Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/e_K5IorKNATqJlf_K2oKWPyaO-c.roa
File: e_K5IorKNATqJlf_K2oKWPyaO-c.roa (raw, json)
Hash identifier: FkpnT6ssdBzpd9lCP5UuCIgk3Ew58S9zzB8Y/uf1Mqk=
Subject key identifier: 7B:F2:B9:22:8A:CA:34:04:EA:26:57:FF:2B:6A:0A:58:FC:9A:3B:E7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0745
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/e_K5IorKNATqJlf_K2oKWPyaO-c.roa
Signing time: Mon 02 Sep 2024 23:55:03 +0000
ROA not before: Mon 02 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1861 (0x745)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 2 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7BF2B9228ACA3404EA2657FF2B6A0A58FC9A3BE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:98:bb:02:f7:3a:c0:a2:0c:78:7e:ed:4e:
4b:86:48:bf:ba:0a:9a:59:2f:31:ef:db:4d:33:77:
8d:c2:b2:a5:ec:5c:60:1f:f3:6d:99:bc:99:e2:60:
06:e5:20:23:f1:6d:fc:7f:19:43:b9:7a:b8:50:e3:
0e:31:ea:e6:4f:a2:40:23:e3:10:ad:1f:ea:c6:33:
76:da:6a:20:c5:05:56:5f:e1:3d:ae:74:18:e1:09:
ac:1a:0d:5d:c8:35:59:70:59:56:30:54:bf:0d:2f:
52:94:cb:a9:2c:dc:cf:42:3d:9b:59:b7:76:86:0d:
95:53:18:42:04:e1:f8:4a:49:11:ef:4b:f9:e2:e2:
d4:e6:90:6b:d7:3f:43:fb:86:ea:49:7e:cf:2d:31:
8f:2d:16:fd:01:81:fa:17:0f:22:a2:ab:23:1d:ba:
75:4f:b0:d7:58:8c:79:3f:f1:63:e1:58:be:15:0b:
21:54:44:b3:83:f6:3a:7b:c6:7a:f4:ad:16:5d:08:
4c:50:74:92:ff:4e:d5:64:31:3e:06:ed:49:32:58:
fb:5c:55:92:77:05:71:ea:fd:08:7d:22:44:69:10:
88:36:67:21:fe:d8:10:54:a3:3a:6b:fe:65:7f:27:
86:e7:73:ea:1e:d9:df:78:29:7c:87:21:05:43:b1:
20:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F2:B9:22:8A:CA:34:04:EA:26:57:FF:2B:6A:0A:58:FC:9A:3B:E7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/e_K5IorKNATqJlf_K2oKWPyaO-c.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:5e:3a:d1:a5:62:3f:d3:a0:01:e1:3e:7b:50:56:cd:06:3a:
00:43:82:57:81:c1:91:4e:58:e3:06:fc:c3:8b:7f:ad:f3:ab:
a9:f6:2d:df:62:5d:f7:23:d5:ee:ad:c6:4c:24:58:29:a8:ba:
e0:35:3d:2e:24:bb:81:bd:8b:2e:df:5f:c6:df:e0:9b:1a:a4:
a9:42:5c:a8:74:68:b8:c5:3c:23:94:52:bf:5d:8e:4a:ba:c6:
f4:48:97:cf:02:59:22:28:f3:d2:da:75:b9:12:5c:64:e1:9e:
23:c7:bb:ca:72:0a:88:74:25:d8:91:18:e2:b6:11:6d:b5:1a:
de:47:4e:b7:08:79:3e:a7:4c:6a:72:37:cc:e0:a7:f9:e1:cb:
48:76:19:7d:48:59:49:34:2a:84:0c:7d:f5:6f:bc:8f:88:64:
85:e0:02:bb:72:5f:20:d6:ce:44:f3:83:4a:8a:d0:5d:87:86:
97:2e:95:25:cb:a7:70:6c:75:c6:9e:6a:39:df:41:f0:41:00:
e5:d6:ea:96:30:9b:04:16:30:39:8e:8c:eb:c4:c2:42:84:14:
30:f1:e9:df:73:88:4c:b4:f0:c9:d6:41:80:b3:00:cd:88:2d:
e2:63:52:63:84:b5:84:15:fb:2c:4a:a8:d0:1b:8e:b3:6e:64:
41:97:6a:c8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDdCRjJCOTIyOEFDQTM0
MDRFQTI2NTdGRjJCNkEwQTU4RkM5QTNCRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCwpi7Avc6wKIMeH7tTkuGSL+6CppZLzHv200zd43CsqXsXGAf
822ZvJniYAblICPxbfx/GUO5erhQ4w4x6uZPokAj4xCtH+rGM3baaiDFBVZf4T2u
dBjhCawaDV3INVlwWVYwVL8NL1KUy6ks3M9CPZtZt3aGDZVTGEIE4fhKSRHvS/ni
4tTmkGvXP0P7hupJfs8tMY8tFv0BgfoXDyKiqyMdunVPsNdYjHk/8WPhWL4VCyFU
RLOD9jp7xnr0rRZdCExQdJL/TtVkMT4G7UkyWPtcVZJ3BXHq/Qh9IkRpEIg2ZyH+
2BBUozpr/mV/J4bnc+oe2d94KXyHIQVDsSBvAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUe/K5IorKNATqJlf/K2oKWPyaO+cwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2VfSzVJb3JLTkFUcUps
Zl9LMm9LV1B5YU8tYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMteOtGlYj/ToAHhPntQVs0GOgBDgleBwZFO
WOMG/MOLf63zq6n2Ld9iXfcj1e6txkwkWCmouuA1PS4ku4G9iy7fX8bf4JsapKlC
XKh0aLjFPCOUUr9djkq6xvRIl88CWSIo89LadbkSXGThniPHu8pyCoh0JdiRGOK2
EW21Gt5HTrcIeT6nTGpyN8zgp/nhy0h2GX1IWUk0KoQMffVvvI+IZIXgArtyXyDW
zkTzg0qK0F2HhpculSXLp3BsdcaeajnfQfBBAOXW6pYwmwQWMDmOjOvEwkKEFDDx
6d9ziEy08MnWQYCzAM2ILeJjUmOEtYQV+yxKqNAbjrNuZEGXasg=
-----END CERTIFICATE-----
Generated at Tue Sep 3 04:45:18 2024 by rpki-client on console-fra.rpki-client.org