Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/LaP9-AZb_B6OLbLocH3NMNuiusI.roa
File: LaP9-AZb_B6OLbLocH3NMNuiusI.roa (raw, json)
Hash identifier: H5k8+GfAO4rhLbZeXbpcx1EsYQ/ZzrdtWkJL4cCRNn0=
Subject key identifier: 2D:A3:FD:F8:06:5B:FC:1E:8E:2D:B2:E8:70:7D:CD:30:DB:A2:BA:C2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08AA
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LaP9-AZb_B6OLbLocH3NMNuiusI.roa
Signing time: Sat 12 Oct 2024 15:55:03 +0000
ROA not before: Sat 12 Oct 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Oct 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2218 (0x8aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 12 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2DA3FDF8065BFC1E8E2DB2E8707DCD30DBA2BAC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:61:56:53:49:26:9d:ec:ce:16:4e:05:6b:40:
5f:49:5d:ce:0a:ef:a8:54:5b:58:00:78:f5:3c:9f:
3c:d1:26:bb:1c:8f:73:82:04:e1:4c:f2:e8:cc:83:
28:f6:44:9d:28:35:43:53:d2:ed:42:b4:b6:ae:05:
8e:a7:58:26:30:d6:81:34:32:dc:9b:64:74:03:02:
80:02:3c:88:5b:36:ac:b7:90:d6:42:4d:65:1f:12:
a6:5a:e7:f4:fe:fa:8f:87:6c:9e:15:f2:04:25:77:
81:a4:1c:9f:44:e4:3c:4f:f1:22:b8:08:41:0e:da:
ad:35:92:b1:49:33:c6:82:e6:b1:91:1a:b7:8c:f0:
1e:9a:36:d2:ce:6f:c0:48:45:9b:60:b4:b1:72:1b:
db:a1:02:a8:9a:41:d5:8d:bd:30:b5:6a:f2:1c:ff:
d3:a4:cd:97:7a:d3:45:5c:a6:32:1f:a6:86:cc:dc:
ca:19:28:86:f7:b6:39:c6:fd:50:6c:19:20:60:fa:
73:11:13:3a:37:0a:d1:3c:b5:8a:e6:f5:5d:14:fd:
23:ec:d7:11:1c:f5:73:e9:7a:3e:62:59:d8:96:d1:
be:4f:16:ee:98:02:74:9f:37:ae:92:c3:42:87:41:
73:08:3b:2f:fb:71:5e:fa:34:a8:29:2e:69:53:53:
6e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A3:FD:F8:06:5B:FC:1E:8E:2D:B2:E8:70:7D:CD:30:DB:A2:BA:C2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LaP9-AZb_B6OLbLocH3NMNuiusI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a0:9e:d5:40:ad:d4:98:67:4a:22:57:e6:74:98:9a:de:52:
e6:ac:04:9d:57:7d:aa:cc:d6:e3:9d:02:29:be:e2:44:67:08:
ed:45:29:b3:6c:65:85:cf:78:47:cd:3d:20:64:40:f5:6c:b9:
01:7a:3c:ed:10:3c:57:26:2d:25:2d:59:c1:2f:4c:b0:65:73:
7a:9e:59:9a:27:0d:44:a1:33:ae:06:72:aa:27:d5:9d:1d:3e:
8b:b3:e8:97:0d:54:3a:8c:42:d3:e0:79:1a:78:cf:ff:e0:ff:
96:b8:99:0f:fa:4c:ec:32:0b:0c:d5:d8:a2:53:96:94:78:75:
66:1b:0a:fa:c0:a5:fe:50:a7:b6:00:d9:2c:79:97:7e:b7:db:
e2:b5:9a:53:aa:e6:33:92:93:55:0f:11:15:b4:63:86:4b:7c:
8e:d4:19:23:b8:b6:0c:e6:29:d5:73:85:9b:7b:c7:6d:58:33:
a5:72:61:8e:22:91:54:64:8d:30:06:1b:c3:6e:63:af:3a:52:
c5:9c:41:ec:dc:b3:82:5e:b8:69:43:b8:49:fc:12:bc:fc:c3:
3f:34:17:96:50:39:86:d2:41:44:f1:f9:cf:86:eb:3e:3b:31:
9a:47:35:76:de:04:e0:b9:ed:78:31:f8:37:cd:ca:3a:bd:cb:
6a:e7:6e:81
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJEQTNGREY4MDY1QkZD
MUU4RTJEQjJFODcwN0RDRDMwREJBMkJBQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZYVZTSSad7M4WTgVrQF9JXc4K76hUW1gAePU8nzzRJrscj3OC
BOFM8ujMgyj2RJ0oNUNT0u1CtLauBY6nWCYw1oE0MtybZHQDAoACPIhbNqy3kNZC
TWUfEqZa5/T++o+HbJ4V8gQld4GkHJ9E5DxP8SK4CEEO2q01krFJM8aC5rGRGreM
8B6aNtLOb8BIRZtgtLFyG9uhAqiaQdWNvTC1avIc/9OkzZd600VcpjIfpobM3MoZ
KIb3tjnG/VBsGSBg+nMREzo3CtE8tYrm9V0U/SPs1xEc9XPpej5iWdiW0b5PFu6Y
AnSfN66Sw0KHQXMIOy/7cV76NKgpLmlTU25bAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQULaP9+AZb/B6OLbLocH3NMNuiusIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0xhUDktQVpiX0I2T0xi
TG9jSDNOTU51aXVzSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALygntVArdSYZ0oiV+Z0mJreUuasBJ1XfarM
1uOdAim+4kRnCO1FKbNsZYXPeEfNPSBkQPVsuQF6PO0QPFcmLSUtWcEvTLBlc3qe
WZonDUShM64Gcqon1Z0dPouz6JcNVDqMQtPgeRp4z//g/5a4mQ/6TOwyCwzV2KJT
lpR4dWYbCvrApf5Qp7YA2Sx5l3632+K1mlOq5jOSk1UPERW0Y4ZLfI7UGSO4tgzm
KdVzhZt7x21YM6VyYY4ikVRkjTAGG8NuY686UsWcQezcs4JeuGlDuEn8Erz8wz80
F5ZQOYbSQUTx+c+G6z47MZpHNXbeBOC57Xgx+DfNyjq9y2rnboE=
-----END CERTIFICATE-----
Generated at Sat Oct 12 21:21:51 2024 by rpki-client on console-fra.rpki-client.org