Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/gfnkr886gJ4X3oDs4iiwnJCbQ1c.roa
File: gfnkr886gJ4X3oDs4iiwnJCbQ1c.roa (raw, json)
Hash identifier: gz368udpxYD4w7tG+VkmgwB0rU8INT1pXtnyNxDmBVA=
Subject key identifier: 81:F9:E4:AF:CF:3A:80:9E:17:DE:80:EC:E2:28:B0:9C:90:9B:43:57
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A01
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/gfnkr886gJ4X3oDs4iiwnJCbQ1c.roa
Signing time: Tue 19 Nov 2024 15:55:04 +0000
ROA not before: Tue 19 Nov 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2561 (0xa01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 19 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81F9E4AFCF3A809E17DE80ECE228B09C909B4357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:8a:63:34:75:70:92:68:99:2e:b7:b3:a6:27:
9b:a0:2c:4d:59:18:41:bf:02:9d:20:99:09:ae:cc:
71:ab:6d:d8:d5:66:c6:f9:7f:6c:f1:33:ee:e3:51:
ae:94:33:58:3c:b7:82:30:c7:70:1d:e3:9d:a6:65:
f3:ff:d7:b5:64:e6:09:18:f0:63:24:23:54:3c:6e:
93:9b:c6:31:7b:a9:3b:08:9a:7c:e0:cd:59:02:9e:
3e:68:ab:95:08:93:98:70:9c:de:38:ef:1c:53:ef:
86:46:86:85:79:6a:06:12:46:ee:b3:f4:23:73:17:
29:3f:c5:ba:90:37:24:a1:29:e0:5b:10:49:ad:39:
3d:b3:6c:52:da:e7:6d:55:8d:f0:70:96:8e:81:ba:
7c:e0:28:fa:e5:04:b2:c6:35:ab:48:bf:82:22:7b:
a1:1e:f3:2c:d2:12:cb:b1:5f:90:d1:22:f3:f8:c8:
54:23:6d:27:82:a6:b3:be:d0:7d:f3:82:6d:d4:b6:
04:35:63:fc:21:e0:3e:c4:10:a1:d7:2e:ef:84:c0:
2a:2d:db:77:62:10:d8:8a:5d:1a:df:9b:25:ea:8f:
90:ed:6f:3a:e2:5b:04:27:30:09:0f:50:13:ec:49:
b0:5f:83:f5:59:29:5a:e2:66:c4:ce:6b:db:fb:92:
1e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F9:E4:AF:CF:3A:80:9E:17:DE:80:EC:E2:28:B0:9C:90:9B:43:57
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/gfnkr886gJ4X3oDs4iiwnJCbQ1c.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:db:70:54:5a:19:c6:ed:62:0a:c3:f1:80:c2:50:24:65:c7:
6e:3c:bb:49:46:24:c8:28:d0:61:ff:6d:6d:23:35:b3:64:30:
48:f4:cd:fd:24:42:f0:8a:3e:c5:5b:ef:52:7c:3e:03:53:36:
d4:0f:70:11:90:4f:5e:b0:0a:b3:72:a3:ea:ef:7f:23:d5:eb:
ef:a2:09:2b:37:be:43:e0:c2:0d:0f:bd:db:ac:e1:c2:dc:5d:
e1:ad:5e:44:09:4c:bf:1b:ff:f7:b7:f9:85:cc:3d:12:19:d0:
16:f7:f1:7f:a7:ff:20:9f:97:45:a5:1a:42:b1:cb:f2:30:e9:
6e:54:8c:6e:c6:c8:90:ad:dc:e0:5e:cd:7b:ef:b6:d9:6b:35:
bd:2c:0c:4b:14:24:ac:bc:99:ed:c8:4b:89:83:d0:b4:d7:b3:
56:c6:24:ec:22:56:21:fc:ef:91:26:75:cd:fb:9d:fc:69:c0:
43:3a:e9:d5:04:97:0a:b6:c7:88:30:85:8e:c6:f7:2e:6f:00:
48:e7:59:c9:a6:b1:d8:76:dd:a7:ee:eb:ae:db:67:8b:3e:c4:
65:5d:8b:42:3b:df:57:49:12:9e:22:02:7b:de:34:95:03:11:
7e:54:35:d1:ba:84:5a:a4:0e:aa:f0:5b:d3:c1:32:1f:d4:78:
1f:73:a1:77
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTkx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDgxRjlFNEFGQ0YzQTgw
OUUxN0RFODBFQ0UyMjhCMDlDOTA5QjQzNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDximM0dXCSaJkut7OmJ5ugLE1ZGEG/Ap0gmQmuzHGrbdjVZsb5
f2zxM+7jUa6UM1g8t4Iwx3Ad452mZfP/17Vk5gkY8GMkI1Q8bpObxjF7qTsImnzg
zVkCnj5oq5UIk5hwnN447xxT74ZGhoV5agYSRu6z9CNzFyk/xbqQNyShKeBbEEmt
OT2zbFLa521VjfBwlo6BunzgKPrlBLLGNatIv4Iie6Ee8yzSEsuxX5DRIvP4yFQj
bSeCprO+0H3zgm3UtgQ1Y/wh4D7EEKHXLu+EwCot23diENiKXRrfmyXqj5Dtbzri
WwQnMAkPUBPsSbBfg/VZKVriZsTOa9v7kh7bAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUgfnkr886gJ4X3oDs4iiwnJCbQ1cwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2dmbmtyODg2Z0o0WDNv
RHM0aWl3bkpDYlExYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAI7bcFRaGcbtYgrD8YDCUCRlx248u0lGJMgo
0GH/bW0jNbNkMEj0zf0kQvCKPsVb71J8PgNTNtQPcBGQT16wCrNyo+rvfyPV6++i
CSs3vkPgwg0Pvdus4cLcXeGtXkQJTL8b//e3+YXMPRIZ0Bb38X+n/yCfl0WlGkKx
y/Iw6W5UjG7GyJCt3OBezXvvttlrNb0sDEsUJKy8me3IS4mD0LTXs1bGJOwiViH8
75Emdc37nfxpwEM66dUElwq2x4gwhY7G9y5vAEjnWcmmsdh23afu667bZ4s+xGVd
i0I731dJEp4iAnveNJUDEX5UNdG6hFqkDqrwW9PBMh/UeB9zoXc=
-----END CERTIFICATE-----
Generated at Tue Nov 19 22:38:10 2024 by rpki-client on console-fra.rpki-client.org