Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lG_KjwkctzCYASQbkdPSkNodOPQ.roa
File: lG_KjwkctzCYASQbkdPSkNodOPQ.roa (raw, json)
Hash identifier: IAyFA26MX3kuDQDemkR5kOuQ0YH1I86Sm6DGQRxh3tw=
Subject key identifier: 94:6F:CA:8F:09:1C:B7:30:98:01:24:1B:91:D3:D2:90:DA:1D:38:F4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 071B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lG_KjwkctzCYASQbkdPSkNodOPQ.roa
Signing time: Thu 29 Aug 2024 07:55:02 +0000
ROA not before: Thu 29 Aug 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1819 (0x71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 29 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=946FCA8F091CB7309801241B91D3D290DA1D38F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:5a:76:6a:0f:f0:72:d2:89:44:57:1e:21:
dd:73:68:de:f3:64:56:e3:82:c8:96:84:06:39:ea:
b5:2e:eb:6f:64:33:28:27:b4:16:88:db:a6:e2:66:
cc:4b:48:2e:86:34:f6:ee:4c:56:9c:89:8a:26:97:
f7:db:95:60:f9:de:af:73:80:1f:12:1d:f6:55:e4:
84:12:a7:18:ac:d7:36:37:db:b5:11:f0:cb:86:a9:
31:f9:9a:e8:99:ec:3b:9c:90:ca:eb:54:f6:5f:3d:
16:88:c0:cc:e2:a5:aa:58:75:de:24:a4:75:f1:9e:
2f:0d:e9:9c:65:70:bd:e0:3f:11:1e:f2:9c:13:e8:
3b:62:ea:bd:76:96:c6:54:91:31:c5:ae:c2:6a:d9:
32:ce:83:bc:5a:cc:bb:ab:bf:32:18:e3:2c:c7:d6:
53:32:1d:3c:45:bb:00:22:ae:45:c9:6d:aa:e5:23:
22:42:77:c2:7f:1b:44:08:b9:b8:bd:90:a8:6c:90:
d6:4a:b6:84:77:b7:29:7d:b0:24:b6:d1:11:d0:ab:
4e:c6:b1:cc:38:94:e2:60:ab:bd:2c:e7:e2:de:3e:
29:70:52:aa:ff:56:71:2d:9a:ab:79:ed:a3:d4:7d:
a0:93:cf:9a:e4:ec:5b:23:76:b5:ef:88:62:ce:5f:
c2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6F:CA:8F:09:1C:B7:30:98:01:24:1B:91:D3:D2:90:DA:1D:38:F4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lG_KjwkctzCYASQbkdPSkNodOPQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:db:ef:71:ce:8d:09:77:76:bc:aa:2c:ea:20:00:8c:e5:01:
7d:56:cd:51:46:f1:8b:d3:22:a8:cf:7c:6b:60:35:ee:ef:59:
ad:af:7c:34:d3:1c:83:88:c1:e0:8e:e3:73:09:d3:85:66:59:
5f:5c:f4:69:a4:09:dd:05:c4:bc:42:cf:63:d5:6a:2a:64:54:
bc:27:a1:20:7f:bf:40:a6:6a:04:77:26:97:c7:c6:4d:d3:b7:
6a:93:aa:2b:c2:2e:e3:16:27:bc:50:36:15:75:57:6c:32:d4:
34:ab:14:16:df:16:b9:26:13:3b:e0:77:a3:dc:64:35:d7:0e:
0e:c5:90:fe:43:d9:33:67:56:0e:9b:dd:3f:f0:47:12:8c:fe:
99:91:38:aa:6f:a9:3d:06:bd:1e:89:0a:78:29:31:9f:2c:db:
94:3b:aa:e5:90:e5:ae:db:8c:dc:d0:87:3c:5c:a5:e8:a9:68:
02:64:d1:a5:3d:70:53:c9:80:4b:a0:23:3e:dd:5a:35:6d:8e:
44:b1:af:85:59:a4:4f:34:3a:19:4b:94:5c:52:57:5f:d4:a4:
a4:b5:fe:2c:75:44:2d:54:4b:56:2f:27:91:85:07:71:85:d2:
b9:cb:b7:ef:e7:bd:fb:65:7b:1d:fb:54:35:57:3d:07:f5:32:
c8:02:11:cb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4Mjkw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk0NkZDQThGMDkxQ0I3
MzA5ODAxMjQxQjkxRDNEMjkwREExRDM4RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ3Fp2ag/wctKJRFceId1zaN7zZFbjgsiWhAY56rUu629kMygn
tBaI26biZsxLSC6GNPbuTFaciYoml/fblWD53q9zgB8SHfZV5IQSpxis1zY327UR
8MuGqTH5muiZ7DuckMrrVPZfPRaIwMzipapYdd4kpHXxni8N6ZxlcL3gPxEe8pwT
6Dti6r12lsZUkTHFrsJq2TLOg7xazLurvzIY4yzH1lMyHTxFuwAirkXJbarlIyJC
d8J/G0QIubi9kKhskNZKtoR3tyl9sCS20RHQq07Gscw4lOJgq70s5+LePilwUqr/
VnEtmqt57aPUfaCTz5rk7FsjdrXviGLOX8KxAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUlG/KjwkctzCYASQbkdPSkNodOPQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2xHX0tqd2tjdHpDWUFT
UWJrZFBTa05vZE9QUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAG/b73HOjQl3dryqLOogAIzlAX1WzVFG8YvT
IqjPfGtgNe7vWa2vfDTTHIOIweCO43MJ04VmWV9c9GmkCd0FxLxCz2PVaipkVLwn
oSB/v0CmagR3JpfHxk3Tt2qTqivCLuMWJ7xQNhV1V2wy1DSrFBbfFrkmEzvgd6Pc
ZDXXDg7FkP5D2TNnVg6b3T/wRxKM/pmROKpvqT0GvR6JCngpMZ8s25Q7quWQ5a7b
jNzQhzxcpeipaAJk0aU9cFPJgEugIz7dWjVtjkSxr4VZpE80OhlLlFxSV1/UpKS1
/ix1RC1US1YvJ5GFB3GF0rnLt+/nvftlex37VDVXPQf1MsgCEcs=
-----END CERTIFICATE-----
Generated at Thu Aug 29 13:19:42 2024 by rpki-client on console-fra.rpki-client.org