Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lUoCsiAts8EPiflMM0nrc_c9DQw.roa
File: lUoCsiAts8EPiflMM0nrc_c9DQw.roa (raw, json)
Hash identifier: u7Qlv+L11FWFGCVhG8XRro+agL0hKvjPfBN35V4JBY8=
Subject key identifier: 95:4A:02:B2:20:2D:B3:C1:0F:89:F9:4C:33:49:EB:73:F7:3D:0D:0C
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06DF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lUoCsiAts8EPiflMM0nrc_c9DQw.roa
Signing time: Thu 22 Aug 2024 15:55:03 +0000
ROA not before: Thu 22 Aug 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1759 (0x6df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 22 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=954A02B2202DB3C10F89F94C3349EB73F73D0D0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:84:65:4e:5a:5e:1d:7c:9e:24:6e:b4:03:69:
1e:64:f0:c6:fb:71:e7:0c:80:16:53:95:a3:23:7e:
42:ba:bf:ee:2a:66:ea:2b:87:fc:ca:f9:da:73:8a:
47:92:aa:56:f1:44:bf:ff:2c:03:4d:4f:9c:8c:d6:
47:99:b0:c6:e2:04:b2:92:97:96:65:51:f0:ee:a1:
65:c1:2f:1e:a7:ed:fd:26:13:20:41:b5:a6:e7:87:
6c:46:05:be:23:94:c9:80:b8:21:26:87:ce:fe:a9:
1e:77:80:b9:09:03:81:c9:93:5c:64:17:1b:71:9b:
08:95:3d:3e:85:17:1b:5b:f3:57:7d:42:37:c3:48:
09:eb:ed:95:65:ad:52:ef:e4:22:1f:aa:25:8c:8e:
d9:a8:c3:5c:52:d1:b5:f7:5c:7d:25:c8:d7:b0:81:
bb:f5:fc:c8:0e:19:df:03:16:3c:23:62:9a:e6:e4:
b4:94:46:af:92:db:98:15:f3:7e:f6:28:61:29:4b:
9a:c6:df:ba:ae:04:2a:3a:03:e5:02:69:2a:a7:eb:
d1:f5:4f:bf:2d:cd:ba:06:be:a8:18:7e:20:e1:fe:
d0:65:53:87:ff:21:29:b9:2f:40:82:4d:6d:93:a8:
57:d6:34:05:76:40:29:a4:4e:61:e9:d6:7b:d5:80:
57:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4A:02:B2:20:2D:B3:C1:0F:89:F9:4C:33:49:EB:73:F7:3D:0D:0C
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lUoCsiAts8EPiflMM0nrc_c9DQw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ab:e1:62:00:0d:2b:c0:1b:7c:25:96:48:a2:d2:6d:70:18:
aa:df:00:e6:24:4f:6e:9f:77:62:74:72:7c:0a:5a:4d:74:0c:
5e:85:b2:94:78:a1:e8:58:05:6a:b0:7e:49:85:b3:43:93:08:
1a:5a:83:41:ac:99:2c:44:41:41:a4:17:f7:c0:4c:cd:4a:2d:
08:2c:29:4b:98:65:66:ea:87:c2:a8:ff:b9:ca:99:e4:bc:df:
a4:c4:fa:df:3d:ee:68:19:a2:17:ca:ba:be:5c:12:5b:9b:22:
95:fd:33:d5:71:60:eb:52:a5:a3:bb:15:e8:9a:8c:32:0f:fd:
bf:82:ce:68:3b:92:56:d2:08:d5:ad:61:12:14:18:58:71:05:
77:ab:ba:ca:f3:69:5c:12:23:49:f1:85:7a:d1:bb:11:10:41:
85:fd:7e:cd:6b:12:2e:47:0a:db:b8:b5:65:35:ab:8a:4e:d0:
85:b2:95:96:b5:1b:fe:84:b0:21:b2:31:97:aa:4a:26:38:e5:
ee:90:36:54:14:35:b2:76:50:b1:88:ed:0d:4a:04:6b:3e:51:
1f:bb:85:c7:42:0e:92:24:fa:03:67:69:91:f0:d5:b3:84:93:
d8:5d:63:76:81:6f:a9:c5:fe:28:ca:34:22:f1:a8:e0:3d:f4:
7c:61:59:51
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk1NEEwMkIyMjAyREIz
QzEwRjg5Rjk0QzMzNDlFQjczRjczRDBEMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuhGVOWl4dfJ4kbrQDaR5k8Mb7cecMgBZTlaMjfkK6v+4qZuor
h/zK+dpzikeSqlbxRL//LANNT5yM1keZsMbiBLKSl5ZlUfDuoWXBLx6n7f0mEyBB
tabnh2xGBb4jlMmAuCEmh87+qR53gLkJA4HJk1xkFxtxmwiVPT6FFxtb81d9QjfD
SAnr7ZVlrVLv5CIfqiWMjtmow1xS0bX3XH0lyNewgbv1/MgOGd8DFjwjYprm5LSU
Rq+S25gV8372KGEpS5rG37quBCo6A+UCaSqn69H1T78tzboGvqgYfiDh/tBlU4f/
ISm5L0CCTW2TqFfWNAV2QCmkTmHp1nvVgFdbAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUlUoCsiAts8EPiflMM0nrc/c9DQwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2xVb0NzaUF0czhFUGlm
bE1NMG5yY19jOURRdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJer4WIADSvAG3wllkii0m1wGKrfAOYkT26f
d2J0cnwKWk10DF6FspR4oehYBWqwfkmFs0OTCBpag0GsmSxEQUGkF/fATM1KLQgs
KUuYZWbqh8Ko/7nKmeS836TE+t897mgZohfKur5cElubIpX9M9VxYOtSpaO7Feia
jDIP/b+Czmg7klbSCNWtYRIUGFhxBXerusrzaVwSI0nxhXrRuxEQQYX9fs1rEi5H
Ctu4tWU1q4pO0IWylZa1G/6EsCGyMZeqSiY45e6QNlQUNbJ2ULGI7Q1KBGs+UR+7
hcdCDpIk+gNnaZHw1bOEk9hdY3aBb6nF/ijKNCLxqOA99HxhWVE=
-----END CERTIFICATE-----
Generated at Thu Aug 22 22:43:20 2024 by rpki-client on console-ams.rpki-client.org