Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/a8qs9NWopCKnIaJuJffIljUx40M.roa
File: a8qs9NWopCKnIaJuJffIljUx40M.roa (raw, json)
Hash identifier: rN9VHTeeIMOJS/T7d/UWm9U8B24R7ACHLSyYllXcv4U=
Subject key identifier: 6B:CA:AC:F4:D5:A8:A4:22:A7:21:A2:6E:25:F7:C8:96:35:31:E3:43
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0496
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/a8qs9NWopCKnIaJuJffIljUx40M.roa
Signing time: Tue 18 Jun 2024 15:55:03 +0000
ROA not before: Tue 18 Jun 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1174 (0x496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 18 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6BCAACF4D5A8A422A721A26E25F7C8963531E343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7c:66:06:14:69:d1:ea:9c:50:ee:ba:9e:42:
2f:2b:20:0f:c9:35:9f:90:88:52:4c:f5:99:c1:13:
05:78:55:cf:82:14:f6:55:37:4c:61:70:b4:1d:af:
a1:ec:62:39:5c:3d:fe:21:52:85:59:9b:c7:d7:a9:
bd:c0:6e:c7:41:1e:4b:5a:58:b6:5d:90:1e:4c:49:
8a:7e:a3:e1:78:86:c8:b4:c9:c4:9c:ab:f1:a8:90:
21:bd:ae:7e:bd:1a:61:fe:1c:15:55:60:df:af:a4:
09:7f:b9:31:42:45:1d:6f:d5:6e:82:e2:c3:bf:b2:
ca:49:72:71:d5:98:c3:b3:c2:98:dd:6e:33:40:24:
a3:2f:8c:41:f3:ac:bf:5a:90:cf:c0:94:aa:8e:b7:
2c:70:32:de:5f:22:55:9e:50:7c:53:97:f4:03:08:
56:86:d5:7e:22:4c:7b:ec:ae:82:32:79:76:9c:44:
6b:c2:5d:44:fc:a0:2f:de:d7:b5:a0:fa:b0:ea:f6:
49:85:f5:90:c2:80:10:1f:26:95:0a:46:b8:9f:0f:
5a:55:f0:65:9c:d6:8a:fc:4b:60:9c:c9:9e:da:d4:
d8:2a:89:c0:b0:d3:40:e1:1d:99:90:33:b3:e1:05:
09:73:a9:35:a8:1e:bf:83:1d:b4:b2:4e:33:a3:05:
70:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:CA:AC:F4:D5:A8:A4:22:A7:21:A2:6E:25:F7:C8:96:35:31:E3:43
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/a8qs9NWopCKnIaJuJffIljUx40M.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
95:88:7c:62:73:94:9f:86:ff:98:a1:92:20:89:06:86:b6:2a:
f2:91:d8:2a:15:42:bd:8f:9a:09:e4:08:ec:36:26:54:59:12:
2f:0d:1d:b8:49:3f:5c:f2:85:96:ca:b3:51:34:91:d5:dd:27:
cf:d4:f6:cb:4b:cd:cd:f7:0e:cf:20:82:65:40:b4:e7:93:70:
7f:c6:3d:e9:1e:7e:db:43:f6:c5:3e:89:53:51:cc:df:b1:4d:
f3:ec:c1:db:1d:18:cb:cb:40:06:4e:04:f8:4d:21:ed:03:cf:
52:fc:70:e6:ca:e9:32:b2:7e:f3:7f:7d:32:30:21:eb:bf:eb:
da:c5:5c:8a:95:ae:e4:2d:2e:c8:cc:15:18:cc:58:8a:0e:4f:
78:89:10:cd:a9:fb:50:81:1d:42:60:48:aa:88:42:1d:c9:81:
95:15:ee:86:93:30:88:98:63:ac:9f:88:56:b6:b0:a2:04:36:
7c:a3:7e:6c:f7:4a:48:4a:e6:6a:1a:eb:7b:34:ee:e6:ac:9e:
02:97:72:0b:68:ec:01:d2:a4:66:76:06:63:65:43:76:9c:93:
2d:87:9b:97:c2:5b:5b:27:f6:d8:92:b8:5b:39:61:ad:98:16:
51:e6:fd:07:f0:54:b8:83:12:f2:0c:98:94:58:a5:3b:c7:b2:
63:fd:bf:e5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MTgx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZCQ0FBQ0Y0RDVBOEE0
MjJBNzIxQTI2RTI1RjdDODk2MzUzMUUzNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCofGYGFGnR6pxQ7rqeQi8rIA/JNZ+QiFJM9ZnBEwV4Vc+CFPZV
N0xhcLQdr6HsYjlcPf4hUoVZm8fXqb3AbsdBHktaWLZdkB5MSYp+o+F4hsi0ycSc
q/GokCG9rn69GmH+HBVVYN+vpAl/uTFCRR1v1W6C4sO/sspJcnHVmMOzwpjdbjNA
JKMvjEHzrL9akM/AlKqOtyxwMt5fIlWeUHxTl/QDCFaG1X4iTHvsroIyeXacRGvC
XUT8oC/e17Wg+rDq9kmF9ZDCgBAfJpUKRrifD1pV8GWc1or8S2CcyZ7a1NgqicCw
00DhHZmQM7PhBQlzqTWoHr+DHbSyTjOjBXDXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUa8qs9NWopCKnIaJuJffIljUx40MwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2E4cXM5TldvcENLbklh
SnVKZmZJbGpVeDQwTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJWIfGJzlJ+G/5ihkiCJBoa2KvKR2CoVQr2P
mgnkCOw2JlRZEi8NHbhJP1zyhZbKs1E0kdXdJ8/U9stLzc33Ds8ggmVAtOeTcH/G
PekefttD9sU+iVNRzN+xTfPswdsdGMvLQAZOBPhNIe0Dz1L8cObK6TKyfvN/fTIw
Ieu/69rFXIqVruQtLsjMFRjMWIoOT3iJEM2p+1CBHUJgSKqIQh3JgZUV7oaTMIiY
Y6yfiFa2sKIENnyjfmz3SkhK5moa63s07uasngKXcgto7AHSpGZ2BmNlQ3acky2H
m5fCW1sn9tiSuFs5Ya2YFlHm/QfwVLiDEvIMmJRYpTvHsmP9v+U=
-----END CERTIFICATE-----
Generated at Tue Jun 18 22:10:15 2024 by rpki-client on console-fra.rpki-client.org