Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/gFm9SH88hd9uAVjBPvrzssFmHUY.roa
File: gFm9SH88hd9uAVjBPvrzssFmHUY.roa (raw, json)
Hash identifier: jfcbld9ofueZT+Ukve+gNnekISu9GSNyfQxC9HtNnIc=
Subject key identifier: 80:59:BD:48:7F:3C:85:DF:6E:01:58:C1:3E:FA:F3:B2:C1:66:1D:46
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06DC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/gFm9SH88hd9uAVjBPvrzssFmHUY.roa
Signing time: Thu 22 Aug 2024 07:55:04 +0000
ROA not before: Thu 22 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1756 (0x6dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 22 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8059BD487F3C85DF6E0158C13EFAF3B2C1661D46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a2:ed:d0:41:fd:5e:c8:3d:5a:98:20:c3:96:
c6:f2:40:53:0b:a9:00:b3:d9:3f:90:b6:bd:8c:ee:
4a:4b:32:a9:1d:e0:d7:60:af:42:3f:97:61:2c:8e:
8c:e2:27:31:f3:ff:ed:d0:0c:16:3b:a1:3c:d0:66:
7b:7f:1e:f6:0c:20:eb:d8:55:9a:18:c0:bb:21:53:
1e:0d:12:d7:43:8e:b2:10:46:b6:84:dd:5f:c2:97:
9b:d4:a4:b8:97:3a:fc:06:48:07:d4:62:02:27:e2:
00:89:24:3f:47:cf:58:34:67:f2:b9:bd:89:20:a1:
3c:af:82:51:ea:42:68:c4:81:c5:fa:cf:7f:f8:87:
b1:51:d1:75:c3:48:2e:c7:40:ef:5b:e2:6b:ba:df:
2e:fa:45:94:45:75:77:b9:96:21:47:3a:57:5c:37:
5d:90:22:21:87:31:9e:66:11:61:a8:16:08:91:5d:
72:46:85:22:b8:d7:82:d0:12:3a:de:89:12:60:e3:
d1:1b:8f:75:01:76:fd:a0:20:1f:12:32:b5:e7:50:
5a:a8:d8:16:f1:7b:d9:ee:08:f5:e4:8a:ad:72:19:
7d:45:52:f2:6f:7f:f8:45:8a:5b:08:79:c4:6d:84:
8b:0b:7e:51:84:ed:66:44:04:d3:fc:5d:b9:99:90:
d1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:59:BD:48:7F:3C:85:DF:6E:01:58:C1:3E:FA:F3:B2:C1:66:1D:46
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/gFm9SH88hd9uAVjBPvrzssFmHUY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d8:c9:23:2d:59:22:f5:d3:57:d2:72:6d:d6:3c:7f:0a:7f:
84:94:2c:84:2c:07:1e:4c:9e:6f:65:9c:de:14:8a:9b:fd:be:
b0:a8:e9:8d:af:19:1f:e5:94:37:6e:a1:98:86:15:c7:08:9d:
f4:87:3b:16:89:8d:50:26:44:d6:0c:ac:64:7f:68:89:2d:f0:
22:33:97:75:f6:fc:c9:6a:ef:52:84:3b:aa:de:ec:60:fd:a3:
e3:6c:2c:36:0c:ca:32:af:aa:09:39:0c:0a:c6:4d:ff:57:b6:
d3:05:bc:b7:39:1e:25:04:13:af:3e:50:4f:f4:f8:d1:9e:04:
06:ff:7d:56:e8:6c:95:18:bf:24:d9:49:11:ee:91:89:4f:18:
51:48:d6:d0:b2:26:e6:2a:f1:d6:0c:9f:cc:2e:f5:6e:ff:ab:
0d:78:99:db:84:19:13:47:82:46:08:18:b1:f8:ab:03:09:3f:
61:9f:28:2d:55:13:e7:cb:7d:cc:4b:f5:57:df:49:ba:39:a1:
7b:4f:43:d3:be:f6:b8:64:6b:50:b5:e5:af:d7:df:56:3d:fb:
4e:be:02:c6:57:be:17:66:bf:7e:e6:8e:64:e4:03:70:08:b6:
2b:16:d9:b7:7a:2a:b8:45:75:b1:b3:a1:26:17:d1:37:9f:cc:
b0:1d:26:37
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjIw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDgwNTlCRDQ4N0YzQzg1
REY2RTAxNThDMTNFRkFGM0IyQzE2NjFENDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYou3QQf1eyD1amCDDlsbyQFMLqQCz2T+Qtr2M7kpLMqkd4Ndg
r0I/l2EsjoziJzHz/+3QDBY7oTzQZnt/HvYMIOvYVZoYwLshUx4NEtdDjrIQRraE
3V/Cl5vUpLiXOvwGSAfUYgIn4gCJJD9Hz1g0Z/K5vYkgoTyvglHqQmjEgcX6z3/4
h7FR0XXDSC7HQO9b4mu63y76RZRFdXe5liFHOldcN12QIiGHMZ5mEWGoFgiRXXJG
hSK414LQEjreiRJg49Ebj3UBdv2gIB8SMrXnUFqo2Bbxe9nuCPXkiq1yGX1FUvJv
f/hFilsIecRthIsLflGE7WZEBNP8XbmZkNHrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUgFm9SH88hd9uAVjBPvrzssFmHUYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2dGbTlTSDg4aGQ5dUFW
akJQdnJ6c3NGbUhVWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACDYySMtWSL101fScm3WPH8Kf4SULIQsBx5M
nm9lnN4Uipv9vrCo6Y2vGR/llDduoZiGFccInfSHOxaJjVAmRNYMrGR/aIkt8CIz
l3X2/Mlq71KEO6re7GD9o+NsLDYMyjKvqgk5DArGTf9XttMFvLc5HiUEE68+UE/0
+NGeBAb/fVbobJUYvyTZSRHukYlPGFFI1tCyJuYq8dYMn8wu9W7/qw14mduEGRNH
gkYIGLH4qwMJP2GfKC1VE+fLfcxL9VffSbo5oXtPQ9O+9rhka1C15a/X31Y9+06+
AsZXvhdmv37mjmTkA3AItisW2bd6KrhFdbGzoSYX0TefzLAdJjc=
-----END CERTIFICATE-----
Generated at Thu Aug 22 17:02:46 2024 by rpki-client on console-fra.rpki-client.org