Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hfVIeURP3LhgvfBiyzJV7t1aNfQ.roa
File: hfVIeURP3LhgvfBiyzJV7t1aNfQ.roa (raw, json)
Hash identifier: PRVZiRHypQjPwUZYP+Pb9+MvhjNjc4u7fx4sMbUc61g=
Subject key identifier: 85:F5:48:79:44:4F:DC:B8:60:BD:F0:62:CB:32:55:EE:DD:5A:35:F4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0730
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hfVIeURP3LhgvfBiyzJV7t1aNfQ.roa
Signing time: Sat 31 Aug 2024 15:55:03 +0000
ROA not before: Sat 31 Aug 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1840 (0x730)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 31 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85F54879444FDCB860BDF062CB3255EEDD5A35F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dd:44:eb:47:7b:a0:ec:da:d2:88:d8:32:77:
d0:3c:22:e1:e1:31:87:f3:3b:d6:74:7a:ba:47:9b:
fa:1b:3b:64:3d:07:ec:17:ca:c9:7b:3e:2a:53:a1:
10:00:dd:86:b4:3d:57:e1:d9:18:20:15:b2:fc:9b:
6f:85:da:42:f3:54:4a:1f:1e:4b:87:24:f3:45:f6:
c5:46:e6:9d:8c:7c:64:d1:ec:d5:d2:2f:39:ae:11:
d9:44:b0:31:c6:36:2d:e7:32:85:50:9a:0d:48:50:
68:88:ba:3f:2b:cd:8c:42:b0:8a:75:8c:2b:a8:84:
41:37:e0:b5:02:8a:61:23:45:ef:e6:6c:5c:08:ff:
84:6f:dd:6a:77:e3:ac:12:6f:8f:ce:8d:c5:07:bd:
21:82:5f:00:ed:c5:9f:59:c2:2c:72:32:a0:e5:f1:
b4:d0:73:26:c5:be:0b:d1:da:3d:56:6e:89:8c:ae:
bf:d8:43:c4:bf:91:4c:8b:a1:f9:14:fa:95:c1:d8:
52:d0:f9:c9:42:af:62:72:94:48:54:db:c8:a6:62:
6b:05:c4:01:4b:06:08:38:f8:b8:73:72:00:67:a8:
ee:d4:24:e8:67:c0:a5:49:b7:96:89:54:6e:2a:25:
fc:5a:20:ee:c4:46:96:07:aa:16:ed:0b:49:fb:90:
46:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F5:48:79:44:4F:DC:B8:60:BD:F0:62:CB:32:55:EE:DD:5A:35:F4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hfVIeURP3LhgvfBiyzJV7t1aNfQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
72:89:05:43:82:fd:4a:3b:78:a0:f4:ce:4d:98:9e:e0:4b:94:
9c:ea:5f:07:1b:1e:93:f5:7a:48:75:3a:b0:07:4d:6f:fa:4a:
38:6b:0d:7f:8c:e7:76:a2:f9:a2:7f:d1:7e:3d:8a:41:59:c7:
79:fb:7b:56:5c:4e:28:35:dc:98:94:c1:f0:22:41:96:69:8e:
d1:cc:d3:ac:bf:96:f3:d2:1e:53:48:67:da:50:60:1e:6c:f5:
a5:96:fc:2b:f8:4a:3a:ad:03:cc:87:22:ff:f5:c6:86:09:70:
e5:79:43:04:d4:9d:7e:37:75:a2:70:75:be:87:a5:d7:84:c0:
c7:fd:0b:b5:de:5e:1d:30:f0:9f:d0:36:b4:3f:9b:67:ae:8d:
f7:91:b7:0d:f5:b5:5d:9a:d8:1c:98:b7:cb:42:67:d1:da:ae:
39:38:e7:2b:09:63:70:ed:93:0b:65:b8:20:08:e5:28:d2:ca:
79:92:d5:21:66:42:1d:ec:07:2a:9e:b7:01:10:0f:5a:69:d6:
68:57:8e:79:dd:c6:14:4e:df:fd:81:6f:72:b9:d6:e2:89:10:
d5:d2:d4:73:ab:07:6d:68:39:f4:66:7f:78:db:db:f3:3e:96:
65:72:0e:66:9b:a4:ac:e1:a8:28:ea:5b:bc:6e:25:87:d6:08:
ac:4d:7a:0b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBzAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MzEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1RjU0ODc5NDQ0RkRD
Qjg2MEJERjA2MkNCMzI1NUVFREQ1QTM1RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn3UTrR3ug7NrSiNgyd9A8IuHhMYfzO9Z0erpHm/obO2Q9B+wX
ysl7PipToRAA3Ya0PVfh2RggFbL8m2+F2kLzVEofHkuHJPNF9sVG5p2MfGTR7NXS
LzmuEdlEsDHGNi3nMoVQmg1IUGiIuj8rzYxCsIp1jCuohEE34LUCimEjRe/mbFwI
/4Rv3Wp346wSb4/OjcUHvSGCXwDtxZ9ZwixyMqDl8bTQcybFvgvR2j1WbomMrr/Y
Q8S/kUyLofkU+pXB2FLQ+clCr2JylEhU28imYmsFxAFLBgg4+LhzcgBnqO7UJOhn
wKVJt5aJVG4qJfxaIO7ERpYHqhbtC0n7kEb9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhfVIeURP3LhgvfBiyzJV7t1aNfQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hmVkllVVJQM0xoZ3Zm
Qml5ekpWN3QxYU5mUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHKJBUOC/Uo7eKD0zk2YnuBLlJzqXwcbHpP1
ekh1OrAHTW/6SjhrDX+M53ai+aJ/0X49ikFZx3n7e1ZcTig13JiUwfAiQZZpjtHM
06y/lvPSHlNIZ9pQYB5s9aWW/Cv4SjqtA8yHIv/1xoYJcOV5QwTUnX43daJwdb6H
pdeEwMf9C7XeXh0w8J/QNrQ/m2eujfeRtw31tV2a2ByYt8tCZ9Harjk45ysJY3Dt
kwtluCAI5SjSynmS1SFmQh3sByqetwEQD1pp1mhXjnndxhRO3/2Bb3K51uKJENXS
1HOrB21oOfRmf3jb2/M+lmVyDmabpKzhqCjqW7xuJYfWCKxNegs=
-----END CERTIFICATE-----
Generated at Sat Aug 31 21:28:27 2024 by rpki-client on console-fra.rpki-client.org