Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/U1bZJrcIKtee2dgLk5Ztkf-nsoE.roa
File: U1bZJrcIKtee2dgLk5Ztkf-nsoE.roa (raw, json)
Hash identifier: 54LRCztfrJ8JKGOEuYSSjRNtP8T2RtyLXGKAWfbWtxM=
Subject key identifier: 53:56:D9:26:B7:08:2A:D7:9E:D9:D8:0B:93:96:6D:91:FF:A7:B2:81
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0598
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/U1bZJrcIKtee2dgLk5Ztkf-nsoE.roa
Signing time: Wed 17 Jul 2024 07:55:03 +0000
ROA not before: Wed 17 Jul 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1432 (0x598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 17 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5356D926B7082AD79ED9D80B93966D91FFA7B281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cf:b7:9d:8b:2c:2b:45:6d:f5:fe:14:1d:63:
be:c3:b1:b2:f6:77:c3:88:56:a0:e5:22:60:20:06:
0e:53:0c:c8:40:6a:ab:cd:e0:5a:fc:9e:4b:75:43:
fe:e7:e5:e9:25:ba:74:37:32:db:83:d8:a9:32:0d:
6d:ec:19:2a:19:68:42:ef:ca:ac:60:6a:9c:70:bc:
68:5b:c4:1c:7a:fd:b5:1c:8b:3b:61:c7:57:2d:13:
d1:1f:dd:0b:e0:cc:9e:82:03:c7:c2:8c:da:16:6e:
80:a8:f5:12:79:fd:aa:81:8a:f1:5b:e4:f3:4e:75:
5f:60:e6:62:81:51:a8:db:5e:35:04:45:81:c6:0c:
0a:03:89:16:04:ba:07:a6:46:0d:f0:ba:17:bc:9c:
94:1e:b1:eb:7c:64:38:b8:4d:db:ee:90:e5:f5:c0:
b9:81:42:88:9d:bb:ab:93:68:89:94:0c:a8:48:0a:
3e:cb:a5:65:8a:1d:5b:64:89:c2:9c:72:fc:21:13:
ce:69:d2:00:d2:8f:a2:96:3a:64:1e:14:d9:56:80:
24:2c:27:4c:5d:6b:9e:28:34:eb:58:1a:17:8c:65:
1b:60:2b:1a:25:5d:12:72:be:66:f0:00:cb:f0:a3:
a9:aa:ce:b2:b2:f0:52:6d:3d:91:57:9b:0c:01:6f:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:56:D9:26:B7:08:2A:D7:9E:D9:D8:0B:93:96:6D:91:FF:A7:B2:81
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/U1bZJrcIKtee2dgLk5Ztkf-nsoE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:df:99:68:d0:b1:51:9d:e7:2f:dc:f9:9f:30:e8:45:a5:06:
3a:86:8e:e2:3b:e7:58:90:db:17:ce:7d:3f:a9:81:2e:c1:6d:
b3:f2:46:38:5f:8f:96:7a:8b:57:d5:37:31:bc:75:6d:ca:80:
f7:4d:e6:a9:ba:12:1c:b5:5d:86:2b:71:c4:7e:ee:78:78:7d:
95:dd:0c:c0:33:7c:9b:16:53:af:f0:d5:6d:44:d0:96:10:e1:
13:e1:38:c7:80:db:d7:3f:6e:cf:90:2b:d0:03:ff:88:3e:57:
da:46:74:55:26:27:27:33:91:cd:f3:ab:11:f2:99:9c:5d:6c:
d9:06:5b:e2:be:a4:48:8e:a0:75:dc:60:95:c5:8d:a9:7c:bf:
43:0f:6f:2f:8b:0c:16:8e:8c:54:01:13:e2:c0:41:c0:9d:2c:
65:da:4d:ee:39:7b:74:a8:68:0e:c2:4c:d5:5a:db:89:8c:6a:
e8:bf:eb:b5:71:20:d7:e1:c5:98:a5:57:77:0c:86:4e:1c:f2:
99:1e:05:9b:6b:12:76:ab:ba:a9:f8:0f:27:07:f0:df:9d:0b:
0f:7d:40:f6:1f:35:56:bf:93:75:1f:95:d0:3b:8b:7c:50:c5:
c1:28:5c:8f:0e:91:d2:77:25:87:87:9a:d9:1f:f3:69:70:9b:
43:b3:90:66
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBZgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MTcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUzNTZEOTI2QjcwODJB
RDc5RUQ5RDgwQjkzOTY2RDkxRkZBN0IyODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChz7ediywrRW31/hQdY77DsbL2d8OIVqDlImAgBg5TDMhAaqvN
4Fr8nkt1Q/7n5eklunQ3MtuD2KkyDW3sGSoZaELvyqxgapxwvGhbxBx6/bUcizth
x1ctE9Ef3QvgzJ6CA8fCjNoWboCo9RJ5/aqBivFb5PNOdV9g5mKBUajbXjUERYHG
DAoDiRYEugemRg3wuhe8nJQeset8ZDi4TdvukOX1wLmBQoidu6uTaImUDKhICj7L
pWWKHVtkicKccvwhE85p0gDSj6KWOmQeFNlWgCQsJ0xda54oNOtYGheMZRtgKxol
XRJyvmbwAMvwo6mqzrKy8FJtPZFXmwwBb19DAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUU1bZJrcIKtee2dgLk5Ztkf+nsoEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1UxYlpKcmNJS3RlZTJk
Z0xrNVp0a2YtbnNvRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMbfmWjQsVGd5y/c+Z8w6EWlBjqGjuI751iQ
2xfOfT+pgS7BbbPyRjhfj5Z6i1fVNzG8dW3KgPdN5qm6Ehy1XYYrccR+7nh4fZXd
DMAzfJsWU6/w1W1E0JYQ4RPhOMeA29c/bs+QK9AD/4g+V9pGdFUmJyczkc3zqxHy
mZxdbNkGW+K+pEiOoHXcYJXFjal8v0MPby+LDBaOjFQBE+LAQcCdLGXaTe45e3So
aA7CTNVa24mMaui/67VxINfhxZilV3cMhk4c8pkeBZtrEnaruqn4DycH8N+dCw99
QPYfNVa/k3UfldA7i3xQxcEoXI8OkdJ3JYeHmtkf82lwm0OzkGY=
-----END CERTIFICATE-----
Generated at Wed Jul 17 14:12:18 2024 by rpki-client on console-fra.rpki-client.org