Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/i9YeIStKuYmbkwEQQtYi-JVMllA.roa
File: i9YeIStKuYmbkwEQQtYi-JVMllA.roa (raw, json)
Hash identifier: WWgDzWG9YMjKUXGsCw6L33WTJZfyp2brDm7Ux0guunU=
Subject key identifier: 8B:D6:1E:21:2B:4A:B9:89:9B:93:01:10:42:D6:22:F8:95:4C:96:50
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07E4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/i9YeIStKuYmbkwEQQtYi-JVMllA.roa
Signing time: Fri 20 Sep 2024 15:55:03 +0000
ROA not before: Fri 20 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2020 (0x7e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 20 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8BD61E212B4AB9899B93011042D622F8954C9650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:18:96:d5:61:1e:a0:29:4d:84:5f:1c:05:df:
23:23:da:e8:96:b6:4e:68:51:1f:cc:a6:17:73:d3:
ec:7b:5b:d0:27:e6:ce:ca:fa:11:5b:28:15:6b:3a:
5c:f0:8a:89:c0:5b:c6:21:06:42:95:da:e4:07:f6:
2c:a7:5a:d6:c0:68:bc:f4:74:fb:7e:d3:bd:ef:c9:
54:63:e6:06:0f:79:6c:53:b0:bc:91:e8:eb:c3:f1:
a8:94:64:82:aa:9a:99:43:0d:ee:ae:06:40:49:2f:
e9:1b:1d:fe:6b:3c:4a:50:61:2b:fc:69:c8:a2:31:
88:05:a3:df:82:a7:d9:17:6c:87:0d:3d:ff:1a:27:
e2:3d:a9:b5:6e:f3:5c:f7:a1:fa:0d:aa:16:e1:76:
85:7c:1f:12:d9:33:86:db:96:c1:35:df:20:e8:ab:
7c:49:55:dd:f2:6e:6f:60:37:ed:2d:e5:e4:04:25:
40:f0:57:b3:63:94:14:54:7b:d7:6d:77:7a:22:2f:
10:e8:d1:33:c0:d6:72:fa:0b:2a:e0:1d:1a:26:58:
cc:c7:69:62:8b:39:21:62:8a:db:18:a8:cb:aa:84:
34:87:e1:d2:eb:c0:15:9b:ca:bc:69:0a:97:26:56:
ca:e9:84:53:95:a7:dc:4e:8e:18:ed:e2:ca:ae:3d:
e3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D6:1E:21:2B:4A:B9:89:9B:93:01:10:42:D6:22:F8:95:4C:96:50
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/i9YeIStKuYmbkwEQQtYi-JVMllA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
85:2f:0d:62:17:bf:51:87:96:ae:05:89:4a:4c:c1:39:88:84:
10:5f:84:d0:85:bd:95:2f:f5:2f:73:60:c9:6b:95:72:f1:15:
0f:33:45:08:2d:4a:ea:a4:6e:45:3e:03:43:59:00:f5:97:d5:
1d:4c:61:72:64:f7:a3:c8:ba:c9:92:69:c8:15:9e:6f:33:45:
a1:53:25:82:92:a8:9e:b4:4c:cd:39:3f:ba:bb:72:88:2b:1f:
5c:a9:c4:cd:59:e3:46:92:c9:a9:2e:02:05:e6:2f:e7:05:0d:
e3:2f:ea:db:6a:6d:b0:ab:87:1c:5a:e3:08:25:59:54:1e:91:
9b:b6:0d:a6:0a:cc:b6:f7:b8:dd:bf:b4:8e:51:f1:c5:58:9e:
b6:2a:76:71:a6:85:44:1e:1c:65:9f:6f:11:74:2b:d3:46:f8:
5a:67:b4:92:14:27:e8:6a:c7:56:02:27:c6:ed:92:ef:9b:10:
d7:2e:c6:7f:4e:e8:0f:b9:0c:96:37:e4:2a:29:bf:95:7f:e9:
8f:fc:d8:19:04:53:f5:76:6a:c5:f0:de:8d:3b:03:0a:50:22:
c4:d3:57:52:67:2b:fd:2a:1c:44:22:e2:aa:b4:71:c8:22:b8:
d8:3d:f6:98:bb:a0:76:8d:7d:7b:45:13:dc:5b:e5:aa:92:7a:
7a:c1:ff:45
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB+QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjAx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDhCRDYxRTIxMkI0QUI5
ODk5QjkzMDExMDQyRDYyMkY4OTU0Qzk2NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDGJbVYR6gKU2EXxwF3yMj2uiWtk5oUR/Mphdz0+x7W9An5s7K
+hFbKBVrOlzwionAW8YhBkKV2uQH9iynWtbAaLz0dPt+073vyVRj5gYPeWxTsLyR
6OvD8aiUZIKqmplDDe6uBkBJL+kbHf5rPEpQYSv8aciiMYgFo9+Cp9kXbIcNPf8a
J+I9qbVu81z3ofoNqhbhdoV8HxLZM4bblsE13yDoq3xJVd3ybm9gN+0t5eQEJUDw
V7NjlBRUe9dtd3oiLxDo0TPA1nL6CyrgHRomWMzHaWKLOSFiitsYqMuqhDSH4dLr
wBWbyrxpCpcmVsrphFOVp9xOjhjt4squPeOpAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUi9YeIStKuYmbkwEQQtYi+JVMllAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2k5WWVJU3RLdVltYmt3
RVFRdFlpLUpWTWxsQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIUvDWIXv1GHlq4FiUpMwTmIhBBfhNCFvZUv
9S9zYMlrlXLxFQ8zRQgtSuqkbkU+A0NZAPWX1R1MYXJk96PIusmSacgVnm8zRaFT
JYKSqJ60TM05P7q7cogrH1ypxM1Z40aSyakuAgXmL+cFDeMv6ttqbbCrhxxa4wgl
WVQekZu2DaYKzLb3uN2/tI5R8cVYnrYqdnGmhUQeHGWfbxF0K9NG+FpntJIUJ+hq
x1YCJ8btku+bENcuxn9O6A+5DJY35Copv5V/6Y/82BkEU/V2asXw3o07AwpQIsTT
V1JnK/0qHEQi4qq0ccgiuNg99pi7oHaNfXtFE9xb5aqSenrB/0U=
-----END CERTIFICATE-----
Generated at Fri Sep 20 23:21:44 2024 by rpki-client on console-fra.rpki-client.org