Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/LTy21AX0gb4cKUYfCKLn4O2dzu4.roa
File: LTy21AX0gb4cKUYfCKLn4O2dzu4.roa (raw, json)
Hash identifier: YtzZG9I1qBrDb+m1oAspCnEFibBVA74lQUErapQIcWo=
Subject key identifier: 2D:3C:B6:D4:05:F4:81:BE:1C:29:46:1F:08:A2:E7:E0:ED:9D:CE:EE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06F1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LTy21AX0gb4cKUYfCKLn4O2dzu4.roa
Signing time: Sat 24 Aug 2024 15:55:03 +0000
ROA not before: Sat 24 Aug 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1777 (0x6f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 24 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2D3CB6D405F481BE1C29461F08A2E7E0ED9DCEEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:fa:18:36:ad:5b:b7:94:7e:ba:3b:f0:de:
e7:3a:c5:47:a1:1b:23:03:1b:59:b5:84:f8:5c:bf:
3d:1e:3f:6a:00:de:0a:5d:9f:03:5b:e0:22:7b:f1:
0a:bc:a9:8f:25:76:1f:eb:4a:ea:b9:0c:f2:12:bb:
bc:27:b5:20:a3:43:7c:a8:fd:30:0f:42:77:fc:41:
91:32:db:1a:fe:9a:31:bc:0c:9e:e7:4f:a1:46:53:
0b:d5:87:da:60:6d:10:8f:62:c5:6c:b6:fe:22:b4:
34:c3:ea:da:a9:f1:2f:4f:5b:e7:28:a3:37:d0:1b:
bb:97:da:9b:e9:59:f4:63:8e:8e:ef:48:5c:25:17:
44:b8:53:0d:c5:63:37:12:60:ec:fa:b9:e4:50:1d:
7c:02:25:4c:c6:ac:9b:91:29:37:d7:48:1e:36:8f:
ed:f7:92:e3:58:4b:1b:6a:da:14:b5:c0:1d:f6:3c:
c4:5b:9c:23:48:88:3e:70:97:db:04:00:49:f0:80:
2c:b9:7c:b9:82:45:af:6e:e6:30:b0:45:8b:3f:62:
79:7d:fa:c5:b7:57:f8:02:95:39:f9:7f:92:62:c7:
3e:71:f0:a7:16:14:97:54:7c:18:50:68:11:21:7b:
40:84:f7:11:3f:10:fd:2d:1e:0f:16:74:79:4e:59:
7b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3C:B6:D4:05:F4:81:BE:1C:29:46:1F:08:A2:E7:E0:ED:9D:CE:EE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LTy21AX0gb4cKUYfCKLn4O2dzu4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a9:c6:e5:3e:ea:68:4b:34:be:c6:61:70:5f:bd:b8:74:98:
98:85:9f:0c:83:35:5a:59:27:bf:b2:29:de:97:9f:8a:86:5a:
61:89:65:a1:e1:65:f9:b2:06:a0:d6:c6:8d:f4:c6:a6:c5:54:
b5:b2:17:80:ab:54:3a:f7:7a:41:88:eb:e1:8f:61:6d:c7:d7:
32:8a:85:60:65:ce:84:56:66:bf:5a:a1:c0:d2:b2:63:14:81:
99:67:06:25:26:09:1f:e7:16:71:ae:e3:90:95:a3:12:65:ca:
f4:93:db:82:b5:29:50:b8:84:bd:fa:a4:76:fb:18:66:8f:de:
da:3a:23:a0:67:1c:2c:50:a7:fb:aa:77:97:db:79:f4:e9:1a:
5a:4e:44:82:00:25:e2:36:3b:c8:d6:aa:5d:bd:c1:3f:96:da:
2a:c6:47:bb:f5:dd:90:fa:d8:69:4c:d4:3c:30:34:21:1a:54:
f6:ad:e9:c8:cb:47:11:5f:11:16:d9:a3:df:1c:54:b0:39:e3:
60:72:54:76:f6:1b:a5:65:43:44:5d:ed:37:f5:86:f5:4b:9e:
10:30:ec:b9:3d:4a:b6:47:f1:a9:da:55:ab:76:18:25:f0:74:
f2:6b:4e:95:22:29:d0:96:04:f7:4d:77:a1:3d:42:ee:59:74:
7d:04:f7:44
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjQx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJEM0NCNkQ0MDVGNDgx
QkUxQzI5NDYxRjA4QTJFN0UwRUQ5RENFRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvbfoYNq1bt5R+ujvw3uc6xUehGyMDG1m1hPhcvz0eP2oA3gpd
nwNb4CJ78Qq8qY8ldh/rSuq5DPISu7wntSCjQ3yo/TAPQnf8QZEy2xr+mjG8DJ7n
T6FGUwvVh9pgbRCPYsVstv4itDTD6tqp8S9PW+coozfQG7uX2pvpWfRjjo7vSFwl
F0S4Uw3FYzcSYOz6ueRQHXwCJUzGrJuRKTfXSB42j+33kuNYSxtq2hS1wB32PMRb
nCNIiD5wl9sEAEnwgCy5fLmCRa9u5jCwRYs/Ynl9+sW3V/gClTn5f5Jixz5x8KcW
FJdUfBhQaBEhe0CE9xE/EP0tHg8WdHlOWXvjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQULTy21AX0gb4cKUYfCKLn4O2dzu4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0xUeTIxQVgwZ2I0Y0tV
WWZDS0xuNE8yZHp1NC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAqpxuU+6mhLNL7GYXBfvbh0mJiFnwyDNVpZ
J7+yKd6Xn4qGWmGJZaHhZfmyBqDWxo30xqbFVLWyF4CrVDr3ekGI6+GPYW3H1zKK
hWBlzoRWZr9aocDSsmMUgZlnBiUmCR/nFnGu45CVoxJlyvST24K1KVC4hL36pHb7
GGaP3to6I6BnHCxQp/uqd5fbefTpGlpORIIAJeI2O8jWql29wT+W2irGR7v13ZD6
2GlM1DwwNCEaVPat6cjLRxFfERbZo98cVLA542ByVHb2G6VlQ0Rd7Tf1hvVLnhAw
7Lk9SrZH8anaVat2GCXwdPJrTpUiKdCWBPdNd6E9Qu5ZdH0E90Q=
-----END CERTIFICATE-----
Generated at Sat Aug 24 21:28:54 2024 by rpki-client on console-fra.rpki-client.org