Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/LMSi_bBiSTQnQ5v8KuRGOk4IZC4.roa
File: LMSi_bBiSTQnQ5v8KuRGOk4IZC4.roa (raw, json)
Hash identifier: ZPFQrmy/Y74EqqjujWYw0G7E0k/Kl2LHqKq7oBRPQLE=
Subject key identifier: 2C:C4:A2:FD:B0:62:49:34:27:43:9B:FC:2A:E4:46:3A:4E:08:64:2E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0790
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LMSi_bBiSTQnQ5v8KuRGOk4IZC4.roa
Signing time: Wed 11 Sep 2024 07:55:03 +0000
ROA not before: Wed 11 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1936 (0x790)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 11 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2CC4A2FDB062493427439BFC2AE4463A4E08642E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0b:7c:2d:70:d6:0f:f0:aa:20:d4:2d:f5:a4:
da:4d:f9:f9:b1:86:d8:b9:5d:f9:b7:8b:73:35:24:
a4:d9:08:71:93:7a:2d:a8:b3:77:12:85:af:a7:fa:
e6:29:4c:28:26:5e:3a:24:0b:94:df:69:f2:2a:6c:
99:4c:e0:2c:8b:2b:f6:c9:5e:80:1b:03:95:a7:12:
b2:cf:29:ff:6a:9a:a7:2d:66:d2:2d:f3:fe:96:51:
06:46:60:d0:c3:55:52:c5:1d:d8:3c:15:1c:84:06:
64:2f:db:49:9f:0a:33:c9:ee:86:01:5b:b2:0a:9d:
0b:c1:80:ef:e0:1e:63:20:bd:4e:08:75:aa:f9:b6:
45:1e:38:9b:56:da:5c:d3:f2:2e:b4:04:68:0e:18:
23:b3:44:0e:fb:23:eb:6f:ba:dc:fd:35:5f:44:ec:
0f:29:71:2b:47:bb:45:08:91:5f:ed:06:59:37:8a:
17:27:91:ec:ef:47:4c:bf:84:3f:d6:1a:03:87:94:
9d:f0:bc:ca:e0:d7:49:7b:1e:94:be:26:8f:e5:77:
36:ed:aa:05:3e:2a:27:eb:22:ac:64:01:e3:87:d4:
13:b2:0d:a7:13:13:0f:d3:6a:76:bf:9a:c5:06:b7:
00:2e:47:f2:5d:92:f3:08:78:24:a9:90:b9:a2:44:
34:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C4:A2:FD:B0:62:49:34:27:43:9B:FC:2A:E4:46:3A:4E:08:64:2E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LMSi_bBiSTQnQ5v8KuRGOk4IZC4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:24:da:54:64:bc:e2:42:58:2e:45:1c:01:0b:27:0c:27:15:
f5:8d:97:c5:32:4b:f6:b3:60:6c:87:00:00:f2:de:82:b2:fb:
19:94:ce:02:43:64:0f:ad:47:99:15:df:5b:00:23:64:a9:83:
4e:de:96:a1:a7:2d:80:b2:98:98:41:f6:d6:d6:09:e5:9c:33:
68:05:0d:16:6a:b9:da:7e:7e:bf:ce:23:b8:8d:7c:53:d8:cf:
ec:6b:f1:f7:fe:1a:cd:98:e5:84:5c:b3:22:c6:ab:75:fb:28:
52:b1:5c:2e:b7:e4:1d:76:e4:25:e0:fd:2f:47:7c:b9:1e:6a:
ef:c7:3c:72:e2:31:98:b4:43:3a:33:e0:b1:85:17:c4:83:ff:
b0:fb:7a:5b:31:4c:8b:94:8e:41:a9:06:ac:f7:e2:9f:be:6b:
18:9c:d8:a5:07:6c:8b:f7:af:da:b2:ee:b2:04:d1:f7:61:75:
74:85:6f:39:0d:e4:bf:0b:9f:c3:08:dd:76:87:7d:b9:f1:44:
28:f0:09:06:01:19:35:74:0c:e8:85:4a:e4:f3:18:86:79:b3:
c6:1a:e6:b9:da:7c:3e:62:a0:1a:7e:5b:05:24:5d:0f:9c:58:
78:39:03:2d:63:c3:1f:89:68:ee:dc:57:59:99:e1:16:10:1b:
ec:e9:cf:32
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJDQzRBMkZEQjA2MjQ5
MzQyNzQzOUJGQzJBRTQ0NjNBNEUwODY0MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVC3wtcNYP8Kog1C31pNpN+fmxhti5Xfm3i3M1JKTZCHGTei2o
s3cSha+n+uYpTCgmXjokC5TfafIqbJlM4CyLK/bJXoAbA5WnErLPKf9qmqctZtIt
8/6WUQZGYNDDVVLFHdg8FRyEBmQv20mfCjPJ7oYBW7IKnQvBgO/gHmMgvU4Idar5
tkUeOJtW2lzT8i60BGgOGCOzRA77I+tvutz9NV9E7A8pcStHu0UIkV/tBlk3ihcn
kezvR0y/hD/WGgOHlJ3wvMrg10l7HpS+Jo/ldzbtqgU+KifrIqxkAeOH1BOyDacT
Ew/Tana/msUGtwAuR/JdkvMIeCSpkLmiRDSPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQULMSi/bBiSTQnQ5v8KuRGOk4IZC4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0xNU2lfYkJpU1RRblE1
djhLdVJHT2s0SVpDNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALAk2lRkvOJCWC5FHAELJwwnFfWNl8UyS/az
YGyHAADy3oKy+xmUzgJDZA+tR5kV31sAI2Spg07elqGnLYCymJhB9tbWCeWcM2gF
DRZqudp+fr/OI7iNfFPYz+xr8ff+Gs2Y5YRcsyLGq3X7KFKxXC635B125CXg/S9H
fLkeau/HPHLiMZi0Qzoz4LGFF8SD/7D7elsxTIuUjkGpBqz34p++axic2KUHbIv3
r9qy7rIE0fdhdXSFbzkN5L8Ln8MI3XaHfbnxRCjwCQYBGTV0DOiFSuTzGIZ5s8Ya
5rnafD5ioBp+WwUkXQ+cWHg5Ay1jwx+JaO7cV1mZ4RYQG+zpzzI=
-----END CERTIFICATE-----
Generated at Wed Sep 11 16:18:54 2024 by rpki-client on console-ams.rpki-client.org