Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hYKjiT_3O02N_qqGK0nDtOR7-Ok.roa
File: hYKjiT_3O02N_qqGK0nDtOR7-Ok.roa (raw, json)
Hash identifier: H3z87sJWY3exdB2xMswhGmUH1iG1akYvnMRbOJZf3cU=
Subject key identifier: 85:82:A3:89:3F:F7:3B:4D:8D:FE:AA:86:2B:49:C3:B4:E4:7B:F8:E9
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0829
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hYKjiT_3O02N_qqGK0nDtOR7-Ok.roa
Signing time: Sat 28 Sep 2024 07:55:02 +0000
ROA not before: Sat 28 Sep 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2089 (0x829)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 28 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8582A3893FF73B4D8DFEAA862B49C3B4E47BF8E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:f0:a8:5c:ac:28:70:9e:ce:92:55:d9:26:
4f:89:09:ba:0c:cc:8c:26:17:8b:05:82:f5:da:dd:
d2:02:9d:65:4f:8a:c0:79:5a:19:fb:98:05:a4:a2:
5d:52:e2:ce:e6:18:5c:5f:dd:75:75:0a:7a:00:28:
e1:66:42:95:91:1a:2d:5c:02:8f:c3:0c:9d:cf:68:
3a:dd:10:aa:b1:74:5c:3b:5a:43:a1:05:ac:c4:1a:
1a:41:2c:95:a3:8d:8a:47:78:77:d0:a7:30:6c:79:
cb:d3:39:af:b5:3c:e4:b5:53:d4:19:06:c5:fa:27:
b1:5b:44:c0:ad:c8:f9:c7:29:83:8d:de:5a:00:ef:
2a:bc:fc:d1:36:25:43:d7:0a:c5:11:5a:a3:dd:ee:
ad:e4:c9:6d:15:7b:aa:4f:c9:ee:a3:8a:d1:15:7e:
e9:b3:44:39:7b:6b:09:b7:3c:be:d4:d7:05:4b:e8:
fc:c8:5c:2d:9a:be:d2:06:06:84:9f:5b:53:4b:bd:
44:74:fa:18:2a:c6:b5:cb:35:58:55:8d:92:0c:1a:
5a:f6:1b:76:e7:99:c4:dd:7b:30:75:10:78:38:12:
82:86:30:c1:b2:3b:17:6d:1e:a8:b0:b5:4f:d7:1c:
ea:6a:fe:d6:c8:2f:4d:f7:c2:51:fd:45:de:15:8a:
4d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:82:A3:89:3F:F7:3B:4D:8D:FE:AA:86:2B:49:C3:B4:E4:7B:F8:E9
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hYKjiT_3O02N_qqGK0nDtOR7-Ok.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:ef:8f:19:3b:5b:aa:20:ce:98:d5:5a:ec:f0:5b:45:e3:3e:
4e:f2:ec:e9:30:50:e5:28:85:66:bb:10:11:f2:f2:8f:fe:31:
d9:56:44:70:53:2f:9f:98:24:67:b8:bd:8f:03:8e:d0:4c:b0:
d4:b3:1a:1e:fc:28:40:32:5c:2e:2a:7e:56:40:b8:02:72:23:
87:fe:67:df:28:5a:57:21:61:c2:8d:03:4d:06:5d:97:44:27:
21:fa:6a:eb:15:82:84:62:e9:bd:90:78:8b:ce:9c:e7:5e:fd:
60:e5:c1:58:d9:43:2a:f8:7b:cd:3d:1b:a6:b1:f7:6a:aa:94:
e6:82:1f:97:af:91:f9:de:d6:96:e4:4e:de:9a:8a:af:d9:9b:
7c:bc:e6:9d:1b:ca:de:f0:52:48:3f:98:02:1d:9e:33:c8:a6:
94:dd:76:cc:c5:1e:2e:8c:2e:b5:a4:00:ae:7c:33:f0:ef:e3:
c8:44:4f:0f:60:09:e8:0d:1d:51:37:fe:4a:95:23:cb:ac:f8:
e4:18:8b:c5:6b:fe:dd:33:39:c8:d3:61:7b:40:60:c3:c8:fa:
7e:38:40:fd:e0:d2:54:20:b3:6b:ba:7a:f0:af:1c:2a:f7:f3:
8d:de:ed:29:c9:47:a2:61:ef:16:8b:1c:b9:0b:88:7f:cd:d4:
2b:e6:89:06
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5Mjgw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1ODJBMzg5M0ZGNzNC
NEQ4REZFQUE4NjJCNDlDM0I0RTQ3QkY4RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9gPCoXKwocJ7OklXZJk+JCboMzIwmF4sFgvXa3dICnWVPisB5
Whn7mAWkol1S4s7mGFxf3XV1CnoAKOFmQpWRGi1cAo/DDJ3PaDrdEKqxdFw7WkOh
BazEGhpBLJWjjYpHeHfQpzBsecvTOa+1POS1U9QZBsX6J7FbRMCtyPnHKYON3loA
7yq8/NE2JUPXCsURWqPd7q3kyW0Ve6pPye6jitEVfumzRDl7awm3PL7U1wVL6PzI
XC2avtIGBoSfW1NLvUR0+hgqxrXLNVhVjZIMGlr2G3bnmcTdezB1EHg4EoKGMMGy
OxdtHqiwtU/XHOpq/tbIL033wlH9Rd4Vik3DAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhYKjiT/3O02N/qqGK0nDtOR7+OkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hZS2ppVF8zTzAyTl9x
cUdLMG5EdE9SNy1Pay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANHvjxk7W6ogzpjVWuzwW0XjPk7y7OkwUOUo
hWa7EBHy8o/+MdlWRHBTL5+YJGe4vY8DjtBMsNSzGh78KEAyXC4qflZAuAJyI4f+
Z98oWlchYcKNA00GXZdEJyH6ausVgoRi6b2QeIvOnOde/WDlwVjZQyr4e809G6ax
92qqlOaCH5evkfne1pbkTt6aiq/Zm3y85p0byt7wUkg/mAIdnjPIppTddszFHi6M
LrWkAK58M/Dv48hETw9gCegNHVE3/kqVI8us+OQYi8Vr/t0zOcjTYXtAYMPI+n44
QP3g0lQgs2u6evCvHCr3843e7SnJR6Jh7xaLHLkLiH/N1CvmiQY=
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:44:19 2024 by rpki-client on console-ams.rpki-client.org