Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/UZjECv6qAZQy8wpLrFJ_1FzFXZs.roa
File: UZjECv6qAZQy8wpLrFJ_1FzFXZs.roa (raw, json)
Hash identifier: UFWJDIbmKYdqxb4DmJEvxHFV7G9HkJCMKvP9PEr7rLw=
Subject key identifier: 51:98:C4:0A:FE:AA:01:94:32:F3:0A:4B:AC:52:7F:D4:5C:C5:5D:9B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0511
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/UZjECv6qAZQy8wpLrFJ_1FzFXZs.roa
Signing time: Tue 02 Jul 2024 07:55:03 +0000
ROA not before: Tue 02 Jul 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1297 (0x511)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 2 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5198C40AFEAA019432F30A4BAC527FD45CC55D9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:dc:b1:3c:22:57:6e:dc:ca:03:f8:a5:b1:
cb:9d:fa:ec:a7:7f:5d:3b:d1:ed:4e:4e:26:96:82:
06:4f:09:e4:cf:14:fb:86:4b:06:56:77:37:a4:ac:
82:36:58:d7:15:25:a5:d2:ed:f0:2b:ad:ee:2c:96:
d7:68:b4:97:91:fa:4b:33:6c:43:68:85:a3:8f:ac:
b4:0e:da:59:e9:72:9b:5b:6c:92:e9:d7:9e:0d:c6:
31:75:d6:9f:f3:c6:ab:87:93:62:20:18:bf:05:fb:
cc:df:0e:7d:39:50:a5:65:a0:35:6a:9d:20:b4:0a:
a5:5a:11:79:5b:c5:1b:9d:e5:44:bf:49:6c:91:9f:
a4:c3:f1:20:c1:97:12:29:6c:11:74:be:a8:2d:92:
60:06:57:62:6e:17:9e:22:e8:fa:b9:d2:05:6c:4e:
3d:58:f2:2c:02:e6:01:46:ec:a3:c5:a7:d8:d3:59:
8e:01:99:89:3c:74:c1:b9:3e:fb:df:41:4d:b1:63:
e1:f9:d8:65:0d:7b:d9:7a:59:9b:d6:39:1f:9e:21:
a3:cd:6f:53:ec:85:42:78:91:b0:2c:a9:c8:45:d1:
e6:20:53:d6:53:3e:ed:88:b2:df:15:97:81:3b:b2:
ea:06:42:32:e3:4c:1a:50:44:6c:5c:c1:78:02:c5:
48:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:98:C4:0A:FE:AA:01:94:32:F3:0A:4B:AC:52:7F:D4:5C:C5:5D:9B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/UZjECv6qAZQy8wpLrFJ_1FzFXZs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:60:18:c5:b7:2e:16:36:30:21:49:e1:99:9e:ed:1d:47:48:
a5:5f:79:f5:04:1a:86:79:0f:57:bc:07:7d:18:0b:e9:6d:2b:
4a:08:18:5e:95:48:94:aa:08:fd:42:03:e7:bd:19:cd:ba:c3:
03:0e:c1:7b:b7:38:6c:38:5f:8a:67:cb:7e:d8:b9:74:e2:9c:
44:71:a8:b0:8f:60:1b:80:31:6f:f9:fb:4d:32:e6:74:f0:a8:
75:51:70:f7:62:64:32:a0:fe:e3:b7:ec:b7:37:e4:36:b8:09:
71:26:e1:8e:8f:30:8c:11:7b:76:7a:a0:04:31:d9:fb:42:42:
33:8a:ea:f4:83:1a:ca:26:1e:d1:f1:23:0e:39:b9:45:f3:cd:
04:bb:ce:4d:fb:b8:12:70:7f:be:51:a0:76:f6:e8:b9:e1:c3:
97:05:7b:66:2e:4d:8e:52:00:d0:66:35:bf:56:f4:d6:42:d7:
fc:92:f2:53:b5:e9:ae:a2:6d:3f:70:ec:3d:d7:23:51:f3:d3:
89:02:3f:a3:bb:bf:39:ef:83:d6:81:70:a6:88:a7:15:e5:c1:
0a:f9:9c:af:bf:16:6c:ec:dc:88:95:bb:8a:71:ce:44:df:c7:
55:cc:f5:37:69:7e:e2:2f:23:32:24:50:2b:25:4d:9f:01:c0:
a8:d6:2c:ee
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MDIw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUxOThDNDBBRkVBQTAx
OTQzMkYzMEE0QkFDNTI3RkQ0NUNDNTVEOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC76tyxPCJXbtzKA/ilscud+uynf1070e1OTiaWggZPCeTPFPuG
SwZWdzekrII2WNcVJaXS7fArre4sltdotJeR+kszbENohaOPrLQO2lnpcptbbJLp
154NxjF11p/zxquHk2IgGL8F+8zfDn05UKVloDVqnSC0CqVaEXlbxRud5US/SWyR
n6TD8SDBlxIpbBF0vqgtkmAGV2JuF54i6Pq50gVsTj1Y8iwC5gFG7KPFp9jTWY4B
mYk8dMG5PvvfQU2xY+H52GUNe9l6WZvWOR+eIaPNb1PshUJ4kbAsqchF0eYgU9ZT
Pu2Ist8Vl4E7suoGQjLjTBpQRGxcwXgCxUhtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUUZjECv6qAZQy8wpLrFJ/1FzFXZswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1VaakVDdjZxQVpReTh3
cExyRkpfMUZ6Rlhacy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFtgGMW3LhY2MCFJ4Zme7R1HSKVfefUEGoZ5
D1e8B30YC+ltK0oIGF6VSJSqCP1CA+e9Gc26wwMOwXu3OGw4X4pny37YuXTinERx
qLCPYBuAMW/5+00y5nTwqHVRcPdiZDKg/uO37Lc35Da4CXEm4Y6PMIwRe3Z6oAQx
2ftCQjOK6vSDGsomHtHxIw45uUXzzQS7zk37uBJwf75RoHb26Lnhw5cFe2YuTY5S
ANBmNb9W9NZC1/yS8lO16a6ibT9w7D3XI1Hz04kCP6O7vznvg9aBcKaIpxXlwQr5
nK+/Fmzs3IiVu4pxzkTfx1XM9TdpfuIvIzIkUCslTZ8BwKjWLO4=
-----END CERTIFICATE-----
Generated at Tue Jul 2 13:05:47 2024 by rpki-client on console-fra.rpki-client.org