Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/jknvR0SG6WbWTK98vP9Erf8rvcw.roa
File: jknvR0SG6WbWTK98vP9Erf8rvcw.roa (raw, json)
Hash identifier: BvDFw8qKDP7EaR3O50KQeUjzcy2q87sd5dyO8kjF3Rk=
Subject key identifier: 8E:49:EF:47:44:86:E9:66:D6:4C:AF:7C:BC:FF:44:AD:FF:2B:BD:CC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06FD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/jknvR0SG6WbWTK98vP9Erf8rvcw.roa
Signing time: Sun 25 Aug 2024 23:55:04 +0000
ROA not before: Sun 25 Aug 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1789 (0x6fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 25 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8E49EF474486E966D64CAF7CBCFF44ADFF2BBDCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2a:83:db:a2:42:d7:c9:78:fd:c2:97:7f:f5:
79:be:23:59:33:e1:5d:cc:c2:3a:a0:0e:d0:08:15:
9a:73:48:1d:9b:a0:4b:90:8e:b3:89:1d:4f:3f:af:
5f:65:1d:75:08:ec:ea:0d:13:12:29:ec:c9:49:0b:
d9:1c:90:cb:e8:11:6d:f1:72:12:ae:da:64:5a:6a:
ea:e0:1e:b3:10:12:af:2f:9d:55:49:16:6a:a6:1e:
31:87:db:22:93:88:9f:80:8b:05:b9:24:2e:6f:85:
8a:c4:ba:68:81:ba:46:38:ef:a1:e2:d1:b1:50:3c:
e6:91:ca:fe:8a:e6:0a:66:a2:d5:4d:20:ce:75:06:
76:6a:58:57:6e:09:3c:f6:2a:4a:36:be:2e:f2:53:
af:f8:2b:1d:48:d5:69:d4:95:2e:da:c3:12:08:f8:
f5:89:e1:f1:aa:6f:8b:74:8b:10:65:b7:7c:06:5c:
eb:bd:83:99:06:de:08:82:28:ad:64:5c:68:2a:4d:
dd:c1:b7:dc:53:18:c5:b9:f9:55:65:b0:a5:1e:5f:
8b:7c:87:b7:ee:2b:02:6e:62:72:b1:e4:be:d1:27:
74:97:fb:33:3f:4a:7b:92:fc:c6:6b:dd:3a:d5:b5:
bc:46:d8:24:46:8b:dd:41:03:69:69:96:0d:af:ff:
e6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:49:EF:47:44:86:E9:66:D6:4C:AF:7C:BC:FF:44:AD:FF:2B:BD:CC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/jknvR0SG6WbWTK98vP9Erf8rvcw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a9:44:bb:63:4a:43:49:76:6e:11:f9:1f:18:0b:b4:d8:12:
88:08:aa:e8:7f:25:4e:95:59:de:d9:f6:e8:00:a2:01:73:29:
28:af:d8:c4:ed:ab:3f:72:a2:69:53:f0:d0:1f:fa:53:b1:c4:
fa:28:b6:5d:68:cd:4e:b6:94:f6:c2:fb:af:65:cb:54:12:c7:
b2:69:d8:54:e5:ab:22:f3:c4:6e:8f:cb:6c:7e:82:20:87:3c:
b9:0c:89:62:a3:b5:c8:7c:79:2e:ae:95:ff:b3:90:97:82:ef:
92:a2:13:6a:c2:c4:b6:9e:b0:94:0d:57:74:80:b5:fa:7a:66:
8f:5e:f8:c8:58:84:5c:3a:57:1d:98:39:4d:2b:75:6e:8e:16:
43:c6:e7:06:f2:ee:0a:c9:63:ee:b5:da:f0:ee:62:89:3e:c1:
5a:e7:eb:52:49:d2:69:2a:5c:26:07:9f:8f:6c:77:29:4f:31:
65:05:91:9d:51:c4:84:59:f3:58:fb:ed:95:85:d2:4d:71:8c:
b7:e4:1b:8e:d5:ff:9a:65:b2:19:59:35:9f:77:a2:1c:71:79:
9f:ce:ab:2f:9a:9d:37:85:83:be:ca:31:76:e5:f7:89:84:9c:
79:55:09:5f:5e:e1:56:98:e2:b5:a1:40:cf:1d:66:de:96:5c:
8c:8e:43:ce
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjUy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDhFNDlFRjQ3NDQ4NkU5
NjZENjRDQUY3Q0JDRkY0NEFERkYyQkJEQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCKoPbokLXyXj9wpd/9Xm+I1kz4V3MwjqgDtAIFZpzSB2boEuQ
jrOJHU8/r19lHXUI7OoNExIp7MlJC9kckMvoEW3xchKu2mRaaurgHrMQEq8vnVVJ
FmqmHjGH2yKTiJ+AiwW5JC5vhYrEumiBukY476Hi0bFQPOaRyv6K5gpmotVNIM51
BnZqWFduCTz2Kko2vi7yU6/4Kx1I1WnUlS7awxII+PWJ4fGqb4t0ixBlt3wGXOu9
g5kG3giCKK1kXGgqTd3Bt9xTGMW5+VVlsKUeX4t8h7fuKwJuYnKx5L7RJ3SX+zM/
SnuS/MZr3TrVtbxG2CRGi91BA2lplg2v/+Z1AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUjknvR0SG6WbWTK98vP9Erf8rvcwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2prbnZSMFNHNldiV1RL
OTh2UDlFcmY4cnZjdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAACpRLtjSkNJdm4R+R8YC7TYEogIquh/JU6V
Wd7Z9ugAogFzKSiv2MTtqz9yomlT8NAf+lOxxPootl1ozU62lPbC+69ly1QSx7Jp
2FTlqyLzxG6Py2x+giCHPLkMiWKjtch8eS6ulf+zkJeC75KiE2rCxLaesJQNV3SA
tfp6Zo9e+MhYhFw6Vx2YOU0rdW6OFkPG5wby7grJY+612vDuYok+wVrn61JJ0mkq
XCYHn49sdylPMWUFkZ1RxIRZ81j77ZWF0k1xjLfkG47V/5plshlZNZ93ohxxeZ/O
qy+anTeFg77KMXbl94mEnHlVCV9e4VaY4rWhQM8dZt6WXIyOQ84=
-----END CERTIFICATE-----
Generated at Mon Aug 26 07:14:48 2024 by rpki-client on console-fra.rpki-client.org