Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/LxIAlK66NrQIgfz8RFGWqwRWDdA.roa
File: LxIAlK66NrQIgfz8RFGWqwRWDdA.roa (raw, json)
Hash identifier: Ky5qoteEZrgjvmNkt9DqdrfiUkuulNdcVJ/hLLnBayc=
Subject key identifier: 2F:12:00:94:AE:BA:36:B4:08:81:FC:FC:44:51:96:AB:04:56:0D:D0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08C5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LxIAlK66NrQIgfz8RFGWqwRWDdA.roa
Signing time: Tue 15 Oct 2024 15:55:03 +0000
ROA not before: Tue 15 Oct 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2245 (0x8c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 15 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2F120094AEBA36B40881FCFC445196AB04560DD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:52:54:74:ac:8e:01:b2:8a:f4:af:40:78:a0:
59:18:0a:8b:69:4c:96:3c:3c:0f:b3:5e:33:7d:92:
ce:9c:9b:45:db:72:c6:f0:51:45:2a:ae:66:42:65:
e3:bd:b1:90:3d:ac:ad:ee:a8:fc:be:e1:f3:ed:60:
7c:f5:8e:c3:04:cf:c8:62:67:41:18:4f:5d:13:28:
66:7d:c5:a7:22:e4:46:5e:4f:4d:af:8f:16:db:10:
ff:ec:aa:ab:df:2c:d6:09:89:02:97:c7:dc:c4:38:
a9:1f:08:16:85:96:10:87:e0:44:a8:3e:92:fc:c1:
1a:22:67:6d:37:80:84:29:dc:69:b0:0f:3b:92:20:
ad:a9:e5:04:8e:75:ff:51:92:bd:32:ba:f6:59:68:
c6:c9:b0:d6:2c:e3:83:76:9f:71:17:01:6a:2e:9c:
93:3a:7a:86:5e:0b:03:de:38:8e:6d:b8:ab:cb:31:
4f:e1:fb:29:2c:14:8b:a1:b6:59:83:c3:d3:4e:22:
04:cf:49:44:1e:4d:be:70:b6:9a:12:f9:44:e7:23:
37:5e:02:14:8e:2f:e3:9f:ba:7d:7d:86:f2:64:81:
8e:4c:d5:4b:7b:b8:11:e0:35:2d:92:43:4e:db:6d:
73:e3:6f:a4:6a:7b:83:a5:73:bd:a9:6f:97:af:cc:
64:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:12:00:94:AE:BA:36:B4:08:81:FC:FC:44:51:96:AB:04:56:0D:D0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LxIAlK66NrQIgfz8RFGWqwRWDdA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1b:a9:54:d0:0c:bc:34:07:c5:09:8c:b3:d6:5b:24:d1:2b:
76:af:d1:5c:87:06:90:81:0b:be:4c:12:71:99:80:64:86:d4:
85:29:75:99:03:0e:4f:ca:62:b3:48:85:52:04:f4:e8:9d:a6:
e0:f9:4d:22:85:dc:5a:48:a0:05:c5:6b:78:43:67:37:71:e8:
3b:e6:9c:d7:07:47:17:43:5b:19:f6:7c:ae:63:62:78:a6:82:
d2:a1:21:e6:e8:a5:53:e5:9b:83:f9:9a:27:f1:99:b3:7b:e5:
35:b4:cb:85:de:19:c0:64:2c:56:83:62:3d:28:26:17:7f:b1:
73:25:f0:0a:bc:57:78:5e:65:6e:2d:61:17:32:5b:91:42:02:
0a:fd:ef:a5:a8:2f:86:09:22:0b:a9:90:b9:9e:57:11:17:df:
71:4b:0d:67:a4:a8:5b:3d:46:95:8e:01:6a:a7:b9:1e:67:66:
e9:9e:97:08:56:eb:0b:5f:65:ab:44:68:2e:5f:84:7e:84:a3:
93:a7:c8:90:8a:99:00:91:15:ca:78:52:4b:87:b3:5f:94:4c:
df:ed:d9:63:d2:1c:77:7e:f2:3c:3c:29:57:f5:1c:24:2a:e9:
30:70:40:f2:a9:56:26:c3:cd:71:68:35:66:b9:c9:0a:41:1c:
17:10:0f:de
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTUx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJGMTIwMDk0QUVCQTM2
QjQwODgxRkNGQzQ0NTE5NkFCMDQ1NjBERDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdUlR0rI4Bsor0r0B4oFkYCotpTJY8PA+zXjN9ks6cm0Xbcsbw
UUUqrmZCZeO9sZA9rK3uqPy+4fPtYHz1jsMEz8hiZ0EYT10TKGZ9xaci5EZeT02v
jxbbEP/sqqvfLNYJiQKXx9zEOKkfCBaFlhCH4ESoPpL8wRoiZ203gIQp3GmwDzuS
IK2p5QSOdf9Rkr0yuvZZaMbJsNYs44N2n3EXAWounJM6eoZeCwPeOI5tuKvLMU/h
+yksFIuhtlmDw9NOIgTPSUQeTb5wtpoS+UTnIzdeAhSOL+Ofun19hvJkgY5M1Ut7
uBHgNS2SQ07bbXPjb6Rqe4Olc72pb5evzGS7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQULxIAlK66NrQIgfz8RFGWqwRWDdAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0x4SUFsSzY2TnJRSWdm
ejhSRkdXcXdSV0RkQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAgbqVTQDLw0B8UJjLPWWyTRK3av0VyHBpCB
C75MEnGZgGSG1IUpdZkDDk/KYrNIhVIE9OidpuD5TSKF3FpIoAXFa3hDZzdx6Dvm
nNcHRxdDWxn2fK5jYnimgtKhIebopVPlm4P5mifxmbN75TW0y4XeGcBkLFaDYj0o
Jhd/sXMl8Aq8V3heZW4tYRcyW5FCAgr976WoL4YJIgupkLmeVxEX33FLDWekqFs9
RpWOAWqnuR5nZumelwhW6wtfZatEaC5fhH6Eo5OnyJCKmQCRFcp4UkuHs1+UTN/t
2WPSHHd+8jw8KVf1HCQq6TBwQPKpVibDzXFoNWa5yQpBHBcQD94=
-----END CERTIFICATE-----
Generated at Tue Oct 15 22:18:32 2024 by rpki-client on console-fra.rpki-client.org