Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hkdFiKJ254FNg6rLovBB0dMZq3A.roa
File: hkdFiKJ254FNg6rLovBB0dMZq3A.roa (raw, json)
Hash identifier: 4p1f6oOe8vC2YMz47taeWEu9RI1gOzS9GauQHWaKih0=
Subject key identifier: 86:47:45:88:A2:76:E7:81:4D:83:AA:CB:A2:F0:41:D1:D3:19:AB:70
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07F6
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hkdFiKJ254FNg6rLovBB0dMZq3A.roa
Signing time: Sun 22 Sep 2024 15:55:02 +0000
ROA not before: Sun 22 Sep 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2038 (0x7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 22 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86474588A276E7814D83AACBA2F041D1D319AB70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a1:c2:c9:18:86:08:d3:43:dd:2a:1f:61:30:
bb:2f:a8:06:fe:05:00:f6:4e:65:99:ef:90:93:f5:
12:83:29:e9:df:c7:fc:29:c6:fd:fc:60:1d:4c:30:
be:82:6c:9d:11:9e:86:34:04:03:70:5b:1c:c3:31:
30:0a:26:c4:2a:25:04:07:1d:48:3a:84:04:55:a4:
48:c5:ca:a2:d0:b7:33:ac:cd:74:bd:3e:dc:36:51:
bb:e6:b6:58:a2:c9:37:8e:2d:6e:9f:dc:61:76:52:
5b:5f:6c:39:21:25:c4:c2:73:ae:96:31:4b:c8:48:
b0:eb:c3:7b:9b:1f:a3:de:5d:e5:24:2c:31:b5:17:
3e:a4:25:fd:e2:7d:bb:00:f0:46:64:99:28:d5:cd:
e7:59:ff:d0:f6:a0:73:eb:aa:2c:87:19:93:01:5e:
52:11:a9:16:4a:34:cd:d6:b5:96:c2:80:19:f6:13:
8d:ad:7d:6b:fd:a9:b9:4b:f3:16:4c:9f:b1:02:29:
57:03:18:42:a4:a0:59:53:87:02:41:da:7f:3e:75:
9b:92:a8:01:ad:cf:3f:79:03:be:34:05:e9:9d:5d:
ef:69:e9:89:87:44:89:37:5d:5f:06:02:ae:1a:a0:
f2:95:d2:8a:1c:5a:1b:b9:2e:b5:2c:d0:9d:f5:aa:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:47:45:88:A2:76:E7:81:4D:83:AA:CB:A2:F0:41:D1:D3:19:AB:70
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hkdFiKJ254FNg6rLovBB0dMZq3A.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:fa:e4:29:38:6b:4d:b5:60:e2:5e:70:b0:a1:d5:c2:9e:79:
6f:a5:47:21:4b:97:bc:0e:10:c2:a7:cc:5e:95:66:92:72:74:
55:09:7a:d2:9c:fb:52:d3:2a:e1:07:f7:19:a2:af:d9:21:8a:
bc:29:5f:bf:c7:de:35:03:b3:6e:7f:31:ed:65:3b:3f:62:34:
ce:58:c7:1f:fb:6b:5b:21:66:6d:23:97:64:3a:a1:f9:a4:d4:
42:6f:6c:04:fa:20:05:5f:ae:29:0b:60:52:44:69:5d:66:5f:
71:07:a3:ce:f1:65:73:68:13:13:fd:92:69:ab:17:37:58:ea:
40:6e:b4:85:f7:83:77:84:9c:3c:da:1f:42:18:cb:c1:21:00:
a3:ee:4f:5c:75:0c:80:cf:bf:2e:f7:e1:1b:ae:c3:71:fd:c0:
5a:c0:40:06:29:11:f9:be:8c:14:ba:da:d3:d9:fe:14:6f:27:
67:12:79:8f:0e:21:41:26:8f:eb:f6:66:16:1d:ca:7a:4f:d3:
20:3b:cb:67:f0:e9:d2:7d:0c:f5:b4:25:b5:d0:7b:78:3b:e6:
6c:b1:fb:9c:62:77:f7:6a:82:18:bb:e6:3e:dc:df:4a:67:16:
66:b9:ce:81:5d:37:f0:d6:6a:77:73:6c:00:db:27:30:d6:a7:
c4:13:3f:a2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjIx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg2NDc0NTg4QTI3NkU3
ODE0RDgzQUFDQkEyRjA0MUQxRDMxOUFCNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTocLJGIYI00PdKh9hMLsvqAb+BQD2TmWZ75CT9RKDKenfx/wp
xv38YB1MML6CbJ0RnoY0BANwWxzDMTAKJsQqJQQHHUg6hARVpEjFyqLQtzOszXS9
Ptw2UbvmtliiyTeOLW6f3GF2UltfbDkhJcTCc66WMUvISLDrw3ubH6PeXeUkLDG1
Fz6kJf3ifbsA8EZkmSjVzedZ/9D2oHPrqiyHGZMBXlIRqRZKNM3WtZbCgBn2E42t
fWv9qblL8xZMn7ECKVcDGEKkoFlThwJB2n8+dZuSqAGtzz95A740BemdXe9p6YmH
RIk3XV8GAq4aoPKV0oocWhu5LrUs0J31quILAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhkdFiKJ254FNg6rLovBB0dMZq3AwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hrZEZpS0oyNTRGTmc2
ckxvdkJCMGRNWnEzQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAL/65Ck4a021YOJecLCh1cKeeW+lRyFLl7wO
EMKnzF6VZpJydFUJetKc+1LTKuEH9xmir9khirwpX7/H3jUDs25/Me1lOz9iNM5Y
xx/7a1shZm0jl2Q6ofmk1EJvbAT6IAVfrikLYFJEaV1mX3EHo87xZXNoExP9kmmr
FzdY6kButIX3g3eEnDzaH0IYy8EhAKPuT1x1DIDPvy734Ruuw3H9wFrAQAYpEfm+
jBS62tPZ/hRvJ2cSeY8OIUEmj+v2ZhYdynpP0yA7y2fw6dJ9DPW0JbXQe3g75myx
+5xid/dqghi75j7c30pnFma5zoFdN/DWandzbADbJzDWp8QTP6I=
-----END CERTIFICATE-----
Generated at Sun Sep 22 22:34:30 2024 by rpki-client on console-fra.rpki-client.org