Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ao-CXhUQh2THEp6LtM-VMMogkrE.roa
File: ao-CXhUQh2THEp6LtM-VMMogkrE.roa (raw, json)
Hash identifier: mKNtelWJ7V1fQDPRiEdaJPmRi+uxg+c6af4fWbeWr38=
Subject key identifier: 6A:8F:82:5E:15:10:87:64:C7:12:9E:8B:B4:CF:95:30:CA:20:92:B1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08CB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ao-CXhUQh2THEp6LtM-VMMogkrE.roa
Signing time: Wed 16 Oct 2024 07:55:02 +0000
ROA not before: Wed 16 Oct 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2251 (0x8cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 16 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6A8F825E15108764C7129E8BB4CF9530CA2092B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:67:a2:66:34:e2:5e:5b:2a:b9:b2:e5:c3:c3:
68:73:96:2b:97:d9:1c:eb:81:17:f4:ca:c6:be:a7:
e9:27:98:46:9e:9c:c5:d1:b4:f4:eb:bf:41:ec:e8:
85:55:56:3f:70:1f:b1:87:93:e8:bb:a9:3b:86:e4:
fe:d2:75:6d:ff:3b:ac:de:14:48:5e:a5:d3:98:dd:
38:78:2e:09:29:9a:a4:46:e2:34:1e:ec:e3:41:d0:
06:0c:ed:d9:9f:28:7a:41:41:7c:b1:0b:8f:09:48:
b7:45:02:c5:3b:98:59:ce:fa:ba:1c:a4:2e:d4:45:
8a:9c:3e:5f:1b:bd:52:9a:99:89:73:20:cf:fd:13:
ad:6c:eb:8d:73:5e:e3:57:51:ab:4d:30:89:12:c9:
f8:7b:eb:c7:55:b7:30:3d:53:34:ea:69:ff:86:f5:
b7:8c:c9:f7:fc:6d:ba:b8:60:ae:75:2f:82:0e:62:
1d:33:da:a8:7c:a6:cd:72:32:43:c4:b7:c2:68:cd:
9b:e4:e8:46:70:6a:56:cf:ed:19:52:65:0c:74:11:
71:7c:af:11:64:f5:06:69:fa:f6:34:a7:db:fa:a3:
c0:c8:11:6e:70:f6:3e:b0:58:dd:96:c6:cf:60:ce:
1f:d8:59:56:0b:e5:97:b1:68:76:0c:e2:11:04:7a:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8F:82:5E:15:10:87:64:C7:12:9E:8B:B4:CF:95:30:CA:20:92:B1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ao-CXhUQh2THEp6LtM-VMMogkrE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c0:bc:fe:cc:10:ad:73:e4:48:90:d8:9d:f3:5c:63:af:5e:
86:8d:f5:cd:3c:3f:58:c9:e5:58:ed:7d:9e:b5:72:fc:21:41:
c4:6e:4b:7a:3a:77:b7:71:93:ea:20:4d:ff:05:37:8b:f1:72:
ad:48:40:45:f2:e2:dc:24:38:ae:2f:d2:c2:5f:69:ca:6c:b9:
93:86:65:99:8e:8f:d5:dc:33:49:fb:8b:a0:0c:c2:22:a0:b1:
1b:ac:f7:63:f1:0c:51:8a:34:aa:c7:a4:4c:52:07:88:9f:bc:
69:fd:94:4d:3c:51:67:2e:92:e9:bc:d4:aa:47:37:41:67:86:
bb:38:88:9e:e9:cf:b2:3b:17:ed:e8:54:8c:20:9a:f2:34:97:
1c:5a:7f:96:f2:68:fb:2f:9a:87:f3:02:d9:24:20:22:74:65:
12:f0:34:e0:ce:57:55:70:fd:9d:bb:ae:d8:97:e9:09:fe:c4:
eb:52:62:c4:b2:9a:44:3d:f7:8a:45:9e:c9:42:41:5f:15:ac:
f2:e8:f6:9e:b0:99:0f:29:4b:a9:2a:97:01:4c:57:4a:39:1f:
d8:43:87:18:6e:bc:91:c0:90:f0:a1:ce:7e:83:43:67:fe:14:
11:40:df:17:7e:dc:e6:1b:0b:2a:ea:47:f7:13:78:62:9f:cc:
8e:ef:46:8f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTYw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZBOEY4MjVFMTUxMDg3
NjRDNzEyOUU4QkI0Q0Y5NTMwQ0EyMDkyQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpZ6JmNOJeWyq5suXDw2hzliuX2RzrgRf0ysa+p+knmEaenMXR
tPTrv0Hs6IVVVj9wH7GHk+i7qTuG5P7SdW3/O6zeFEhepdOY3Th4LgkpmqRG4jQe
7ONB0AYM7dmfKHpBQXyxC48JSLdFAsU7mFnO+rocpC7URYqcPl8bvVKamYlzIM/9
E61s641zXuNXUatNMIkSyfh768dVtzA9UzTqaf+G9beMyff8bbq4YK51L4IOYh0z
2qh8ps1yMkPEt8JozZvk6EZwalbP7RlSZQx0EXF8rxFk9QZp+vY0p9v6o8DIEW5w
9j6wWN2Wxs9gzh/YWVYL5ZexaHYM4hEEejotAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUao+CXhUQh2THEp6LtM+VMMogkrEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2FvLUNYaFVRaDJUSEVw
Nkx0TS1WTU1vZ2tyRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEXAvP7MEK1z5EiQ2J3zXGOvXoaN9c08P1jJ
5VjtfZ61cvwhQcRuS3o6d7dxk+ogTf8FN4vxcq1IQEXy4twkOK4v0sJfacpsuZOG
ZZmOj9XcM0n7i6AMwiKgsRus92PxDFGKNKrHpExSB4ifvGn9lE08UWcukum81KpH
N0Fnhrs4iJ7pz7I7F+3oVIwgmvI0lxxaf5byaPsvmofzAtkkICJ0ZRLwNODOV1Vw
/Z27rtiX6Qn+xOtSYsSymkQ994pFnslCQV8VrPLo9p6wmQ8pS6kqlwFMV0o5H9hD
hxhuvJHAkPChzn6DQ2f+FBFA3xd+3OYbCyrqR/cTeGKfzI7vRo8=
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:44:38 2024 by rpki-client on console-fra.rpki-client.org