Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/VOFUzaPFBDOqBu2JYE0NtpZASxc.roa
File: VOFUzaPFBDOqBu2JYE0NtpZASxc.roa (raw, json)
Hash identifier: KtMwY3LKpVicZvFAos8d5PZPtE9z4fMEbJJbkMUV4dg=
Subject key identifier: 54:E1:54:CD:A3:C5:04:33:AA:06:ED:89:60:4D:0D:B6:96:40:4B:17
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0971
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/VOFUzaPFBDOqBu2JYE0NtpZASxc.roa
Signing time: Sun 03 Nov 2024 15:55:03 +0000
ROA not before: Sun 03 Nov 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2417 (0x971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 3 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54E154CDA3C50433AA06ED89604D0DB696404B17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ef:b4:bc:6f:70:0f:c4:cd:d7:e0:33:c2:dc:
d8:22:76:b6:5a:8e:72:d3:dc:d0:56:87:39:ca:06:
c4:03:fe:87:ad:cb:a5:07:8d:24:39:bb:ca:d9:33:
ff:54:89:39:85:14:59:9c:69:b2:5e:52:ad:f8:4f:
03:cd:27:f2:b2:21:50:59:da:24:3a:a6:b0:85:90:
20:8d:43:35:71:ca:4b:0a:24:e6:0c:cd:23:69:2e:
48:2b:9c:31:68:dc:8f:29:51:7e:df:de:e4:df:39:
70:02:6c:af:57:03:c5:84:04:e8:a1:6e:83:82:8a:
9f:0f:7a:f3:18:16:bb:4d:b6:d4:95:9b:c1:9e:42:
43:12:83:f5:db:3b:04:94:95:83:f7:69:62:06:2a:
2e:45:73:05:83:7a:51:f3:60:d6:4c:a9:03:0a:a1:
4c:8e:f5:c9:5b:8d:d0:20:5d:49:d5:a3:e7:67:ff:
df:aa:38:2a:41:de:7e:bc:3b:2c:a9:f4:ec:3b:be:
92:11:b4:1c:81:52:f1:76:72:0c:c2:25:5b:3b:7a:
f2:06:bc:03:a2:6b:91:56:a5:2f:29:d4:cd:a3:e0:
f2:f7:cf:8f:6d:6f:5e:ce:d4:17:15:41:20:2b:40:
3a:b5:0c:89:71:68:ea:24:03:5f:24:fe:77:26:d6:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E1:54:CD:A3:C5:04:33:AA:06:ED:89:60:4D:0D:B6:96:40:4B:17
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/VOFUzaPFBDOqBu2JYE0NtpZASxc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:60:d3:77:28:05:b7:6d:ed:52:e8:15:3e:28:ff:e9:0f:46:
8a:35:24:b9:b5:5f:13:2f:98:46:a4:69:aa:d7:08:c0:54:cd:
cb:0f:1f:8e:4c:0e:f2:3d:5d:9a:a5:e2:1a:dc:db:26:47:f0:
c7:5c:08:aa:fd:63:b8:c3:21:b4:98:39:df:a2:1a:6b:7e:10:
74:53:6a:f4:ea:d4:1f:7d:5a:3b:66:07:71:f7:fa:84:ac:f1:
bc:8a:a4:9e:39:35:78:02:61:97:b4:c5:15:10:0e:47:1e:f4:
99:e7:f9:9a:e9:af:58:f6:f3:20:52:b3:13:a6:5e:1f:f9:90:
53:4d:fd:b6:98:36:57:21:a8:b8:7b:f4:b6:89:45:19:6f:49:
53:b7:80:e8:cd:ae:be:71:dd:7a:82:49:1e:e5:2c:15:d0:22:
38:3d:14:16:86:2a:63:a0:05:5e:de:16:00:6c:18:73:41:5c:
a1:4a:96:b4:a6:38:38:b8:17:c1:2d:f1:34:7e:b1:1b:85:62:
69:40:6e:8e:c0:82:33:5a:29:19:b7:75:c6:f2:81:98:05:78:
82:0b:5e:5f:1c:2f:64:bc:be:c2:03:fa:e5:c9:d7:51:de:eb:
24:33:c3:92:5c:9b:a7:5e:85:55:7f:14:a5:a6:07:b1:14:e0:
ac:98:8c:0b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDMx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU0RTE1NENEQTNDNTA0
MzNBQTA2RUQ4OTYwNEQwREI2OTY0MDRCMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL77S8b3APxM3X4DPC3NgidrZajnLT3NBWhznKBsQD/oety6UH
jSQ5u8rZM/9UiTmFFFmcabJeUq34TwPNJ/KyIVBZ2iQ6prCFkCCNQzVxyksKJOYM
zSNpLkgrnDFo3I8pUX7f3uTfOXACbK9XA8WEBOihboOCip8PevMYFrtNttSVm8Ge
QkMSg/XbOwSUlYP3aWIGKi5FcwWDelHzYNZMqQMKoUyO9clbjdAgXUnVo+dn/9+q
OCpB3n68Oyyp9Ow7vpIRtByBUvF2cgzCJVs7evIGvAOia5FWpS8p1M2j4PL3z49t
b17O1BcVQSArQDq1DIlxaOokA18k/ncm1mOFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUVOFUzaPFBDOqBu2JYE0NtpZASxcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1ZPRlV6YVBGQkRPcUJ1
MkpZRTBOdHBaQVN4Yy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANhg03coBbdt7VLoFT4o/+kPRoo1JLm1XxMv
mEakaarXCMBUzcsPH45MDvI9XZql4hrc2yZH8MdcCKr9Y7jDIbSYOd+iGmt+EHRT
avTq1B99WjtmB3H3+oSs8byKpJ45NXgCYZe0xRUQDkce9Jnn+Zrpr1j28yBSsxOm
Xh/5kFNN/baYNlchqLh79LaJRRlvSVO3gOjNrr5x3XqCSR7lLBXQIjg9FBaGKmOg
BV7eFgBsGHNBXKFKlrSmODi4F8Et8TR+sRuFYmlAbo7AgjNaKRm3dcbygZgFeIIL
Xl8cL2S8vsID+uXJ11He6yQzw5Jcm6dehVV/FKWmB7EU4KyYjAs=
-----END CERTIFICATE-----
Generated at Sun Nov 3 22:07:16 2024 by rpki-client on console-ams.rpki-client.org