Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lw9rjP48QegzN--ZjUB2osVGU8U.roa
File: lw9rjP48QegzN--ZjUB2osVGU8U.roa (raw, json)
Hash identifier: iGb0XoSmylxDqmiQwSpa/bRX6Xf5DED0BBaHabBeDi0=
Subject key identifier: 97:0F:6B:8C:FE:3C:41:E8:33:37:EF:99:8D:40:76:A2:C5:46:53:C5
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0935
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lw9rjP48QegzN--ZjUB2osVGU8U.roa
Signing time: Sun 27 Oct 2024 23:55:02 +0000
ROA not before: Sun 27 Oct 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2357 (0x935)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 27 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=970F6B8CFE3C41E83337EF998D4076A2C54653C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e4:3a:f8:cb:8d:33:8b:57:23:62:ab:3a:90:
12:d5:84:f9:f3:5c:d3:6e:89:45:80:e1:8a:de:2e:
8a:65:32:05:6b:e0:a0:c8:9e:7a:2a:7d:e6:25:29:
3e:98:0a:d2:48:1d:0c:34:e3:37:a4:34:55:fb:3f:
df:e8:12:c7:f0:8f:a3:70:1b:34:c4:74:1b:5b:54:
d4:04:5c:94:8f:0f:24:93:ff:88:3d:04:93:87:b4:
88:98:5a:83:0a:e3:1d:66:73:de:01:92:cc:36:62:
c0:f2:92:ac:ea:7f:9d:37:21:a0:b5:34:dd:e1:f5:
8a:c2:71:b6:07:74:d9:9b:77:a6:ea:4b:a9:5f:98:
f3:0d:b8:1c:85:54:0f:ab:66:9f:9c:04:cb:9c:6b:
4b:25:4f:0b:48:c2:4c:02:6b:f5:aa:44:77:2e:84:
9e:4d:53:ed:f7:9d:40:5d:ef:c8:9c:ba:8e:92:6b:
35:64:05:df:15:ff:25:26:74:b2:da:ec:8c:44:5d:
2f:5d:e0:bc:4f:43:d8:5b:5c:ca:fb:95:5b:9e:00:
47:ea:2a:6a:b4:5b:2a:3c:33:24:45:73:61:a7:54:
c6:90:9a:b0:14:7a:f1:86:6d:59:ac:2c:10:67:d2:
1b:40:f5:51:27:cc:a7:cc:3e:85:fc:a9:43:11:6e:
60:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0F:6B:8C:FE:3C:41:E8:33:37:EF:99:8D:40:76:A2:C5:46:53:C5
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lw9rjP48QegzN--ZjUB2osVGU8U.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
09:d0:08:3b:91:39:9e:90:26:a7:f1:1d:14:53:cc:fb:40:7b:
fe:6f:9c:d9:b2:49:bf:af:58:ae:b7:e3:d7:7a:d3:93:13:e2:
31:ac:a5:03:5d:9e:d3:af:cb:92:f1:7d:bc:21:ac:bb:cc:6d:
c5:f6:21:58:24:fa:99:b4:d8:bf:17:22:f8:29:3e:79:85:65:
8e:db:43:09:c7:2a:06:e8:03:ea:b8:ae:2e:56:dd:d5:d4:60:
9a:e3:54:a0:25:a1:5a:f7:20:c4:ed:0e:3b:9f:86:f0:1c:f3:
80:17:c6:8f:44:a2:d5:5c:6d:b4:94:ac:c5:b3:da:f1:c3:57:
90:cf:12:96:bf:30:12:e5:77:d8:49:8a:b9:4b:77:1a:95:fe:
80:3e:f4:71:2b:9a:ea:69:d2:8f:b2:c8:ef:3c:43:1f:96:c6:
38:c5:9a:fe:b6:49:f5:99:8c:f8:d7:7f:4e:b5:96:30:c2:09:
ff:da:a8:0a:8e:19:41:12:44:c7:fb:e3:31:80:5f:1a:a4:16:
58:bd:bc:64:79:d4:6d:1c:d4:0a:6d:34:fe:a9:8a:8c:b9:5e:
49:66:0e:0a:ac:6b:59:5a:25:58:18:19:7c:58:11:76:52:c2:
4a:92:e5:27:75:57:04:c4:3b:08:0c:1a:c4:d9:1a:c9:40:26:
a3:02:e6:37
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjcy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk3MEY2QjhDRkUzQzQx
RTgzMzM3RUY5OThENDA3NkEyQzU0NjUzQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA5Dr4y40zi1cjYqs6kBLVhPnzXNNuiUWA4YreLoplMgVr4KDI
nnoqfeYlKT6YCtJIHQw04zekNFX7P9/oEsfwj6NwGzTEdBtbVNQEXJSPDyST/4g9
BJOHtIiYWoMK4x1mc94Bksw2YsDykqzqf503IaC1NN3h9YrCcbYHdNmbd6bqS6lf
mPMNuByFVA+rZp+cBMuca0slTwtIwkwCa/WqRHcuhJ5NU+33nUBd78icuo6SazVk
Bd8V/yUmdLLa7IxEXS9d4LxPQ9hbXMr7lVueAEfqKmq0Wyo8MyRFc2GnVMaQmrAU
evGGbVmsLBBn0htA9VEnzKfMPoX8qUMRbmDJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUlw9rjP48QegzN++ZjUB2osVGU8UwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2x3OXJqUDQ4UWVnek4t
LVpqVUIyb3NWR1U4VS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAnQCDuROZ6QJqfxHRRTzPtAe/5vnNmySb+v
WK6349d605MT4jGspQNdntOvy5LxfbwhrLvMbcX2IVgk+pm02L8XIvgpPnmFZY7b
QwnHKgboA+q4ri5W3dXUYJrjVKAloVr3IMTtDjufhvAc84AXxo9EotVcbbSUrMWz
2vHDV5DPEpa/MBLld9hJirlLdxqV/oA+9HErmupp0o+yyO88Qx+WxjjFmv62SfWZ
jPjXf061ljDCCf/aqAqOGUESRMf74zGAXxqkFli9vGR51G0c1AptNP6pioy5Xklm
Dgqsa1laJVgYGXxYEXZSwkqS5Sd1VwTEOwgMGsTZGslAJqMC5jc=
-----END CERTIFICATE-----
Generated at Mon Oct 28 05:37:33 2024 by rpki-client on console-fra.rpki-client.org