Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/V9a5ZdxzPpDSmWHgv34iAUOYT18.roa
File: V9a5ZdxzPpDSmWHgv34iAUOYT18.roa (raw, json)
Hash identifier: pif8qAcJ/aQVnBwtaDOm5E4RUt2KGXipIGIhJhFKlAA=
Subject key identifier: 57:D6:B9:65:DC:73:3E:90:D2:99:61:E0:BF:7E:22:01:43:98:4F:5F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07BD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/V9a5ZdxzPpDSmWHgv34iAUOYT18.roa
Signing time: Mon 16 Sep 2024 07:55:03 +0000
ROA not before: Mon 16 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1981 (0x7bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 16 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57D6B965DC733E90D29961E0BF7E220143984F5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6c:e2:09:94:c8:7a:2a:81:ae:3a:76:fc:9b:
6c:7d:cb:54:ca:7a:ac:7a:a1:9b:6b:b4:f0:1f:50:
75:20:b9:d1:c8:ff:55:1e:7a:88:f3:aa:de:4d:5f:
16:37:84:c3:40:cf:67:55:51:ef:a8:c1:29:9b:65:
49:a1:74:1c:5d:80:07:5d:28:13:f3:e4:7a:af:bb:
48:a0:8e:f2:04:d6:53:10:85:67:4b:78:f4:f1:1c:
22:4c:0a:05:a3:78:58:05:1d:29:22:99:19:de:ac:
38:4f:8d:32:94:e5:45:83:45:c0:b9:45:1b:51:97:
53:fd:a1:ec:a0:f8:34:3d:a3:bc:70:b2:41:d0:2b:
e9:69:a7:2e:83:8c:4e:f9:a9:69:34:73:e4:0f:a7:
29:60:ac:29:f7:f9:e2:bc:79:cf:e9:cc:69:f2:a4:
ec:8e:4e:17:89:be:30:6f:63:8a:35:8a:fe:72:4f:
60:f8:88:dd:02:85:e0:64:19:33:56:59:b1:86:89:
2e:0c:b2:4b:52:8a:c9:4e:4c:53:45:2a:be:36:3f:
a7:6f:6e:64:32:ee:76:69:c1:4d:bf:f1:d6:2f:99:
9f:e3:fd:c6:18:cc:53:db:ae:37:7c:e4:ea:57:0f:
ff:52:c1:57:3c:99:ed:50:84:49:8b:fc:0c:f3:a3:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D6:B9:65:DC:73:3E:90:D2:99:61:E0:BF:7E:22:01:43:98:4F:5F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/V9a5ZdxzPpDSmWHgv34iAUOYT18.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:12:13:e6:d8:d7:63:88:fd:36:08:93:b0:68:8c:e6:53:a5:
c1:c4:33:2f:3c:e1:4c:cb:f9:25:7d:d4:0a:0b:bb:72:b6:b7:
11:a9:4c:77:9c:9e:99:02:ac:24:a1:00:6c:7f:1e:c6:a4:6e:
5a:7d:34:14:89:1e:0e:55:47:63:34:0b:00:70:23:db:4b:a5:
00:98:a3:c5:81:44:8d:6d:a7:b1:a4:44:92:86:67:95:10:e5:
77:d9:78:2b:6c:0c:fa:cf:f9:79:e5:09:a1:5f:97:6e:6d:cb:
8e:52:83:a3:88:dc:85:58:be:03:2b:b9:82:d3:d3:79:ea:4d:
f9:85:4b:bb:71:5a:37:d8:18:1f:f3:9a:90:b5:89:54:dc:86:
be:c1:4b:36:d0:7d:36:5e:0e:70:64:12:0a:12:af:e1:ab:ed:
08:6b:7d:14:25:cf:5d:c7:4c:21:88:f2:d8:c5:fb:bf:ae:17:
cd:5b:3f:75:13:0e:f3:18:72:54:01:97:ac:a4:ff:6d:6c:17:
5a:87:08:99:60:f1:34:1f:24:7a:fe:94:b8:cb:30:df:59:3c:
d8:89:f1:37:96:5b:e4:d1:c6:ca:7b:69:fc:d1:6f:66:62:e6:
77:cb:24:27:a3:42:51:0b:62:80:73:07:6b:70:35:e2:ed:04:
6f:19:a6:ed
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB70wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTYw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU3RDZCOTY1REM3MzNF
OTBEMjk5NjFFMEJGN0UyMjAxNDM5ODRGNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChbOIJlMh6KoGuOnb8m2x9y1TKeqx6oZtrtPAfUHUgudHI/1Ue
eojzqt5NXxY3hMNAz2dVUe+owSmbZUmhdBxdgAddKBPz5Hqvu0igjvIE1lMQhWdL
ePTxHCJMCgWjeFgFHSkimRnerDhPjTKU5UWDRcC5RRtRl1P9oeyg+DQ9o7xwskHQ
K+lppy6DjE75qWk0c+QPpylgrCn3+eK8ec/pzGnypOyOTheJvjBvY4o1iv5yT2D4
iN0CheBkGTNWWbGGiS4MsktSislOTFNFKr42P6dvbmQy7nZpwU2/8dYvmZ/j/cYY
zFPbrjd85OpXD/9SwVc8me1QhEmL/Azzow9PAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUV9a5ZdxzPpDSmWHgv34iAUOYT18wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1Y5YTVaZHh6UHBEU21X
SGd2MzRpQVVPWVQxOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJ4SE+bY12OI/TYIk7BojOZTpcHEMy884UzL
+SV91AoLu3K2txGpTHecnpkCrCShAGx/Hsakblp9NBSJHg5VR2M0CwBwI9tLpQCY
o8WBRI1tp7GkRJKGZ5UQ5XfZeCtsDPrP+XnlCaFfl25ty45Sg6OI3IVYvgMruYLT
03nqTfmFS7txWjfYGB/zmpC1iVTchr7BSzbQfTZeDnBkEgoSr+Gr7QhrfRQlz13H
TCGI8tjF+7+uF81bP3UTDvMYclQBl6yk/21sF1qHCJlg8TQfJHr+lLjLMN9ZPNiJ
8TeWW+TRxsp7afzRb2Zi5nfLJCejQlELYoBzB2twNeLtBG8Zpu0=
-----END CERTIFICATE-----
Generated at Mon Sep 16 14:52:51 2024 by rpki-client on console-ams.rpki-client.org