Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/R2U_fGNRhF8wOsogOUlWeUhzMb0.roa
File: R2U_fGNRhF8wOsogOUlWeUhzMb0.roa (raw, json)
Hash identifier: duhbTHrt1Tqrepjzbg5UApL1twSg0BgZVJKHTa4LTig=
Subject key identifier: 47:65:3F:7C:63:51:84:5F:30:3A:CA:20:39:49:56:79:48:73:31:BD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0905
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/R2U_fGNRhF8wOsogOUlWeUhzMb0.roa
Signing time: Tue 22 Oct 2024 15:55:03 +0000
ROA not before: Tue 22 Oct 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2309 (0x905)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 22 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47653F7C6351845F303ACA2039495679487331BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:19:35:b7:d4:8e:d4:6b:87:99:08:b3:94:
34:96:6a:f6:4a:d2:f8:66:02:e3:2d:e7:2b:a5:84:
82:62:6a:f1:eb:d5:39:0d:7d:7b:ae:58:64:1d:99:
e0:1a:be:04:1c:3f:88:90:ef:65:90:a4:93:da:e7:
b3:9d:91:bc:6d:b7:88:5d:9c:ff:8f:66:97:2a:33:
2e:f3:1e:10:73:73:79:b4:d4:31:63:0f:69:79:04:
ed:e5:e9:e7:f3:ad:6e:54:7e:60:d1:58:76:9e:67:
b3:8b:8f:74:ce:8c:ec:2a:a4:72:4a:73:db:44:7e:
72:e2:bd:8b:23:12:fd:76:20:d4:33:54:1b:cc:d7:
24:e1:c2:f8:1e:bb:1d:0d:df:b3:6b:3a:14:d6:0f:
17:56:2c:92:21:18:b6:85:66:eb:05:c0:81:2e:70:
44:45:4f:8d:7b:ae:4a:df:df:fb:48:d7:58:a0:95:
f8:ec:dd:c1:43:ff:96:39:d9:fb:65:bb:c3:75:5e:
d6:e7:62:40:91:56:dd:1c:7d:a3:66:b9:ee:1a:dd:
23:a6:c6:77:fe:e9:b0:98:45:bb:be:27:0f:51:06:
5a:15:3e:7c:dd:f7:eb:de:53:07:0a:84:0c:4d:97:
ea:ce:20:23:1b:8d:43:07:83:14:66:7f:89:6b:c4:
21:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:65:3F:7C:63:51:84:5F:30:3A:CA:20:39:49:56:79:48:73:31:BD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/R2U_fGNRhF8wOsogOUlWeUhzMb0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:9c:82:6b:59:0a:94:f8:d2:e2:49:66:90:81:d4:94:8f:0b:
45:ea:c5:be:40:05:95:15:42:13:0a:ed:b9:cf:0f:d8:90:61:
ea:8c:ab:1c:fa:1f:72:fe:15:5d:f6:99:f7:81:ff:00:0d:0a:
e7:d4:9d:5c:55:20:bf:d7:92:fe:f0:8c:0b:10:be:8f:f8:15:
45:e6:70:f4:ba:39:42:75:8b:27:60:af:be:98:f2:d2:2d:7e:
98:a5:9c:f6:7e:79:92:45:8b:49:df:15:48:47:ae:ca:2a:cf:
6c:a0:ea:43:39:09:77:71:c1:18:29:1b:97:b0:0a:02:72:9e:
6a:11:82:37:88:d3:03:e5:59:c4:cf:32:96:7c:08:51:c0:f4:
82:2f:95:34:af:09:cd:cf:11:c4:35:d3:5b:4c:a6:79:92:f2:
8b:7c:a0:89:da:28:d4:3a:ea:00:0a:36:6b:eb:4e:7a:97:7f:
25:b9:cd:18:b4:8f:9a:c3:e5:3b:6c:90:ac:3f:ea:a8:7a:7d:
89:ad:cf:8e:1d:47:db:01:b6:82:c3:1d:cb:c9:35:46:0b:df:
a8:a6:5b:42:6a:ac:73:5a:88:84:31:4a:56:ce:99:cf:cc:93:
36:df:b9:23:68:3c:c8:38:e0:d7:8b:d4:9e:fe:6c:be:85:60:
dc:58:e0:c0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ3NjUzRjdDNjM1MTg0
NUYzMDNBQ0EyMDM5NDk1Njc5NDg3MzMxQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGlRk1t9SO1GuHmQizlDSWavZK0vhmAuMt5yulhIJiavHr1TkN
fXuuWGQdmeAavgQcP4iQ72WQpJPa57Odkbxtt4hdnP+PZpcqMy7zHhBzc3m01DFj
D2l5BO3l6efzrW5UfmDRWHaeZ7OLj3TOjOwqpHJKc9tEfnLivYsjEv12INQzVBvM
1yThwvgeux0N37NrOhTWDxdWLJIhGLaFZusFwIEucERFT417rkrf3/tI11iglfjs
3cFD/5Y52ftlu8N1XtbnYkCRVt0cfaNmue4a3SOmxnf+6bCYRbu+Jw9RBloVPnzd
9+veUwcKhAxNl+rOICMbjUMHgxRmf4lrxCEXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUR2U/fGNRhF8wOsogOUlWeUhzMb0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1IyVV9mR05SaEY4d09z
b2dPVWxXZVVoek1iMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANicgmtZCpT40uJJZpCB1JSPC0Xqxb5ABZUV
QhMK7bnPD9iQYeqMqxz6H3L+FV32mfeB/wANCufUnVxVIL/Xkv7wjAsQvo/4FUXm
cPS6OUJ1iydgr76Y8tItfpilnPZ+eZJFi0nfFUhHrsoqz2yg6kM5CXdxwRgpG5ew
CgJynmoRgjeI0wPlWcTPMpZ8CFHA9IIvlTSvCc3PEcQ101tMpnmS8ot8oInaKNQ6
6gAKNmvrTnqXfyW5zRi0j5rD5TtskKw/6qh6fYmtz44dR9sBtoLDHcvJNUYL36im
W0JqrHNaiIQxSlbOmc/MkzbfuSNoPMg44NeL1J7+bL6FYNxY4MA=
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:59:01 2024 by rpki-client on console-fra.rpki-client.org