKEeU0b5yAIvm/Io6g78YwHsuJN7z/xxr1D+dUZ28Awp2mA=
-----END CERTIFICATE-----
Generated at Tue Nov 5 21:31:32 2024 by rpki-client on console-ams.rpki-client.org