Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/cCWRa08adLX3aOEKZc4Qk0zviTM.roa
File: cCWRa08adLX3aOEKZc4Qk0zviTM.roa (raw, json)
Hash identifier: LzYkvrZ4Ak5uP3aSvkq90T+SW+G8i7mfRggrW8ET2zk=
Subject key identifier: 70:25:91:6B:4F:1A:74:B5:F7:68:E1:0A:65:CE:10:93:4C:EF:89:33
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0712
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cCWRa08adLX3aOEKZc4Qk0zviTM.roa
Signing time: Wed 28 Aug 2024 07:55:03 +0000
ROA not before: Wed 28 Aug 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1810 (0x712)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 28 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7025916B4F1A74B5F768E10A65CE10934CEF8933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:77:fa:dd:d8:31:7c:d3:14:d0:c2:68:9d:28:
9c:e1:90:69:26:df:f6:95:4d:4d:09:68:67:ce:31:
4b:af:a4:58:9f:74:5c:60:8d:5b:ee:9a:9b:94:da:
59:9f:80:d9:a2:21:66:83:12:4c:9b:59:99:8d:f4:
7d:49:b5:e1:5d:82:d9:9a:c1:6a:1e:3e:4a:ff:02:
bb:af:06:d0:dd:9e:42:25:92:00:b5:19:f0:15:28:
9c:48:84:46:5a:59:d2:ba:05:48:68:15:bc:10:cc:
e4:49:0b:46:55:ac:9c:51:41:01:bd:36:77:51:f8:
26:db:d8:ff:c6:5c:cd:d2:d7:1c:4f:a3:41:24:b0:
7a:fd:bb:60:dc:86:fc:68:b7:70:fb:c6:07:c6:da:
57:e3:3f:b5:30:9f:b0:34:80:37:63:15:e6:d9:e6:
18:85:c9:c2:cb:4d:20:3b:d2:fa:6f:aa:be:44:0a:
df:69:fd:70:51:bd:20:d8:12:28:51:27:01:c6:a7:
1f:fb:78:29:7e:b1:78:5c:a2:4a:1d:bd:ca:6c:ac:
a0:ab:8b:c7:a5:1c:0a:0f:de:80:fa:38:54:42:0a:
89:89:56:a7:a3:03:8e:78:0c:f1:d5:9c:f4:d3:67:
f1:19:cb:5d:c4:f6:07:0a:ee:86:69:ed:bc:96:39:
b9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:25:91:6B:4F:1A:74:B5:F7:68:E1:0A:65:CE:10:93:4C:EF:89:33
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cCWRa08adLX3aOEKZc4Qk0zviTM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
42:eb:95:7f:53:21:54:c1:aa:9b:05:25:ca:7c:f9:93:97:ff:
5e:b5:b7:48:f7:20:f3:35:60:be:c4:6d:d1:f9:ea:3f:fd:12:
03:ee:6f:8c:09:75:e8:9c:6c:ea:69:1d:48:c3:3e:e7:07:9a:
0d:9b:25:6b:65:03:62:92:fb:36:fb:28:35:91:ff:0a:50:b3:
6a:7e:3d:45:69:ab:17:5c:2a:cc:a1:0d:bd:f3:44:41:6f:b8:
de:07:83:a7:2d:1d:f9:e3:9c:03:8d:9c:cf:b8:0d:e5:8e:08:
f6:39:bd:d7:8a:43:f1:92:db:fe:c9:ea:b9:d2:37:3e:68:e8:
1e:40:51:1c:7d:58:ff:4b:e2:57:44:9f:7f:99:a0:f8:c5:43:
f8:d1:8b:ac:86:8d:92:e1:e8:aa:ef:e1:3e:ed:22:af:61:5c:
8c:3a:80:11:47:8f:3a:a8:76:75:07:71:2b:f6:e7:a7:48:a0:
27:a0:7a:2f:0b:a7:19:d0:09:e3:50:81:12:97:55:fc:25:cf:
33:80:6d:4e:5e:2c:e3:71:8b:0f:92:b6:88:8a:2b:b3:dc:24:
17:12:fc:9a:36:75:e0:2e:c3:04:71:5c:a7:8f:af:be:8d:63:
4b:3e:c7:e6:3b:43:5a:73:4c:27:86:c3:f1:05:90:86:88:59:
b4:4e:59:31
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4Mjgw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDcwMjU5MTZCNEYxQTc0
QjVGNzY4RTEwQTY1Q0UxMDkzNENFRjg5MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwd/rd2DF80xTQwmidKJzhkGkm3/aVTU0JaGfOMUuvpFifdFxg
jVvumpuU2lmfgNmiIWaDEkybWZmN9H1JteFdgtmawWoePkr/AruvBtDdnkIlkgC1
GfAVKJxIhEZaWdK6BUhoFbwQzORJC0ZVrJxRQQG9NndR+Cbb2P/GXM3S1xxPo0Ek
sHr9u2Dchvxot3D7xgfG2lfjP7Uwn7A0gDdjFebZ5hiFycLLTSA70vpvqr5ECt9p
/XBRvSDYEihRJwHGpx/7eCl+sXhcokodvcpsrKCri8elHAoP3oD6OFRCComJVqej
A454DPHVnPTTZ/EZy13E9gcK7oZp7byWObmtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUcCWRa08adLX3aOEKZc4Qk0zviTMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2NDV1JhMDhhZExYM2FP
RUtaYzRRazB6dmlUTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAELrlX9TIVTBqpsFJcp8+ZOX/161t0j3IPM1
YL7EbdH56j/9EgPub4wJdeicbOppHUjDPucHmg2bJWtlA2KS+zb7KDWR/wpQs2p+
PUVpqxdcKsyhDb3zREFvuN4Hg6ctHfnjnAONnM+4DeWOCPY5vdeKQ/GS2/7J6rnS
Nz5o6B5AURx9WP9L4ldEn3+ZoPjFQ/jRi6yGjZLh6Krv4T7tIq9hXIw6gBFHjzqo
dnUHcSv256dIoCegei8LpxnQCeNQgRKXVfwlzzOAbU5eLONxiw+StoiKK7PcJBcS
/Jo2deAuwwRxXKePr76NY0s+x+Y7Q1pzTCeGw/EFkIaIWbROWTE=
-----END CERTIFICATE-----
Generated at Wed Aug 28 13:39:36 2024 by rpki-client on console-fra.rpki-client.org