Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ccJIlK0IKFwp3PRtOzHE__qVROo.roa
File: ccJIlK0IKFwp3PRtOzHE__qVROo.roa (raw, json)
Hash identifier: pGUVE2ayZA88uK6Ilh3exLLZa5o5LINqWpAFtHSi9/o=
Subject key identifier: 71:C2:48:94:AD:08:28:5C:29:DC:F4:6D:3B:31:C4:FF:FA:95:44:EA
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0694
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ccJIlK0IKFwp3PRtOzHE__qVROo.roa
Signing time: Wed 14 Aug 2024 07:55:04 +0000
ROA not before: Wed 14 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1684 (0x694)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 14 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71C24894AD08285C29DCF46D3B31C4FFFA9544EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:64:9d:36:c8:c6:99:d5:e4:96:5d:73:a2:e0:
ed:e9:a7:16:38:5f:4a:e3:01:ba:bd:73:68:78:69:
c6:c4:83:ed:a7:7f:94:39:74:72:d9:e8:49:73:32:
7f:03:69:0f:78:70:b1:28:22:c4:32:7d:2d:15:c8:
4b:aa:a6:28:a0:bb:1d:0a:af:04:af:92:b9:ee:45:
98:ef:20:e7:d1:6e:b5:62:78:63:29:93:3c:0d:3b:
a9:e9:b7:83:95:4a:21:0e:61:08:9a:fe:14:52:fd:
87:1f:7d:9f:10:1d:95:05:35:ab:98:25:dd:8e:ba:
32:5a:c0:d5:71:7e:51:90:01:cc:2c:0e:25:86:ff:
29:fd:92:c5:d1:77:ad:96:74:7e:03:3e:e5:f3:4d:
1f:e3:44:6f:31:c1:21:85:e5:f5:e1:2f:41:a6:27:
d7:87:2e:e4:c5:12:02:fc:1c:97:b5:2d:63:2e:d5:
2b:a4:34:8f:84:e4:6c:60:83:62:0e:5a:92:cb:c5:
be:74:aa:7c:97:84:81:5e:af:99:df:61:7a:81:c6:
30:7a:d1:a9:a0:9b:3d:ce:bc:4a:69:e7:15:d0:17:
a0:8f:3a:0f:e4:56:fd:4d:26:37:dc:54:64:4e:0d:
d7:94:31:6c:ed:53:9c:5d:3e:48:27:30:23:05:35:
a6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C2:48:94:AD:08:28:5C:29:DC:F4:6D:3B:31:C4:FF:FA:95:44:EA
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ccJIlK0IKFwp3PRtOzHE__qVROo.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:f1:c0:35:00:83:a3:c4:be:39:1f:ab:eb:29:a8:40:ba:e1:
47:fb:b3:a0:e4:0e:07:2a:47:fa:b6:00:56:da:64:28:84:bc:
cd:26:19:b8:66:e0:c3:69:79:e3:7b:40:54:f6:48:3f:5a:ac:
e6:1e:3f:68:68:4e:3b:11:b1:9b:3a:21:56:29:15:67:83:8d:
bc:69:eb:fa:c4:69:65:43:ce:d1:e4:0e:68:e5:6b:e2:a3:4c:
d3:0a:20:2b:b7:e6:a1:c9:2d:b2:8f:00:e3:d2:79:44:7d:0e:
ba:98:17:07:35:32:8d:ec:87:39:99:81:c2:1a:71:32:80:47:
0d:a9:11:fe:6d:9f:d4:6f:81:03:ca:a1:e8:7c:58:b2:40:02:
f2:7b:b4:1a:31:fb:c3:5a:27:98:89:94:02:aa:91:e8:49:82:
f6:5d:9c:7a:6f:05:07:f7:1d:2d:66:f4:ff:3d:69:14:86:dc:
a7:1d:c4:8b:5e:7b:3a:9d:39:7d:a8:09:cb:34:8d:05:44:89:
11:74:ed:de:43:9f:64:a1:84:c7:b9:0a:92:21:c2:6f:2d:c9:
af:42:5c:13:cf:f9:eb:59:05:ee:c8:e7:33:df:8a:a7:32:d1:
3d:5e:2e:bc:f2:77:1a:a9:d1:41:53:b5:cb:07:1c:be:68:85:
83:66:87:d3
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBpQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTQw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDcxQzI0ODk0QUQwODI4
NUMyOURDRjQ2RDNCMzFDNEZGRkE5NTQ0RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD9ZJ02yMaZ1eSWXXOi4O3ppxY4X0rjAbq9c2h4acbEg+2nf5Q5
dHLZ6ElzMn8DaQ94cLEoIsQyfS0VyEuqpiigux0KrwSvkrnuRZjvIOfRbrVieGMp
kzwNO6npt4OVSiEOYQia/hRS/YcffZ8QHZUFNauYJd2OujJawNVxflGQAcwsDiWG
/yn9ksXRd62WdH4DPuXzTR/jRG8xwSGF5fXhL0GmJ9eHLuTFEgL8HJe1LWMu1Suk
NI+E5Gxgg2IOWpLLxb50qnyXhIFer5nfYXqBxjB60amgmz3OvEpp5xXQF6CPOg/k
Vv1NJjfcVGRODdeUMWztU5xdPkgnMCMFNaZBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUccJIlK0IKFwp3PRtOzHE//qVROowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2NjSklsSzBJS0Z3cDNQ
UnRPekhFX19xVlJPby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJ3xwDUAg6PEvjkfq+spqEC64Uf7s6DkDgcq
R/q2AFbaZCiEvM0mGbhm4MNpeeN7QFT2SD9arOYeP2hoTjsRsZs6IVYpFWeDjbxp
6/rEaWVDztHkDmjla+KjTNMKICu35qHJLbKPAOPSeUR9DrqYFwc1Mo3shzmZgcIa
cTKARw2pEf5tn9RvgQPKoeh8WLJAAvJ7tBox+8NaJ5iJlAKqkehJgvZdnHpvBQf3
HS1m9P89aRSG3KcdxIteezqdOX2oCcs0jQVEiRF07d5Dn2ShhMe5CpIhwm8tya9C
XBPP+etZBe7I5zPfiqcy0T1eLrzydxqp0UFTtcsHHL5ohYNmh9M=
-----END CERTIFICATE-----
Generated at Wed Aug 14 15:15:11 2024 by rpki-client on console-ams.rpki-client.org