Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hg9bRaAEYcjOSzPQqVg0e4d31-4.roa
File: hg9bRaAEYcjOSzPQqVg0e4d31-4.roa (raw, json)
Hash identifier: Z6xs2vKZa6I68k9GaGGq4iNraAi6F4FZts0iNQ803rI=
Subject key identifier: 86:0F:5B:45:A0:04:61:C8:CE:4B:33:D0:A9:58:34:7B:87:77:D7:EE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0908
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hg9bRaAEYcjOSzPQqVg0e4d31-4.roa
Signing time: Tue 22 Oct 2024 23:55:03 +0000
ROA not before: Tue 22 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2312 (0x908)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 22 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=860F5B45A00461C8CE4B33D0A958347B8777D7EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:c2:7a:60:27:db:36:ec:e5:3d:b8:21:00:
c5:8d:20:51:19:8e:3f:24:06:63:b1:5b:f2:ac:37:
a5:0e:19:7c:a4:83:eb:95:b9:34:39:64:ad:b4:5d:
9d:89:4f:e7:7f:e0:ef:06:e1:bc:52:fd:ad:b7:ea:
57:10:34:fc:c6:d1:3b:02:32:c8:2c:ab:a8:e6:d1:
e1:71:7a:20:7e:0a:2e:b2:bf:3e:f4:7e:a3:7c:78:
cc:a5:86:df:c0:9a:73:c7:75:05:6d:64:c1:c5:16:
81:62:2c:44:a1:ef:63:b9:07:fb:c1:e6:de:08:60:
59:78:18:3f:c3:25:44:8e:8e:85:31:7d:88:f1:3b:
80:39:f0:d9:ef:83:6e:60:d5:ab:de:e3:f5:2d:d7:
77:f7:3a:99:f0:5f:d6:33:95:76:20:da:d5:32:e9:
ad:64:f9:b8:a3:33:49:4d:33:b2:c6:4b:d9:06:79:
b8:2c:d9:3f:9d:4c:4f:68:a3:8b:a5:22:31:cb:50:
22:dc:3e:f0:48:c1:dc:4b:97:39:b3:3f:73:07:f7:
4d:65:68:a1:67:be:4f:38:28:d5:77:92:17:84:f5:
a4:3a:71:5b:e2:b6:68:0f:e9:1d:07:fd:24:40:95:
04:88:b7:28:f8:d6:da:e3:c2:dd:5e:5c:8a:31:96:
d2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0F:5B:45:A0:04:61:C8:CE:4B:33:D0:A9:58:34:7B:87:77:D7:EE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hg9bRaAEYcjOSzPQqVg0e4d31-4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
04:fd:84:1b:ba:21:82:f7:fb:3e:37:e8:f0:9d:fc:47:58:3e:
37:e9:b9:53:4c:a6:1f:05:f5:e4:a1:1f:77:84:48:e5:3e:71:
1a:65:13:57:61:3f:aa:42:34:70:51:e8:6b:e7:f9:c4:c3:1a:
77:96:bf:b3:8a:0b:a4:f5:ce:cb:56:4c:a3:fb:bd:52:01:21:
ea:1f:bf:9f:0e:16:50:d0:7f:b8:7b:2e:fa:ba:50:c9:cf:40:
2b:d9:de:22:db:15:61:ae:0d:f2:df:bf:2b:a1:43:38:84:a5:
de:90:4e:7f:ff:e3:af:14:44:11:d7:42:f7:0a:b7:78:e5:60:
8a:ee:e6:26:aa:76:36:b0:82:9d:7c:c0:47:f8:3d:b8:55:5c:
11:20:03:39:78:69:48:b7:85:ab:af:22:cc:2a:35:c0:55:db:
7d:32:c2:4d:af:e4:9d:38:64:ca:0b:2e:53:30:fb:cf:8e:b2:
c8:da:b2:ad:7a:b9:18:18:67:77:ad:44:66:23:82:bd:1f:87:
ca:15:5e:4b:f4:d8:39:bc:d0:5b:c0:e6:af:41:8d:1d:a8:69:
71:96:12:e4:23:c4:ca:31:7b:eb:3f:9c:17:11:73:45:f2:e8:
a2:ec:17:e9:e7:18:4b:16:41:ef:fd:42:0c:8c:96:16:65:80:
2c:52:56:87
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg2MEY1QjQ1QTAwNDYx
QzhDRTRCMzNEMEE5NTgzNDdCODc3N0Q3RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL98J6YCfbNuzlPbghAMWNIFEZjj8kBmOxW/KsN6UOGXykg+uV
uTQ5ZK20XZ2JT+d/4O8G4bxS/a236lcQNPzG0TsCMsgsq6jm0eFxeiB+Ci6yvz70
fqN8eMylht/AmnPHdQVtZMHFFoFiLESh72O5B/vB5t4IYFl4GD/DJUSOjoUxfYjx
O4A58Nnvg25g1ave4/Ut13f3OpnwX9YzlXYg2tUy6a1k+bijM0lNM7LGS9kGebgs
2T+dTE9oo4ulIjHLUCLcPvBIwdxLlzmzP3MH901laKFnvk84KNV3kheE9aQ6cVvi
tmgP6R0H/SRAlQSItyj41trjwt1eXIoxltK9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhg9bRaAEYcjOSzPQqVg0e4d31+4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hnOWJSYUFFWWNqT1N6
UFFxVmcwZTRkMzEtNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAT9hBu6IYL3+z436PCd/EdYPjfpuVNMph8F
9eShH3eESOU+cRplE1dhP6pCNHBR6Gvn+cTDGneWv7OKC6T1zstWTKP7vVIBIeof
v58OFlDQf7h7Lvq6UMnPQCvZ3iLbFWGuDfLfvyuhQziEpd6QTn//468URBHXQvcK
t3jlYIru5iaqdjawgp18wEf4PbhVXBEgAzl4aUi3hauvIswqNcBV230ywk2v5J04
ZMoLLlMw+8+Ossjasq16uRgYZ3etRGYjgr0fh8oVXkv02Dm80FvA5q9BjR2oaXGW
EuQjxMoxe+s/nBcRc0Xy6KLsF+nnGEsWQe/9QgyMlhZlgCxSVoc=
-----END CERTIFICATE-----
Generated at Wed Oct 23 05:14:41 2024 by rpki-client on console-fra.rpki-client.org