Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/h0Y7xDg0_635eT2tafTSKAsa73E.roa
File: h0Y7xDg0_635eT2tafTSKAsa73E.roa (raw, json)
Hash identifier: aYBrW/Kp5XGlcG3DoE07lMu/kK3aIiwAAvT69BxFkvA=
Subject key identifier: 87:46:3B:C4:38:34:FF:AD:F9:79:3D:AD:69:F4:D2:28:0B:1A:EF:71
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 093E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/h0Y7xDg0_635eT2tafTSKAsa73E.roa
Signing time: Mon 28 Oct 2024 23:55:02 +0000
ROA not before: Mon 28 Oct 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2366 (0x93e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 28 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87463BC43834FFADF9793DAD69F4D2280B1AEF71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:8d:e1:35:55:6b:fa:ba:fa:01:56:c6:5f:
28:5c:f4:46:fb:78:a0:0d:4b:98:81:79:35:4e:e9:
30:97:6c:f6:63:43:42:2e:c8:d5:26:f6:59:f4:70:
95:d3:4f:e1:95:84:5f:fa:a8:5a:9d:74:9a:cb:f6:
fc:38:a9:ad:10:31:0e:c4:37:67:70:93:d8:89:d1:
ab:cd:84:1d:03:2d:ee:75:22:4f:24:14:a3:99:49:
c5:7a:79:fa:07:e9:82:c1:cd:39:61:a9:f4:17:d5:
09:27:26:f6:79:29:e1:b7:b0:a2:ae:9a:10:c4:79:
21:66:9a:a4:30:58:ae:ba:e3:ab:67:fc:c2:e2:03:
91:3f:c4:1a:8b:44:aa:55:ac:2f:b2:a0:29:7b:80:
36:46:61:2e:e2:de:4e:fd:75:be:d4:de:b1:68:b0:
1b:e9:37:f8:c8:b6:bd:e2:49:60:f0:f0:63:a0:d6:
a3:c0:5d:43:1e:e6:ea:a0:28:d8:f9:52:1d:ce:cd:
ef:59:5e:14:7a:5c:f5:f6:2b:0f:d0:14:74:16:f4:
0c:5f:dc:75:ec:e8:04:4b:32:2f:2e:e9:c9:95:bd:
8b:16:22:c8:27:24:3a:07:69:e8:d5:b3:5e:99:a3:
33:36:b1:9e:69:09:59:9f:eb:a7:e5:a2:05:b9:97:
a1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:46:3B:C4:38:34:FF:AD:F9:79:3D:AD:69:F4:D2:28:0B:1A:EF:71
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/h0Y7xDg0_635eT2tafTSKAsa73E.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
64:b5:53:f7:77:ec:e9:89:f4:80:09:0d:b3:6d:b1:90:be:f5:
ca:9d:2d:0f:17:85:01:c3:19:ae:8d:61:57:00:89:2b:29:e3:
fc:f2:02:dd:9b:d1:1a:bf:e5:85:71:8d:4e:cf:99:fc:8c:e8:
ee:56:6e:55:7b:8b:4e:ab:62:73:dd:8f:76:fd:b1:bb:37:26:
89:7b:03:88:b6:0b:ef:ae:68:e5:2a:f0:d6:8e:91:cb:47:65:
98:66:23:cb:75:39:85:23:2b:9b:a8:5e:16:b4:9c:53:ae:ff:
2e:b5:85:9f:84:85:81:bc:fc:02:f4:67:e5:94:e4:2d:a6:be:
13:dc:56:47:18:91:f7:6d:e9:af:62:a8:2e:9e:99:2a:bc:9a:
63:22:0f:90:29:91:f7:dc:28:b2:a2:dd:8c:20:ca:2b:c1:2e:
b2:5f:3a:16:95:d3:ac:3c:aa:6e:d9:01:61:8e:6f:d2:07:06:
c6:6f:0f:df:f5:35:36:53:8e:4e:6e:b9:a6:f7:f8:39:29:fe:
9c:2a:8e:56:df:6f:63:e4:c2:de:bd:0b:da:49:4f:a7:7a:0a:
bb:63:3b:92:3d:df:ad:b7:35:69:f9:4a:b1:67:6f:6d:43:37:
cc:b7:de:16:82:ac:ce:85:7f:db:21:b2:f3:9d:5f:95:27:ea:
46:16:0c:f4
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCT4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjgy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg3NDYzQkM0MzgzNEZG
QURGOTc5M0RBRDY5RjREMjI4MEIxQUVGNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsB43hNVVr+rr6AVbGXyhc9Eb7eKANS5iBeTVO6TCXbPZjQ0Iu
yNUm9ln0cJXTT+GVhF/6qFqddJrL9vw4qa0QMQ7EN2dwk9iJ0avNhB0DLe51Ik8k
FKOZScV6efoH6YLBzTlhqfQX1QknJvZ5KeG3sKKumhDEeSFmmqQwWK6646tn/MLi
A5E/xBqLRKpVrC+yoCl7gDZGYS7i3k79db7U3rFosBvpN/jItr3iSWDw8GOg1qPA
XUMe5uqgKNj5Uh3Oze9ZXhR6XPX2Kw/QFHQW9Axf3HXs6ARLMi8u6cmVvYsWIsgn
JDoHaejVs16ZozM2sZ5pCVmf66flogW5l6H5AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUh0Y7xDg0/635eT2tafTSKAsa73EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2gwWTd4RGcwXzYzNWVU
MnRhZlRTS0FzYTczRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGS1U/d37OmJ9IAJDbNtsZC+9cqdLQ8XhQHD
Ga6NYVcAiSsp4/zyAt2b0Rq/5YVxjU7PmfyM6O5WblV7i06rYnPdj3b9sbs3Jol7
A4i2C++uaOUq8NaOkctHZZhmI8t1OYUjK5uoXha0nFOu/y61hZ+EhYG8/AL0Z+WU
5C2mvhPcVkcYkfdt6a9iqC6emSq8mmMiD5ApkffcKLKi3YwgyivBLrJfOhaV06w8
qm7ZAWGOb9IHBsZvD9/1NTZTjk5uuab3+Dkp/pwqjlbfb2Pkwt69C9pJT6d6Crtj
O5I93623NWn5SrFnb21DN8y33haCrM6Ff9shsvOdX5Un6kYWDPQ=
-----END CERTIFICATE-----
Generated at Tue Oct 29 04:54:50 2024 by rpki-client on console-fra.rpki-client.org