Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/iPPCXnk93mpB6yoCibtFlTepzAQ.roa
File: iPPCXnk93mpB6yoCibtFlTepzAQ.roa (raw, json)
Hash identifier: 4SNOKu8WfCuij0crZiBZkyPuKeSf1AT59FY8BKPx7nc=
Subject key identifier: 88:F3:C2:5E:79:3D:DE:6A:41:EB:2A:02:89:BB:45:95:37:A9:CC:04
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0781
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/iPPCXnk93mpB6yoCibtFlTepzAQ.roa
Signing time: Mon 09 Sep 2024 15:55:03 +0000
ROA not before: Mon 09 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1921 (0x781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 9 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88F3C25E793DDE6A41EB2A0289BB459537A9CC04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:20:f8:7f:ec:71:96:b6:38:ed:f0:8d:41:93:
eb:d5:79:17:2c:a3:89:8b:8b:16:3c:11:84:54:4c:
79:15:1e:e1:8b:be:3c:f7:1c:21:ac:3f:15:47:d5:
cc:90:42:52:bf:5a:7f:46:c8:90:78:9d:fa:58:5a:
ce:21:b0:dc:f0:80:9e:18:42:0c:d6:0c:ae:a4:8a:
69:aa:4c:95:80:aa:63:d7:ff:4e:50:68:2e:24:5c:
e9:c4:ac:b5:ec:5f:27:25:7d:94:bb:1e:9f:fb:ee:
7f:24:fc:e3:bd:c3:b6:61:df:39:55:6a:80:e1:f8:
b7:be:be:ef:ba:4f:7d:96:34:59:49:48:0e:1e:90:
56:74:e3:39:6e:71:21:43:a1:e2:f2:99:1c:d5:7c:
e2:1c:94:e8:28:5c:a4:84:5c:0d:fd:e7:59:a1:3c:
02:19:36:9d:60:7d:9a:b2:03:ed:4e:c9:f7:11:d6:
2d:54:97:26:0d:e9:bb:78:2a:3a:7a:0f:c6:b1:ae:
6f:92:ad:af:02:8a:a4:82:84:0d:7d:fd:30:a1:cc:
46:1c:9a:d7:fa:0b:55:7d:95:ae:75:56:91:af:cd:
30:e9:c0:c1:59:48:e1:35:59:65:f0:cc:4b:c1:7c:
20:a8:cb:7f:2f:7e:9e:53:5f:0c:ea:0b:30:9f:08:
b3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F3:C2:5E:79:3D:DE:6A:41:EB:2A:02:89:BB:45:95:37:A9:CC:04
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/iPPCXnk93mpB6yoCibtFlTepzAQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:3d:ef:f0:4f:a9:f7:05:d4:c1:80:cd:f3:ff:81:26:39:5a:
12:e8:79:28:31:d6:ab:f8:c3:02:f6:6f:83:0a:2d:26:b5:73:
68:fe:d7:45:b7:0b:1a:99:5c:4e:52:39:96:63:8f:4c:64:f7:
a4:31:43:69:a3:db:13:21:f3:79:0a:4d:f4:b2:73:f3:8a:ff:
68:39:37:e1:88:92:88:6e:c8:8e:d7:2b:4f:6c:ff:dc:36:93:
f2:ce:f3:ff:31:d8:ea:40:c9:5e:03:ee:01:78:1b:47:dd:ec:
08:07:47:73:13:40:7f:0d:dc:7b:61:11:0a:2e:ba:d0:2d:3a:
7f:95:63:2d:7c:01:38:2b:9f:20:c6:a2:fd:ec:30:62:51:f8:
af:31:ca:6e:20:21:f8:8a:2d:d4:88:bf:fd:0a:17:7e:0a:5c:
dc:4a:d8:1b:11:72:15:91:bf:ce:59:e8:8b:4b:f3:a4:72:5f:
73:60:c1:12:74:e6:26:35:aa:43:54:4d:7f:4d:3b:32:da:57:
eb:3c:73:60:05:a2:62:b8:6a:41:c7:49:51:9b:4b:da:59:c6:
c3:0e:f9:c0:18:7a:d9:0e:1b:89:de:0a:84:c2:64:d4:21:9e:
ff:ed:65:b1:67:38:2d:81:6b:99:80:2e:0e:c7:cf:36:2b:6d:
3f:f6:fe:ac
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB4EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDkx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg4RjNDMjVFNzkzRERF
NkE0MUVCMkEwMjg5QkI0NTk1MzdBOUNDMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyIPh/7HGWtjjt8I1Bk+vVeRcso4mLixY8EYRUTHkVHuGLvjz3
HCGsPxVH1cyQQlK/Wn9GyJB4nfpYWs4hsNzwgJ4YQgzWDK6kimmqTJWAqmPX/05Q
aC4kXOnErLXsXyclfZS7Hp/77n8k/OO9w7Zh3zlVaoDh+Le+vu+6T32WNFlJSA4e
kFZ04zlucSFDoeLymRzVfOIclOgoXKSEXA3951mhPAIZNp1gfZqyA+1OyfcR1i1U
lyYN6bt4Kjp6D8axrm+Sra8CiqSChA19/TChzEYcmtf6C1V9la51VpGvzTDpwMFZ
SOE1WWXwzEvBfCCoy38vfp5TXwzqCzCfCLM9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUiPPCXnk93mpB6yoCibtFlTepzAQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2lQUENYbms5M21wQjZ5
b0NpYnRGbFRlcHpBUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKg97/BPqfcF1MGAzfP/gSY5WhLoeSgx1qv4
wwL2b4MKLSa1c2j+10W3CxqZXE5SOZZjj0xk96QxQ2mj2xMh83kKTfSyc/OK/2g5
N+GIkohuyI7XK09s/9w2k/LO8/8x2OpAyV4D7gF4G0fd7AgHR3MTQH8N3HthEQou
utAtOn+VYy18ATgrnyDGov3sMGJR+K8xym4gIfiKLdSIv/0KF34KXNxK2BsRchWR
v85Z6ItL86RyX3NgwRJ05iY1qkNUTX9NOzLaV+s8c2AFomK4akHHSVGbS9pZxsMO
+cAYetkOG4neCoTCZNQhnv/tZbFnOC2Ba5mALg7HzzYrbT/2/qw=
-----END CERTIFICATE-----
Generated at Mon Sep 9 23:00:19 2024 by rpki-client on console-ams.rpki-client.org