Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/g30VpzNp4nsopNJVJLC0TRhxg_4.roa
File: g30VpzNp4nsopNJVJLC0TRhxg_4.roa (raw, json)
Hash identifier: PQyp3PmDrOUQV6GG9abd8gZnvlLByxlD6KTH/liXhz8=
Subject key identifier: 83:7D:15:A7:33:69:E2:7B:28:A4:D2:55:24:B0:B4:4D:18:71:83:FE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0805
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/g30VpzNp4nsopNJVJLC0TRhxg_4.roa
Signing time: Tue 24 Sep 2024 07:55:03 +0000
ROA not before: Tue 24 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2053 (0x805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 24 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=837D15A73369E27B28A4D25524B0B44D187183FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:93:7f:08:e3:83:56:66:bf:e8:7f:b2:44:21:
d5:e6:5d:75:7e:e4:2f:8d:a4:71:d3:24:a9:de:da:
c3:df:bc:eb:cd:63:22:99:4f:61:83:bd:2b:44:03:
d2:ad:b8:80:bd:de:0c:90:98:70:c6:57:79:f4:0c:
67:02:1f:68:84:cc:db:1c:ef:73:2b:57:90:e3:b6:
93:b5:e6:28:2f:9c:6e:80:23:c1:ec:68:0c:40:16:
14:b9:a4:d1:34:4b:8f:3f:4c:b8:d5:86:dd:95:f8:
96:b1:07:6d:d3:90:6d:ba:44:8d:45:a7:22:da:3a:
82:bf:f9:ad:d2:94:a5:ef:56:66:9b:dd:19:0a:67:
db:dd:cf:f1:6a:fc:58:29:c0:5e:b3:14:b1:1a:40:
ce:ba:d7:23:af:c4:44:94:e2:ee:2d:bc:e6:21:0a:
52:3f:99:dd:06:88:8d:b0:9b:26:8a:87:f4:64:ed:
c9:aa:b9:b2:13:88:ba:b1:d4:2d:19:89:a6:f3:ab:
31:b6:b1:5d:fd:90:4d:3a:7b:1d:47:cb:90:5a:be:
f4:83:72:0f:72:94:a4:f1:e5:f0:7a:60:1b:1a:0f:
c5:b8:00:85:e7:e6:ed:f0:fc:d4:47:e8:fc:75:5c:
87:2b:f2:5a:13:25:96:99:30:5a:9b:b6:e1:7c:8d:
f8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:7D:15:A7:33:69:E2:7B:28:A4:D2:55:24:B0:B4:4D:18:71:83:FE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/g30VpzNp4nsopNJVJLC0TRhxg_4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:3e:ea:08:5a:5f:73:8f:ec:21:d7:cb:34:07:52:a4:1b:6e:
c0:ce:a0:0c:da:14:1f:ea:bc:18:2f:25:e5:f8:92:be:eb:00:
34:9f:df:b9:dc:70:99:70:62:77:7a:e6:d0:4a:78:88:c8:28:
72:47:96:dd:ba:ce:d2:9c:aa:fd:b9:82:11:e0:ac:db:07:27:
1b:23:c1:a4:05:46:26:e7:f6:ad:91:0d:9b:8e:eb:f9:48:da:
39:54:a6:f8:3f:4b:e9:09:5d:91:cf:7b:0e:2b:9f:60:7f:0f:
98:a8:09:2a:c7:b6:6b:f2:f1:43:e1:b0:95:45:c3:96:69:37:
c5:91:eb:48:60:40:0b:95:19:43:85:ed:b0:7a:e0:2f:39:dc:
96:85:1c:37:4a:3f:fe:d7:5a:c6:dd:2e:46:5f:03:93:75:50:
ca:d7:67:77:48:6e:65:23:36:cb:d4:48:3d:37:5a:ad:c0:50:
23:86:04:d3:c2:72:f3:c8:fa:cf:ad:f0:84:3c:e4:59:25:94:
ef:8f:45:c8:0a:ef:28:72:61:a9:19:99:17:d4:52:39:18:bd:
9f:8d:68:b3:cc:2e:e3:f3:4c:8f:13:f5:8e:5c:c7:01:da:2a:
23:ec:5c:61:7a:84:b2:bb:e2:0b:10:8a:08:de:79:ca:d1:dd:
be:47:a0:74
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCAUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjQw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDgzN0QxNUE3MzM2OUUy
N0IyOEE0RDI1NTI0QjBCNDREMTg3MTgzRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIk38I44NWZr/of7JEIdXmXXV+5C+NpHHTJKne2sPfvOvNYyKZ
T2GDvStEA9KtuIC93gyQmHDGV3n0DGcCH2iEzNsc73MrV5DjtpO15igvnG6AI8Hs
aAxAFhS5pNE0S48/TLjVht2V+JaxB23TkG26RI1FpyLaOoK/+a3SlKXvVmab3RkK
Z9vdz/Fq/FgpwF6zFLEaQM661yOvxESU4u4tvOYhClI/md0GiI2wmyaKh/Rk7cmq
ubITiLqx1C0ZiabzqzG2sV39kE06ex1Hy5BavvSDcg9ylKTx5fB6YBsaD8W4AIXn
5u3w/NRH6Px1XIcr8loTJZaZMFqbtuF8jfivAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUg30VpzNp4nsopNJVJLC0TRhxg/4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2czMFZwek5wNG5zb3BO
SlZKTEMwVFJoeGdfNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAN0+6ghaX3OP7CHXyzQHUqQbbsDOoAzaFB/q
vBgvJeX4kr7rADSf37nccJlwYnd65tBKeIjIKHJHlt26ztKcqv25ghHgrNsHJxsj
waQFRibn9q2RDZuO6/lI2jlUpvg/S+kJXZHPew4rn2B/D5ioCSrHtmvy8UPhsJVF
w5ZpN8WR60hgQAuVGUOF7bB64C853JaFHDdKP/7XWsbdLkZfA5N1UMrXZ3dIbmUj
NsvUSD03Wq3AUCOGBNPCcvPI+s+t8IQ85FkllO+PRcgK7yhyYakZmRfUUjkYvZ+N
aLPMLuPzTI8T9Y5cxwHaKiPsXGF6hLK74gsQigjeecrR3b5HoHQ=
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:34 2024 by rpki-client on console-fra.rpki-client.org