Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/e8pxcrt07cFiB2HcwFGoviR6oSA.roa
File: e8pxcrt07cFiB2HcwFGoviR6oSA.roa (raw, json)
Hash identifier: seQXCekrU5yczp0Odv6mmnfQn5zKSle4scfU9S4oNf4=
Subject key identifier: 7B:CA:71:72:BB:74:ED:C1:62:07:61:DC:C0:51:A8:BE:24:7A:A1:20
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 090B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/e8pxcrt07cFiB2HcwFGoviR6oSA.roa
Signing time: Wed 23 Oct 2024 07:55:03 +0000
ROA not before: Wed 23 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2315 (0x90b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 23 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7BCA7172BB74EDC1620761DCC051A8BE247AA120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:14:ef:19:45:45:c1:cd:6c:37:81:bb:09:a1:
d4:39:6e:8a:e0:1f:9d:1b:51:e2:99:83:de:7d:ee:
62:1b:8d:64:e9:4b:21:a0:a7:48:92:a5:35:2d:5f:
3a:08:ef:2a:ca:f6:4a:20:99:81:b9:03:68:2b:00:
b7:12:97:52:9d:a7:e8:43:f7:f0:a5:0b:43:d5:64:
a2:69:22:05:64:0c:b4:3d:f8:8d:9a:08:7b:14:23:
e7:48:87:db:8d:a9:98:85:c8:62:34:ae:e5:a5:be:
bd:e7:d2:81:bb:ec:16:67:d5:8b:a1:17:70:ee:69:
86:34:b1:3c:0d:a1:30:17:d3:57:f9:5d:02:21:2c:
71:fa:a2:97:3f:93:2b:02:b4:fb:ea:45:6f:ab:63:
7d:e7:ac:98:6b:ff:b0:24:03:b9:bb:69:35:43:57:
56:19:fb:bc:0c:1c:10:f0:fb:de:00:eb:54:0f:e8:
aa:2f:85:36:1e:a3:46:a1:20:4e:6a:55:43:30:15:
56:b8:bb:28:3b:a8:51:38:d4:aa:e8:6c:0f:59:6b:
db:65:52:b3:a7:55:e9:f0:23:75:59:90:bc:c9:76:
2c:44:4a:80:2d:39:5a:14:2e:c5:91:23:5b:3e:1a:
45:cc:86:22:25:65:62:a8:4b:af:33:c5:ec:d9:11:
c3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CA:71:72:BB:74:ED:C1:62:07:61:DC:C0:51:A8:BE:24:7A:A1:20
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/e8pxcrt07cFiB2HcwFGoviR6oSA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:16:f7:fd:c5:bb:74:3c:c0:86:21:11:d4:ee:47:69:d0:38:
44:e8:99:f5:02:7a:cd:a5:df:da:55:30:22:11:98:70:14:6f:
1d:ae:91:d0:35:88:33:47:d3:a3:55:00:f3:63:2b:6e:85:60:
45:d8:c7:ac:f7:7e:7b:70:a0:89:11:0e:56:d2:d5:1c:65:4e:
bb:12:fd:ef:21:b3:57:a8:0f:17:e9:70:ee:99:69:a4:0c:76:
c8:3f:8b:72:b4:95:c5:1b:b7:7f:7a:59:52:94:ce:b4:06:eb:
aa:08:73:cd:c7:26:b4:c4:8b:6d:c4:dc:56:b9:f8:52:72:e6:
57:61:a3:36:19:57:c3:92:06:34:cd:57:41:6e:16:cd:06:d4:
eb:93:67:e5:2d:60:5f:f8:89:65:54:0d:43:a2:78:f3:23:be:
1a:87:32:dc:47:53:45:ac:85:85:8f:7f:7a:5a:b7:89:66:1a:
2b:cf:64:61:a8:6c:e2:db:c3:92:93:e2:ad:00:5d:84:c2:b4:
5a:43:5c:fb:09:73:e4:e4:dc:b7:5d:24:f1:a1:7c:dd:b0:10:
86:de:9e:b6:83:4a:42:f9:12:88:a1:f6:58:f3:ac:05:b8:90:
d7:f2:84:bf:19:bf:cf:91:0a:11:ce:2d:16:06:5a:c7:ba:f9:
44:53:25:6c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjMw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDdCQ0E3MTcyQkI3NEVE
QzE2MjA3NjFEQ0MwNTFBOEJFMjQ3QUExMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFFO8ZRUXBzWw3gbsJodQ5borgH50bUeKZg9597mIbjWTpSyGg
p0iSpTUtXzoI7yrK9kogmYG5A2grALcSl1Kdp+hD9/ClC0PVZKJpIgVkDLQ9+I2a
CHsUI+dIh9uNqZiFyGI0ruWlvr3n0oG77BZn1YuhF3DuaYY0sTwNoTAX01f5XQIh
LHH6opc/kysCtPvqRW+rY33nrJhr/7AkA7m7aTVDV1YZ+7wMHBDw+94A61QP6Kov
hTYeo0ahIE5qVUMwFVa4uyg7qFE41KrobA9Za9tlUrOnVenwI3VZkLzJdixESoAt
OVoULsWRI1s+GkXMhiIlZWKoS68zxezZEcP/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUe8pxcrt07cFiB2HcwFGoviR6oSAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2U4cHhjcnQwN2NGaUIy
SGN3RkdvdmlSNm9TQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKgW9/3Fu3Q8wIYhEdTuR2nQOETomfUCes2l
39pVMCIRmHAUbx2ukdA1iDNH06NVAPNjK26FYEXYx6z3fntwoIkRDlbS1RxlTrsS
/e8hs1eoDxfpcO6ZaaQMdsg/i3K0lcUbt396WVKUzrQG66oIc83HJrTEi23E3Fa5
+FJy5ldhozYZV8OSBjTNV0FuFs0G1OuTZ+UtYF/4iWVUDUOiePMjvhqHMtxHU0Ws
hYWPf3pat4lmGivPZGGobOLbw5KT4q0AXYTCtFpDXPsJc+Tk3LddJPGhfN2wEIbe
nraDSkL5Eoih9ljzrAW4kNfyhL8Zv8+RChHOLRYGWse6+URTJWw=
-----END CERTIFICATE-----
Generated at Wed Oct 23 14:05:12 2024 by rpki-client on console-fra.rpki-client.org