Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/R_9M5LRDikCXgktsEX6tNwRPV9g.roa
File: R_9M5LRDikCXgktsEX6tNwRPV9g.roa (raw, json)
Hash identifier: vr3hTkX97wJ4fB9pzofgsn+YWECz6bjB/JzafPrkclE=
Subject key identifier: 47:FF:4C:E4:B4:43:8A:40:97:82:4B:6C:11:7E:AD:37:04:4F:57:D8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 072D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/R_9M5LRDikCXgktsEX6tNwRPV9g.roa
Signing time: Sat 31 Aug 2024 07:55:03 +0000
ROA not before: Sat 31 Aug 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1837 (0x72d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 31 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47FF4CE4B4438A4097824B6C117EAD37044F57D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0a:6e:01:4c:84:d5:b1:30:36:17:96:74:7b:
48:cf:95:ca:8f:7f:ce:83:07:cc:1e:29:4d:5b:37:
74:2e:d4:dd:bb:9d:d0:35:17:79:ec:2a:cc:d6:bb:
b2:8d:b6:08:e6:f5:e1:22:8a:1e:f2:2b:62:88:55:
50:b9:de:9b:67:d3:5f:d8:c4:96:29:31:65:4a:1a:
8d:60:a2:2b:58:29:9c:77:e7:b1:1b:e8:42:93:c2:
7e:e3:e8:6d:5b:99:3b:ed:10:59:85:90:47:18:7e:
e3:58:04:8e:03:95:3e:e8:8c:9e:f0:05:2c:a5:66:
02:ec:d2:80:6c:5f:79:4f:e5:2d:b1:2c:9b:83:96:
3b:58:ab:f5:0d:ee:37:e9:9c:ea:5b:cd:a0:9b:71:
fe:ba:88:a3:58:e1:4c:fa:e4:8b:8a:5b:9f:69:40:
fe:21:c2:77:9c:14:d5:23:bb:18:83:61:db:33:f6:
a7:e6:d7:3f:60:14:e8:7a:5b:3c:53:11:a7:76:72:
16:1e:c9:b4:82:dd:d4:20:fa:ba:ed:e1:ad:65:76:
ed:79:37:7d:e3:94:85:1a:3a:4c:60:ba:4d:91:8b:
ee:46:4a:74:f6:ba:d1:f1:b5:34:9f:6b:9f:ed:fc:
85:7f:5b:9d:f1:24:80:da:26:14:43:7c:a0:46:fe:
dd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FF:4C:E4:B4:43:8A:40:97:82:4B:6C:11:7E:AD:37:04:4F:57:D8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/R_9M5LRDikCXgktsEX6tNwRPV9g.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:df:ec:0b:fb:1a:b2:47:90:75:81:8b:d0:55:f5:5a:c8:a9:
49:ad:3d:ef:46:09:50:7e:1d:fa:be:16:26:6d:e1:8c:c7:a7:
13:8a:6d:0b:0b:0f:0d:82:76:53:d5:fd:82:27:2e:8c:2f:e5:
69:f8:71:b4:08:8e:c3:49:9c:3b:3f:fb:b8:ec:bc:35:f1:78:
61:5b:ab:26:25:51:40:af:8c:7c:95:98:cb:a4:84:2c:f8:11:
bc:1c:bf:fb:87:fa:8c:e0:14:d8:4a:43:62:6b:ec:41:5b:37:
46:cb:38:d9:d9:b8:9d:f7:b3:76:bd:00:ae:94:7f:72:09:1a:
fb:15:c6:d6:f3:0f:9b:50:b7:b6:6e:33:92:70:18:2f:53:1d:
f8:87:0c:6e:8e:30:09:07:25:2c:d2:80:24:3d:07:51:ef:7f:
dc:df:ed:ea:c6:81:d9:3c:b5:c4:07:fb:4c:66:63:77:74:81:
0d:a5:b9:53:24:e5:b9:7c:4f:b7:bf:ed:c3:19:fa:bf:ef:18:
ad:0e:64:35:bb:dc:7a:82:b3:58:2b:34:45:21:e5:12:23:b5:
f9:6f:df:81:f4:bb:9d:d3:16:c3:d9:38:df:4c:cc:bc:3a:f9:
0c:82:75:aa:5f:1a:b3:83:e3:ef:6e:d0:c9:40:f5:a5:18:7b:
76:62:a0:6c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MzEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ3RkY0Q0U0QjQ0MzhB
NDA5NzgyNEI2QzExN0VBRDM3MDQ0RjU3RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwCm4BTITVsTA2F5Z0e0jPlcqPf86DB8weKU1bN3Qu1N27ndA1
F3nsKszWu7KNtgjm9eEiih7yK2KIVVC53ptn01/YxJYpMWVKGo1goitYKZx357Eb
6EKTwn7j6G1bmTvtEFmFkEcYfuNYBI4DlT7ojJ7wBSylZgLs0oBsX3lP5S2xLJuD
ljtYq/UN7jfpnOpbzaCbcf66iKNY4Uz65IuKW59pQP4hwnecFNUjuxiDYdsz9qfm
1z9gFOh6WzxTEad2chYeybSC3dQg+rrt4a1ldu15N33jlIUaOkxguk2Ri+5GSnT2
utHxtTSfa5/t/IV/W53xJIDaJhRDfKBG/t0tAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUR/9M5LRDikCXgktsEX6tNwRPV9gwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1JfOU01TFJEaWtDWGdr
dHNFWDZ0TndSUFY5Zy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALbf7Av7GrJHkHWBi9BV9VrIqUmtPe9GCVB+
Hfq+FiZt4YzHpxOKbQsLDw2CdlPV/YInLowv5Wn4cbQIjsNJnDs/+7jsvDXxeGFb
qyYlUUCvjHyVmMukhCz4Ebwcv/uH+ozgFNhKQ2Jr7EFbN0bLONnZuJ33s3a9AK6U
f3IJGvsVxtbzD5tQt7ZuM5JwGC9THfiHDG6OMAkHJSzSgCQ9B1Hvf9zf7erGgdk8
tcQH+0xmY3d0gQ2luVMk5bl8T7e/7cMZ+r/vGK0OZDW73HqCs1grNEUh5RIjtflv
34H0u53TFsPZON9MzLw6+QyCdapfGrOD4+9u0MlA9aUYe3ZioGw=
-----END CERTIFICATE-----
Generated at Sat Aug 31 13:41:07 2024 by rpki-client on console-fra.rpki-client.org