Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hJLoMNQgWp2FkmV7rC4mSUsGnps.roa
File: hJLoMNQgWp2FkmV7rC4mSUsGnps.roa (raw, json)
Hash identifier: uFE8tdAS6ZI/2+yE/2RUgQha+gEJTUu9Mjz3o/NU/Ec=
Subject key identifier: 84:92:E8:30:D4:20:5A:9D:85:92:65:7B:AC:2E:26:49:4B:06:9E:9B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0799
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hJLoMNQgWp2FkmV7rC4mSUsGnps.roa
Signing time: Thu 12 Sep 2024 07:55:02 +0000
ROA not before: Thu 12 Sep 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1945 (0x799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 12 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8492E830D4205A9D8592657BAC2E26494B069E9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:9e:ca:7c:04:f3:46:19:b6:77:cf:c7:60:
35:35:a7:42:30:d4:99:73:6e:ff:74:67:c9:e1:37:
a0:99:37:36:0e:85:bf:69:19:5d:f8:83:66:ae:6b:
13:cf:77:08:51:5e:10:8b:9c:ec:ff:20:29:2a:b8:
3c:07:e1:3a:fb:33:10:6f:af:53:5b:0f:1c:f0:b3:
13:aa:52:9d:44:35:db:4e:ca:84:66:98:5a:09:49:
92:88:5b:e6:90:a5:f3:57:fe:07:31:23:d7:44:a4:
1d:6e:8f:e3:00:00:71:4d:e0:89:7a:9e:27:f4:79:
30:83:9f:8a:c6:96:47:3b:93:22:f1:d7:6f:95:da:
c7:31:2f:60:3a:21:92:c4:86:1b:f8:87:ff:91:bc:
b7:bc:78:03:3f:c7:88:04:3b:c4:d5:43:e0:3c:3e:
ce:f7:8c:02:90:57:53:fe:fe:ba:4d:bd:d3:e8:92:
a3:74:1d:f1:b5:12:fe:8c:c1:e2:86:e9:fc:ab:82:
89:5b:cf:71:39:45:b4:67:5d:49:7b:74:4a:d9:ce:
4a:03:b2:04:26:12:ea:53:43:a7:05:c7:a8:05:83:
19:d6:c7:d4:20:c8:e7:5d:af:c6:25:86:d8:ed:69:
81:3d:26:84:b5:fd:07:d6:8b:b1:c5:d1:27:0d:69:
8b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:92:E8:30:D4:20:5A:9D:85:92:65:7B:AC:2E:26:49:4B:06:9E:9B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hJLoMNQgWp2FkmV7rC4mSUsGnps.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
62:67:fb:f9:2b:52:82:2a:76:6e:d6:b2:f7:ee:48:9c:ba:11:
57:53:47:e0:cb:67:74:7f:c3:0d:31:fd:5c:ff:be:4d:c3:1c:
4f:a1:19:0c:43:7b:0d:2a:45:e1:d7:20:b9:51:dc:7f:d9:e7:
9c:08:33:29:7b:4f:a0:36:ca:c1:d0:85:b5:11:ff:08:d2:05:
89:16:a5:18:6a:f5:3f:3e:76:a3:de:8c:eb:25:cc:90:c6:9f:
2c:01:96:90:de:bc:63:d2:e1:66:f7:69:6a:21:79:b2:5e:cd:
d0:cc:29:6c:dc:7f:ce:d7:3c:33:80:1b:5a:19:c1:b3:27:04:
0c:e2:0c:fd:26:27:72:dd:9e:2e:fb:2e:d9:70:33:d4:05:17:
d5:42:a7:99:cd:50:53:81:8b:52:8a:b1:0e:4e:60:02:6b:ee:
6b:42:d7:19:e6:aa:18:76:50:8e:d1:22:1a:1e:63:b6:3e:5a:
2e:ac:d9:e4:26:0f:eb:70:4f:4e:c1:60:7a:b5:fc:ae:6a:2e:
2c:59:ac:ab:d3:19:21:3b:14:46:fd:70:5c:e7:c3:ed:c7:0f:
9b:8f:5d:62:34:7b:2e:43:ca:95:c4:70:24:bb:7d:43:51:c8:
62:4a:f5:38:08:0c:9e:9a:21:ea:55:66:84:f5:f8:7a:85:3f:
8a:11:3f:58
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTIw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg0OTJFODMwRDQyMDVB
OUQ4NTkyNjU3QkFDMkUyNjQ5NEIwNjlFOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu157KfATzRhm2d8/HYDU1p0Iw1Jlzbv90Z8nhN6CZNzYOhb9p
GV34g2auaxPPdwhRXhCLnOz/ICkquDwH4Tr7MxBvr1NbDxzwsxOqUp1ENdtOyoRm
mFoJSZKIW+aQpfNX/gcxI9dEpB1uj+MAAHFN4Il6nif0eTCDn4rGlkc7kyLx12+V
2scxL2A6IZLEhhv4h/+RvLe8eAM/x4gEO8TVQ+A8Ps73jAKQV1P+/rpNvdPokqN0
HfG1Ev6MweKG6fyrgolbz3E5RbRnXUl7dErZzkoDsgQmEupTQ6cFx6gFgxnWx9Qg
yOddr8YlhtjtaYE9JoS1/QfWi7HF0ScNaYu1AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhJLoMNQgWp2FkmV7rC4mSUsGnpswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hKTG9NTlFnV3AyRmtt
VjdyQzRtU1VzR25wcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGJn+/krUoIqdm7WsvfuSJy6EVdTR+DLZ3R/
ww0x/Vz/vk3DHE+hGQxDew0qReHXILlR3H/Z55wIMyl7T6A2ysHQhbUR/wjSBYkW
pRhq9T8+dqPejOslzJDGnywBlpDevGPS4Wb3aWohebJezdDMKWzcf87XPDOAG1oZ
wbMnBAziDP0mJ3Ldni77LtlwM9QFF9VCp5nNUFOBi1KKsQ5OYAJr7mtC1xnmqhh2
UI7RIhoeY7Y+Wi6s2eQmD+twT07BYHq1/K5qLixZrKvTGSE7FEb9cFznw+3HD5uP
XWI0ey5DypXEcCS7fUNRyGJK9TgIDJ6aIepVZoT1+HqFP4oRP1g=
-----END CERTIFICATE-----
Generated at Thu Sep 12 14:04:22 2024 by rpki-client on console-ams.rpki-client.org