Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Sk0MuObrgOacm0nUFMnHs7gZSbc.roa
File: Sk0MuObrgOacm0nUFMnHs7gZSbc.roa (raw, json)
Hash identifier: rH9Wrotv/BAOiX+h9B7wMcpWXuDlN/XZ1twReAKQdOU=
Subject key identifier: 4A:4D:0C:B8:E6:EB:80:E6:9C:9B:49:D4:14:C9:C7:B3:B8:19:49:B7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0823
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Sk0MuObrgOacm0nUFMnHs7gZSbc.roa
Signing time: Fri 27 Sep 2024 15:55:03 +0000
ROA not before: Fri 27 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2083 (0x823)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 27 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4A4D0CB8E6EB80E69C9B49D414C9C7B3B81949B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2d:8b:69:80:e1:02:bb:0a:6b:75:b5:fc:83:
64:91:da:6e:bf:7f:3a:fe:46:bd:0b:bc:ec:e7:25:
a2:38:66:20:b7:54:91:c1:a9:27:ce:22:03:26:82:
5d:d0:76:94:ee:29:16:b6:41:fc:f9:5d:cb:f7:4b:
fd:82:91:a2:9b:89:93:1f:82:39:24:11:b1:79:33:
a0:31:fa:72:6f:50:24:90:70:03:e4:04:9b:60:d8:
ca:41:a8:99:11:10:16:71:67:d6:70:b0:b3:74:07:
dc:58:78:60:98:6d:6c:19:55:ea:ca:24:0a:17:3b:
a7:af:08:ed:c7:d3:96:c4:33:b8:cb:82:5f:84:93:
f0:eb:30:a9:00:a2:33:9d:23:ee:fc:b7:5e:2b:b1:
69:cf:8f:db:58:9b:b2:8c:03:43:d9:b3:4c:e6:af:
64:e4:43:44:57:14:95:b1:03:f4:3e:fe:8f:55:ef:
c6:b7:16:fd:16:55:b9:de:7f:2a:eb:5f:67:3c:d3:
f1:23:2c:13:bc:c9:e6:e2:91:6d:06:a2:9a:94:58:
96:bd:e1:f8:92:0b:80:cd:9a:f9:04:ee:2c:b0:b6:
5a:ea:69:c6:4a:68:41:85:34:71:67:fa:a3:73:3c:
b3:c7:c9:1d:42:53:61:99:8e:98:1c:a5:85:c5:c3:
9c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4D:0C:B8:E6:EB:80:E6:9C:9B:49:D4:14:C9:C7:B3:B8:19:49:B7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Sk0MuObrgOacm0nUFMnHs7gZSbc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8c:62:e9:3b:94:44:6c:ef:c1:22:70:5f:7c:2a:34:be:78:
f6:1b:7a:5d:79:8c:ec:c0:22:af:9d:d1:ab:ff:72:0d:8c:30:
9d:ac:e5:0d:bc:f0:01:0d:f2:a0:0d:5d:04:8e:af:c1:49:57:
ef:7a:0f:a9:5c:4e:10:89:93:e5:54:0e:7f:02:9b:2a:21:4d:
ad:f6:56:bc:aa:db:e9:f9:f6:2b:34:92:22:22:e9:af:31:53:
06:29:27:d6:fe:23:59:80:99:9e:8b:92:2f:7c:0d:0a:84:65:
a7:c3:3c:64:8e:d4:09:04:c9:3f:02:f7:4a:f2:9a:82:92:9a:
bb:f7:03:aa:84:86:76:e4:95:19:ef:6f:57:b9:ed:50:4e:67:
0d:55:15:94:5a:b6:cc:68:41:b6:f7:0b:e6:f9:ae:b5:04:22:
1e:1c:7a:87:34:34:bf:c0:b7:de:1a:2c:56:21:3a:cb:4c:ec:
88:75:53:a9:94:57:1b:f4:05:82:59:5a:3b:e3:5a:c7:c4:d4:
ea:dd:89:04:35:3b:6b:d7:b9:94:1c:77:55:78:0c:ae:57:b0:
df:c3:f9:80:5a:6b:7c:ec:11:2b:f3:9f:f3:dd:12:fc:e8:17:
d5:4a:ba:5a:03:cf:52:12:c1:8a:c5:a3:3a:81:13:06:dc:42:
4b:71:54:a7
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5Mjcx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRBNEQwQ0I4RTZFQjgw
RTY5QzlCNDlENDE0QzlDN0IzQjgxOTQ5QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8LYtpgOECuwprdbX8g2SR2m6/fzr+Rr0LvOznJaI4ZiC3VJHB
qSfOIgMmgl3QdpTuKRa2Qfz5Xcv3S/2CkaKbiZMfgjkkEbF5M6Ax+nJvUCSQcAPk
BJtg2MpBqJkREBZxZ9ZwsLN0B9xYeGCYbWwZVerKJAoXO6evCO3H05bEM7jLgl+E
k/DrMKkAojOdI+78t14rsWnPj9tYm7KMA0PZs0zmr2TkQ0RXFJWxA/Q+/o9V78a3
Fv0WVbnefyrrX2c80/EjLBO8yebikW0GopqUWJa94fiSC4DNmvkE7iywtlrqacZK
aEGFNHFn+qNzPLPHyR1CU2GZjpgcpYXFw5x3AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUSk0MuObrgOacm0nUFMnHs7gZSbcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1NrME11T2JyZ09hY20w
blVGTW5IczdnWlNiYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIuMYuk7lERs78EicF98KjS+ePYbel15jOzA
Iq+d0av/cg2MMJ2s5Q288AEN8qANXQSOr8FJV+96D6lcThCJk+VUDn8CmyohTa32
Vryq2+n59is0kiIi6a8xUwYpJ9b+I1mAmZ6Lki98DQqEZafDPGSO1AkEyT8C90ry
moKSmrv3A6qEhnbklRnvb1e57VBOZw1VFZRatsxoQbb3C+b5rrUEIh4ceoc0NL/A
t94aLFYhOstM7Ih1U6mUVxv0BYJZWjvjWsfE1OrdiQQ1O2vXuZQcd1V4DK5XsN/D
+YBaa3zsESvzn/PdEvzoF9VKuloDz1ISwYrFozqBEwbcQktxVKc=
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:27:47 2024 by rpki-client on console-fra.rpki-client.org