Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/OrQc__ok4cmIlgomP0ISeUzKUYU.roa
File: OrQc__ok4cmIlgomP0ISeUzKUYU.roa (raw, json)
Hash identifier: 9L8BM7BSCvVLpYEBR79SKXM6aruig0j/iQQZlCQBDic=
Subject key identifier: 3A:B4:1C:FF:FA:24:E1:C9:88:96:0A:26:3F:42:12:79:4C:CA:51:85
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 095C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OrQc__ok4cmIlgomP0ISeUzKUYU.roa
Signing time: Fri 01 Nov 2024 07:55:02 +0000
ROA not before: Fri 01 Nov 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2396 (0x95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 1 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3AB41CFFFA24E1C988960A263F4212794CCA5185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9f:ee:b6:00:0b:5e:67:db:73:63:20:4c:dd:
fa:55:0b:c6:cf:14:83:15:55:82:ce:79:24:1e:6a:
e2:ed:22:77:85:20:48:c7:fb:80:c8:4e:53:aa:ae:
0d:0e:73:e3:a0:5d:f6:e6:ca:57:24:aa:d7:3f:78:
be:62:33:c6:e4:c5:bb:e0:76:2d:b1:2d:a9:70:3b:
29:ff:e4:49:cf:e5:df:cf:33:05:05:50:3c:ee:86:
b6:ad:36:f3:af:59:8e:03:8d:c9:49:3c:9a:e4:8b:
62:2a:fa:b5:86:ab:51:ef:ea:b7:6c:8c:43:87:1c:
9e:25:d1:81:b7:aa:68:8d:7c:20:2b:a3:44:33:75:
e3:e2:b4:a8:46:90:f1:89:a8:04:bd:80:63:09:05:
ba:d7:15:61:d3:8b:7e:b5:23:c9:bd:21:cf:65:44:
8e:5b:6d:c7:52:30:db:d8:2d:a7:87:35:d1:98:67:
7a:59:b7:44:73:a1:c7:2f:f8:65:d6:bc:bb:35:1d:
da:24:a5:7a:ce:c7:c8:73:ec:a2:56:da:47:db:34:
91:be:63:85:ae:c0:02:2b:f3:85:ec:f4:2c:97:2b:
ab:1a:73:15:8b:f9:b8:58:4e:2d:dd:44:e9:ef:7a:
ff:d8:3a:93:7a:a6:bb:21:65:13:d1:d9:44:d3:73:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B4:1C:FF:FA:24:E1:C9:88:96:0A:26:3F:42:12:79:4C:CA:51:85
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OrQc__ok4cmIlgomP0ISeUzKUYU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
94:63:e6:70:86:e5:25:d8:a5:4c:33:28:4f:94:9f:a4:90:f9:
2f:96:50:94:21:63:40:db:f5:3f:7d:66:33:d1:77:1a:44:9a:
3b:c5:34:93:0a:33:c0:8f:46:c2:d2:f2:fb:65:c5:e5:36:79:
2d:fc:09:97:94:d3:64:8b:56:28:a1:33:68:4d:3c:65:a9:6b:
54:b0:83:78:55:4f:40:da:e5:41:e6:a5:a2:36:9b:07:23:4a:
fe:54:b2:00:7d:05:34:1f:52:ad:18:31:d4:9d:5e:87:f2:b1:
cc:6f:74:9c:91:2f:3d:d6:28:98:c9:17:ef:30:e7:49:07:cf:
44:4e:68:f6:70:51:2d:4b:92:f8:69:38:b1:92:cb:50:3a:52:
98:5b:ef:33:4e:e1:cb:bd:eb:8a:5a:87:bd:be:57:32:78:a9:
57:a8:70:01:6a:10:91:6b:a2:40:fb:51:88:97:27:d5:02:f5:
93:41:f4:fc:53:c4:85:51:dc:fc:5d:cb:8e:97:7e:dd:41:e7:
4b:33:77:25:6b:7a:df:45:1a:9e:80:a7:cc:ae:16:77:ca:88:
3d:96:41:2e:d9:cc:39:2e:63:87:99:80:a8:f8:c3:e2:11:78:
5c:60:77:c8:48:88:18:9a:41:33:b9:5b:5f:c3:30:4d:f0:6d:
d9:ff:37:bb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDEw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDNBQjQxQ0ZGRkEyNEUx
Qzk4ODk2MEEyNjNGNDIxMjc5NENDQTUxODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDen+62AAteZ9tzYyBM3fpVC8bPFIMVVYLOeSQeauLtIneFIEjH
+4DITlOqrg0Oc+OgXfbmylckqtc/eL5iM8bkxbvgdi2xLalwOyn/5EnP5d/PMwUF
UDzuhratNvOvWY4DjclJPJrki2Iq+rWGq1Hv6rdsjEOHHJ4l0YG3qmiNfCAro0Qz
dePitKhGkPGJqAS9gGMJBbrXFWHTi361I8m9Ic9lRI5bbcdSMNvYLaeHNdGYZ3pZ
t0Rzoccv+GXWvLs1HdokpXrOx8hz7KJW2kfbNJG+Y4WuwAIr84Xs9CyXK6sacxWL
+bhYTi3dROnvev/YOpN6prshZRPR2UTTc6S9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUOrQc//ok4cmIlgomP0ISeUzKUYUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL09yUWNfX29rNGNtSWxn
b21QMElTZVV6S1VZVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJRj5nCG5SXYpUwzKE+Un6SQ+S+WUJQhY0Db
9T99ZjPRdxpEmjvFNJMKM8CPRsLS8vtlxeU2eS38CZeU02SLViihM2hNPGWpa1Sw
g3hVT0Da5UHmpaI2mwcjSv5UsgB9BTQfUq0YMdSdXofyscxvdJyRLz3WKJjJF+8w
50kHz0ROaPZwUS1LkvhpOLGSy1A6Uphb7zNO4cu964pah72+VzJ4qVeocAFqEJFr
okD7UYiXJ9UC9ZNB9PxTxIVR3Pxdy46Xft1B50szdyVret9FGp6Ap8yuFnfKiD2W
QS7ZzDkuY4eZgKj4w+IReFxgd8hIiBiaQTO5W1/DME3wbdn/N7s=
-----END CERTIFICATE-----
Generated at Fri Nov 1 14:34:50 2024 by rpki-client on console-fra.rpki-client.org