Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Z7olMBTpfpAgg8vq6xRpBfD-dE0.roa
File: Z7olMBTpfpAgg8vq6xRpBfD-dE0.roa (raw, json)
Hash identifier: pLnwr07cpLPrjvf1dAtDVVYieP8jf9MJIhSwFxwuByw=
Subject key identifier: 67:BA:25:30:14:E9:7E:90:20:83:CB:EA:EB:14:69:05:F0:FE:74:4D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 074B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Z7olMBTpfpAgg8vq6xRpBfD-dE0.roa
Signing time: Tue 03 Sep 2024 15:55:04 +0000
ROA not before: Tue 03 Sep 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1867 (0x74b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 3 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67BA253014E97E902083CBEAEB146905F0FE744D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:42:cf:4a:18:36:51:59:fe:b9:4e:dd:de:6d:
2a:49:af:29:87:ee:97:57:65:4f:89:f3:69:7d:bc:
1c:c6:7e:da:c4:45:51:7d:18:8c:e3:38:af:b8:73:
16:ed:1c:f1:ea:fb:90:a9:92:78:f3:3e:10:3f:49:
7d:56:ed:56:2d:d9:1f:34:43:cf:42:22:40:0b:62:
46:ab:c8:47:e2:58:43:35:d1:1f:e3:b9:87:5b:57:
c0:6b:17:74:2b:62:76:ed:14:35:58:b0:b8:6a:6e:
8e:c5:2e:26:f2:5e:8c:f6:bd:4a:da:cc:f1:aa:76:
46:88:92:d6:b1:da:40:8c:2d:89:62:a0:36:62:7a:
ad:5d:58:8b:03:43:d4:50:ef:fc:2e:03:0e:7f:bd:
bb:d4:c8:bd:76:65:6a:eb:6b:ce:14:7a:63:52:eb:
76:80:b5:82:2e:1c:27:87:d9:1d:56:08:ab:22:64:
d5:82:82:13:9b:c1:ef:70:63:8c:5e:2c:45:a0:d4:
a5:5b:25:26:29:e9:e7:e6:0b:11:a7:09:9a:8d:91:
12:c7:ef:a1:64:b0:b7:65:8e:ce:37:ad:d5:a1:03:
36:30:50:b8:f4:ef:d3:37:c5:d1:a5:9a:45:62:cf:
45:5a:8d:88:6f:e1:ac:4d:88:b9:31:1e:fb:8d:f8:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BA:25:30:14:E9:7E:90:20:83:CB:EA:EB:14:69:05:F0:FE:74:4D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Z7olMBTpfpAgg8vq6xRpBfD-dE0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:3d:51:bd:5a:07:60:e2:62:87:59:3f:7c:8f:09:40:03:02:
04:b8:ca:4a:f8:d7:c8:0c:59:1c:23:70:a3:30:67:2d:c0:33:
84:9f:93:4f:38:18:a9:fc:21:b5:fd:7a:42:e7:99:6c:5e:75:
3a:c9:5b:2d:1b:9f:77:7a:b4:f7:58:43:45:c0:04:e2:44:1d:
8d:65:32:0e:30:1e:e2:5a:0c:ff:a6:d2:c2:a4:cb:a4:cf:e3:
c0:5f:78:d9:f4:31:4b:60:48:f0:74:f5:aa:36:ac:ba:a8:a8:
72:5e:7c:9c:85:c5:ad:af:b7:03:42:54:8b:93:f4:f2:61:59:
a3:85:52:ef:77:18:cd:f1:20:e8:7a:cc:80:8f:8b:6d:68:d0:
63:d3:17:82:b6:81:eb:b9:84:c2:a3:5b:a5:43:ba:81:0d:0c:
ee:f3:c3:a7:1f:81:84:dd:d3:3e:45:86:5d:44:60:a7:f8:e7:
d5:5e:fa:30:51:a3:d4:33:0f:9a:09:06:aa:b0:58:ed:82:7e:
4b:4e:98:75:a1:c7:24:85:0a:66:90:7f:59:26:bb:ee:bc:ac:
dd:9f:0d:6c:d1:41:e8:5b:ab:92:a0:5e:f5:42:04:e8:a9:c0:
46:1d:9d:70:4a:20:4a:77:df:ab:86:0e:80:48:37:9f:2c:2a:
e5:de:78:41
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDMx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY3QkEyNTMwMTRFOTdF
OTAyMDgzQ0JFQUVCMTQ2OTA1RjBGRTc0NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5Qs9KGDZRWf65Tt3ebSpJrymH7pdXZU+J82l9vBzGftrERVF9
GIzjOK+4cxbtHPHq+5CpknjzPhA/SX1W7VYt2R80Q89CIkALYkaryEfiWEM10R/j
uYdbV8BrF3QrYnbtFDVYsLhqbo7FLibyXoz2vUrazPGqdkaIktax2kCMLYlioDZi
eq1dWIsDQ9RQ7/wuAw5/vbvUyL12ZWrra84UemNS63aAtYIuHCeH2R1WCKsiZNWC
ghObwe9wY4xeLEWg1KVbJSYp6efmCxGnCZqNkRLH76FksLdljs43rdWhAzYwULj0
79M3xdGlmkViz0VajYhv4axNiLkxHvuN+JnlAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUZ7olMBTpfpAgg8vq6xRpBfD+dE0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1o3b2xNQlRwZnBBZ2c4
dnE2eFJwQmZELWRFMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALk9Ub1aB2DiYodZP3yPCUADAgS4ykr418gM
WRwjcKMwZy3AM4Sfk084GKn8IbX9ekLnmWxedTrJWy0bn3d6tPdYQ0XABOJEHY1l
Mg4wHuJaDP+m0sKky6TP48BfeNn0MUtgSPB09ao2rLqoqHJefJyFxa2vtwNCVIuT
9PJhWaOFUu93GM3xIOh6zICPi21o0GPTF4K2geu5hMKjW6VDuoENDO7zw6cfgYTd
0z5Fhl1EYKf459Ve+jBRo9QzD5oJBqqwWO2CfktOmHWhxySFCmaQf1kmu+68rN2f
DWzRQehbq5KgXvVCBOipwEYdnXBKIEp336uGDoBIN58sKuXeeEE=
-----END CERTIFICATE-----
Generated at Tue Sep 3 20:58:29 2024 by rpki-client on console-fra.rpki-client.org