Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/bgRiHFx3ReoEBj_eOmXfo6dzwEQ.roa
File: bgRiHFx3ReoEBj_eOmXfo6dzwEQ.roa (raw, json)
Hash identifier: EoZhXt4+qL+L+Cc37IPtQbJJ7hqFAcKIpb6oMbTf9Vk=
Subject key identifier: 6E:04:62:1C:5C:77:45:EA:04:06:3F:DE:3A:65:DF:A3:A7:73:C0:44
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09EC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/bgRiHFx3ReoEBj_eOmXfo6dzwEQ.roa
Signing time: Sun 17 Nov 2024 07:55:03 +0000
ROA not before: Sun 17 Nov 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2540 (0x9ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 17 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6E04621C5C7745EA04063FDE3A65DFA3A773C044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:81:fb:c8:cf:f1:19:de:70:e7:a2:37:08:44:
bf:90:7b:50:29:04:85:2e:45:6f:c2:c1:3d:e8:07:
92:c8:ad:d7:05:28:60:a1:13:69:87:5e:f9:ef:b4:
6d:ea:37:12:d2:92:8f:3b:2f:98:71:be:b4:77:3b:
29:7b:e4:5a:1f:f5:ab:e5:a0:76:bc:d4:d9:ca:66:
57:17:a2:b6:64:d5:02:f1:2d:c2:73:32:4d:60:a4:
2d:e5:42:a1:bd:f0:68:6d:8b:bd:80:23:8b:ab:b4:
62:67:4c:0f:8d:2d:71:13:bd:20:c5:4b:37:f0:5b:
f0:4d:1c:9a:59:6c:2b:26:8f:c4:23:28:27:6f:a9:
55:e4:9d:b9:e9:71:bb:f9:d7:62:63:76:e1:83:1a:
6d:2a:95:3b:75:a2:ef:e8:b9:d1:8e:a3:ae:9c:00:
e5:41:cf:c6:45:6b:4f:a8:b8:7b:c0:b5:b9:00:c8:
ca:4a:89:4f:fb:46:79:df:8f:ba:75:ad:a4:57:39:
50:c5:ee:b9:a0:9a:b2:bc:05:72:80:e2:8d:ae:37:
f3:0d:52:44:7d:a2:9d:b0:3f:b7:1e:33:f3:53:b5:
5c:51:87:6d:33:6c:75:20:6e:6e:5d:aa:62:e3:8b:
8f:97:12:bd:81:ff:33:22:19:3d:4f:a3:ba:03:a0:
8d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:04:62:1C:5C:77:45:EA:04:06:3F:DE:3A:65:DF:A3:A7:73:C0:44
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/bgRiHFx3ReoEBj_eOmXfo6dzwEQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
48:0f:51:32:bd:d2:61:00:f0:09:3b:c9:93:2b:74:4c:11:68:
60:c9:5c:a0:d1:82:e5:be:ff:d0:94:f5:fb:f1:16:a8:cb:a8:
c0:c6:3d:fb:d1:95:bc:46:3f:d6:bc:ab:6f:48:60:1f:cf:6b:
57:52:31:36:a1:b9:7c:0b:50:54:b5:ea:79:ff:02:8e:0d:44:
cf:a9:4e:4e:b1:1a:d3:09:c8:c4:4e:bb:a3:a2:40:54:5f:4d:
6a:2b:ae:09:49:0a:7b:25:df:21:d1:53:66:c5:d6:b8:34:d2:
87:8f:8c:eb:60:68:2a:96:e5:26:a7:f4:58:eb:48:bb:94:d8:
56:57:24:7a:85:a9:36:0a:c0:b6:41:e3:70:fd:e1:5c:ab:a6:
79:81:9c:e2:d8:6b:e6:d1:3c:35:b0:26:75:6a:8b:fa:c6:4c:
b8:d4:77:0e:e3:72:d8:e4:0e:05:5a:f5:69:bd:de:49:b3:9a:
ed:ca:97:7c:ba:e7:b4:41:64:16:2a:cb:ae:01:bf:1b:e4:69:
ff:1e:61:f3:15:b0:e3:f9:f6:21:29:54:07:eb:ca:21:8d:30:
1f:67:65:0f:89:59:df:49:53:d2:61:76:6d:2d:e8:b1:72:14:
fe:00:86:c8:0e:98:e8:50:c3:12:d1:dc:b3:fc:5c:0c:a9:1b:
44:10:ae:b7
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZFMDQ2MjFDNUM3NzQ1
RUEwNDA2M0ZERTNBNjVERkEzQTc3M0MwNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkgfvIz/EZ3nDnojcIRL+Qe1ApBIUuRW/CwT3oB5LIrdcFKGCh
E2mHXvnvtG3qNxLSko87L5hxvrR3Oyl75Fof9avloHa81NnKZlcXorZk1QLxLcJz
Mk1gpC3lQqG98Ghti72AI4urtGJnTA+NLXETvSDFSzfwW/BNHJpZbCsmj8QjKCdv
qVXknbnpcbv512JjduGDGm0qlTt1ou/oudGOo66cAOVBz8ZFa0+ouHvAtbkAyMpK
iU/7Rnnfj7p1raRXOVDF7rmgmrK8BXKA4o2uN/MNUkR9op2wP7ceM/NTtVxRh20z
bHUgbm5dqmLji4+XEr2B/zMiGT1Po7oDoI1pAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUbgRiHFx3ReoEBj/eOmXfo6dzwEQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2JnUmlIRngzUmVvRUJq
X2VPbVhmbzZkendFUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEgPUTK90mEA8Ak7yZMrdEwRaGDJXKDRguW+
/9CU9fvxFqjLqMDGPfvRlbxGP9a8q29IYB/Pa1dSMTahuXwLUFS16nn/Ao4NRM+p
Tk6xGtMJyMROu6OiQFRfTWorrglJCnsl3yHRU2bF1rg00oePjOtgaCqW5San9Fjr
SLuU2FZXJHqFqTYKwLZB43D94VyrpnmBnOLYa+bRPDWwJnVqi/rGTLjUdw7jctjk
DgVa9Wm93kmzmu3Kl3y657RBZBYqy64Bvxvkaf8eYfMVsOP59iEpVAfryiGNMB9n
ZQ+JWd9JU9Jhdm0t6LFyFP4AhsgOmOhQwxLR3LP8XAypG0QQrrc=
-----END CERTIFICATE-----
Generated at Sun Nov 17 15:03:09 2024 by rpki-client on console-ams.rpki-client.org