Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Yb_L3TgR8HVSTAtuc9DhVEgQQKQ.roa
File: Yb_L3TgR8HVSTAtuc9DhVEgQQKQ.roa (raw, json)
Hash identifier: ukiSFUkjo1l4y7icuYpkNU09pqMfVm+nW6tWlEssWjY=
Subject key identifier: 61:BF:CB:DD:38:11:F0:75:52:4C:0B:6E:73:D0:E1:54:48:10:40:A4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0853
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Yb_L3TgR8HVSTAtuc9DhVEgQQKQ.roa
Signing time: Wed 02 Oct 2024 23:55:03 +0000
ROA not before: Wed 02 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2131 (0x853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 2 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61BFCBDD3811F075524C0B6E73D0E154481040A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2a:a4:0c:cf:37:8d:3e:9e:7f:74:7a:38:6d:
b6:6f:87:84:32:c8:48:79:fd:79:ac:0c:cc:5b:ba:
ba:50:09:77:07:67:9f:2e:74:1b:97:3a:c7:f0:72:
e8:be:33:2f:2c:3b:f9:49:b9:fa:d6:2b:5b:ba:f8:
54:57:c6:61:f7:89:c9:be:f4:38:98:b7:b2:51:7f:
77:75:f5:62:32:89:f2:1f:76:3d:51:4d:39:a4:be:
d6:6c:7e:de:79:6f:2e:40:40:cf:e1:61:e3:d1:7a:
93:7b:83:42:52:33:aa:fb:86:73:5f:6e:62:15:c6:
bf:ea:00:6f:5f:43:b6:1e:69:1b:24:7e:98:d3:a9:
fa:13:46:1a:bd:e7:4e:41:46:a0:ce:b0:57:56:dd:
c5:cb:ea:91:bf:e4:3b:be:87:f7:01:27:63:bc:31:
7a:f3:36:c4:5e:ba:ce:46:46:b5:b3:58:24:a3:f4:
86:62:ca:ba:6f:d9:b3:c5:a0:13:ed:fa:89:67:12:
2d:64:62:0a:f8:53:33:0c:e7:7e:52:c4:c8:8b:1e:
48:74:14:e4:fc:9c:75:6b:a6:96:3f:41:8e:6c:79:
31:6b:ed:1c:37:aa:c5:28:a7:da:ea:8f:46:24:ed:
7b:73:83:6b:39:e3:98:d6:9b:cd:c6:a6:c0:b6:dc:
06:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BF:CB:DD:38:11:F0:75:52:4C:0B:6E:73:D0:E1:54:48:10:40:A4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Yb_L3TgR8HVSTAtuc9DhVEgQQKQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
de:e2:bd:46:1b:18:49:44:76:05:82:33:7f:35:65:a8:15:09:
60:e0:b4:f9:9b:cd:88:1e:7a:50:0e:c5:4d:2d:6f:cd:f8:93:
25:45:db:17:0f:ed:a3:ba:8b:82:85:24:2c:0f:a5:0f:ed:45:
6e:cc:47:9d:74:a7:a2:7b:7e:8c:5b:c0:8a:19:9a:7e:0a:7f:
b2:7c:de:dd:c6:b2:19:b5:31:ec:f3:a3:27:a3:29:b7:fc:99:
91:a8:bd:ec:08:9e:f2:41:89:90:0f:7f:b0:a9:74:c7:90:f5:
80:1f:4d:27:f3:62:b5:9b:a2:61:a1:f0:47:1a:81:29:c2:9c:
07:d4:59:2f:11:bb:c2:19:0e:55:be:a0:fc:5a:61:34:4d:dc:
7e:12:9f:66:c2:2b:df:e1:c3:3c:56:94:ed:c8:e6:54:66:18:
c6:81:b7:51:d6:16:d3:86:ce:09:ec:65:88:9e:bf:7d:6e:b1:
30:97:1f:66:73:e8:a1:a9:de:d9:b6:71:7c:6c:e9:ea:b1:47:
2d:de:d4:e7:fe:2e:29:0f:f4:f7:05:85:5b:12:25:87:cd:80:
95:02:aa:31:a4:5c:13:ea:75:6d:a2:3c:2e:54:c2:c5:86:01:
f4:80:fe:6b:fb:e9:24:ed:71:53:22:58:2a:dd:22:64:68:f1:
1c:7f:5e:8c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYxQkZDQkREMzgxMUYw
NzU1MjRDMEI2RTczRDBFMTU0NDgxMDQwQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVKqQMzzeNPp5/dHo4bbZvh4QyyEh5/XmsDMxburpQCXcHZ58u
dBuXOsfwcui+My8sO/lJufrWK1u6+FRXxmH3icm+9DiYt7JRf3d19WIyifIfdj1R
TTmkvtZsft55by5AQM/hYePRepN7g0JSM6r7hnNfbmIVxr/qAG9fQ7YeaRskfpjT
qfoTRhq9505BRqDOsFdW3cXL6pG/5Du+h/cBJ2O8MXrzNsReus5GRrWzWCSj9IZi
yrpv2bPFoBPt+olnEi1kYgr4UzMM535SxMiLHkh0FOT8nHVrppY/QY5seTFr7Rw3
qsUop9rqj0Yk7Xtzg2s545jWm83GpsC23Ab9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUYb/L3TgR8HVSTAtuc9DhVEgQQKQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1liX0wzVGdSOEhWU1RB
dHVjOURoVkVnUVFLUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAN7ivUYbGElEdgWCM381ZagVCWDgtPmbzYge
elAOxU0tb834kyVF2xcP7aO6i4KFJCwPpQ/tRW7MR510p6J7foxbwIoZmn4Kf7J8
3t3Gshm1MezzoyejKbf8mZGovewInvJBiZAPf7CpdMeQ9YAfTSfzYrWbomGh8Eca
gSnCnAfUWS8Ru8IZDlW+oPxaYTRN3H4Sn2bCK9/hwzxWlO3I5lRmGMaBt1HWFtOG
zgnsZYiev31usTCXH2Zz6KGp3tm2cXxs6eqxRy3e1Of+LikP9PcFhVsSJYfNgJUC
qjGkXBPqdW2iPC5UwsWGAfSA/mv76STtcVMiWCrdImRo8Rx/Xow=
-----END CERTIFICATE-----
Generated at Thu Oct 3 07:10:28 2024 by rpki-client on console-ams.rpki-client.org