Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/aJYRQDIHst-pSM-doJrqPQhI3pg.roa
File: aJYRQDIHst-pSM-doJrqPQhI3pg.roa (raw, json)
Hash identifier: Ltf1ybrip16OLOBWWI6RFNeT7YXTjXM7lu96PvlXKX0=
Subject key identifier: 68:96:11:40:32:07:B2:DF:A9:48:CF:9D:A0:9A:EA:3D:08:48:DE:98
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0920
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/aJYRQDIHst-pSM-doJrqPQhI3pg.roa
Signing time: Fri 25 Oct 2024 15:55:02 +0000
ROA not before: Fri 25 Oct 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2336 (0x920)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 25 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=689611403207B2DFA948CF9DA09AEA3D0848DE98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:db:4b:db:cd:8a:a3:29:a2:0b:17:c4:86:1f:
32:5e:45:eb:a1:d1:0d:0d:97:3e:02:94:ef:fd:d8:
d2:18:22:cb:dc:32:3a:c5:79:7d:e8:c9:04:51:56:
e1:fa:d9:65:94:76:35:e5:7d:0e:9a:b1:ce:37:6c:
0a:86:cc:5f:82:61:99:32:46:a0:cf:41:44:25:56:
9f:1e:20:8e:fb:81:f9:8f:d8:d5:79:dd:3a:08:9c:
5b:b9:98:a8:1c:56:1f:59:72:81:7b:a9:98:21:62:
02:cf:56:10:92:ea:af:be:6c:a3:d3:65:2d:19:9f:
72:0f:5e:6e:3a:0e:3c:28:8f:34:26:8d:d6:eb:37:
65:a9:b3:1c:28:31:79:09:6b:7f:66:94:b3:fe:d0:
56:35:b9:dc:c5:7e:03:57:57:84:6a:90:9b:24:a5:
2f:6d:47:dd:f1:c3:9c:2a:71:5f:d2:08:99:97:c7:
92:59:0e:5c:2b:04:ba:72:19:67:c2:e2:58:eb:47:
6e:e6:00:f2:10:f4:bb:07:e6:62:06:54:3b:43:8f:
68:4b:fc:84:db:1d:a4:45:56:7c:fb:b5:60:7b:ee:
7f:cb:b8:5e:58:7c:fb:93:e9:30:ed:ca:b8:dc:ef:
00:11:34:7b:d1:3e:26:2c:b2:29:20:fb:f7:19:0f:
b5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:96:11:40:32:07:B2:DF:A9:48:CF:9D:A0:9A:EA:3D:08:48:DE:98
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/aJYRQDIHst-pSM-doJrqPQhI3pg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
45:29:43:73:1b:06:ee:b9:b9:16:ea:0a:b2:40:bd:06:d6:c1:
d9:e1:eb:e0:62:8f:ca:ad:49:34:75:ef:50:41:40:8f:07:cc:
87:c8:1a:d5:b0:4c:e2:be:4d:c6:46:5c:51:52:fd:d3:7e:16:
66:99:41:c1:99:2b:41:91:14:68:d6:e6:22:09:0f:53:18:1f:
e4:19:5d:bd:5a:1d:e8:3c:14:ca:d9:bc:2e:0d:b8:e3:2d:7e:
23:cb:93:3a:9d:69:e8:f7:da:83:ee:71:90:3f:8e:83:81:82:
2f:49:33:f0:0a:ea:52:6d:1e:c8:5a:97:c2:65:d5:26:64:52:
3f:be:a3:48:ea:28:4a:9c:16:c2:59:6a:88:4d:83:24:9c:a2:
62:62:1b:37:86:ad:af:aa:e3:ff:41:bc:33:7c:30:3d:f0:84:
ae:a7:55:e4:1d:81:4b:fb:9e:78:57:3f:3a:e1:5f:61:98:b6:
ef:1c:0d:79:7d:f1:92:6e:75:85:0a:4a:d4:2d:d8:18:95:06:
d6:a6:b3:ae:b3:cc:6b:f2:82:dd:43:cc:dc:94:df:e5:63:22:
7d:c0:ed:a2:44:ad:2a:14:30:a9:30:da:4c:00:74:9c:8b:b1:
7b:6d:b8:73:e4:64:ef:6b:cc:5d:20:78:a0:35:65:7b:eb:70:
a8:74:7c:bc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjUx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY4OTYxMTQwMzIwN0Iy
REZBOTQ4Q0Y5REEwOUFFQTNEMDg0OERFOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW20vbzYqjKaILF8SGHzJeReuh0Q0Nlz4ClO/92NIYIsvcMjrF
eX3oyQRRVuH62WWUdjXlfQ6asc43bAqGzF+CYZkyRqDPQUQlVp8eII77gfmP2NV5
3ToInFu5mKgcVh9ZcoF7qZghYgLPVhCS6q++bKPTZS0Zn3IPXm46DjwojzQmjdbr
N2WpsxwoMXkJa39mlLP+0FY1udzFfgNXV4RqkJskpS9tR93xw5wqcV/SCJmXx5JZ
DlwrBLpyGWfC4ljrR27mAPIQ9LsH5mIGVDtDj2hL/ITbHaRFVnz7tWB77n/LuF5Y
fPuT6TDtyrjc7wARNHvRPiYssikg+/cZD7VxAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUaJYRQDIHst+pSM+doJrqPQhI3pgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2FKWVJRRElIc3QtcFNN
LWRvSnJxUFFoSTNwZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEUpQ3MbBu65uRbqCrJAvQbWwdnh6+Bij8qt
STR171BBQI8HzIfIGtWwTOK+TcZGXFFS/dN+FmaZQcGZK0GRFGjW5iIJD1MYH+QZ
Xb1aHeg8FMrZvC4NuOMtfiPLkzqdaej32oPucZA/joOBgi9JM/AK6lJtHshal8Jl
1SZkUj++o0jqKEqcFsJZaohNgyScomJiGzeGra+q4/9BvDN8MD3whK6nVeQdgUv7
nnhXPzrhX2GYtu8cDXl98ZJudYUKStQt2BiVBtams66zzGvygt1DzNyU3+VjIn3A
7aJErSoUMKkw2kwAdJyLsXttuHPkZO9rzF0geKA1ZXvrcKh0fLw=
-----END CERTIFICATE-----
Generated at Fri Oct 25 22:39:16 2024 by rpki-client on console-ams.rpki-client.org