Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/mxpRj2xyoFdpCcGxM6x8iAf7F1E.roa
File: mxpRj2xyoFdpCcGxM6x8iAf7F1E.roa (raw, json)
Hash identifier: 1n1fLMlB0fYNLn2mOPSn9HBnzPGcRBDJCakUn7Fzx/I=
Subject key identifier: 9B:1A:51:8F:6C:72:A0:57:69:09:C1:B1:33:AC:7C:88:07:FB:17:51
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A0A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mxpRj2xyoFdpCcGxM6x8iAf7F1E.roa
Signing time: Wed 20 Nov 2024 15:55:02 +0000
ROA not before: Wed 20 Nov 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2570 (0xa0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 20 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9B1A518F6C72A0576909C1B133AC7C8807FB1751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:97:68:04:60:61:07:f6:d7:88:fd:1a:5b:59:
32:a2:e9:90:94:4b:40:2d:40:a2:e9:7f:2d:95:6c:
4a:fb:eb:98:49:cf:06:8a:09:bc:33:89:06:85:b3:
61:0d:87:79:e1:61:bd:63:78:3b:9f:c8:2d:b0:1d:
8b:1d:6d:e5:ae:55:25:03:5f:c3:fc:d3:cf:df:c8:
9f:66:59:94:5d:01:e5:4c:5c:21:05:af:71:aa:70:
68:33:46:2f:41:db:5c:fb:6a:f1:4f:c1:04:15:89:
b1:40:40:e8:ca:4c:a1:d6:fb:63:aa:06:3a:47:e2:
be:29:43:4c:72:36:e6:e2:d9:57:02:4c:cd:c5:73:
86:17:52:45:66:3e:4c:fb:0d:7f:51:2e:5e:db:25:
c8:98:f8:0a:02:99:76:80:fd:84:7c:46:9b:cc:59:
90:a2:57:cc:d6:fb:9c:3d:ba:8d:ff:ed:8d:03:ff:
e9:ee:52:f9:cb:b1:63:f1:c3:01:b4:8e:91:a7:c0:
52:d0:5d:fd:3c:5e:8a:44:2e:e6:a7:1a:fe:8e:27:
1e:46:59:0e:99:2b:93:0d:c0:28:bc:23:f8:ef:20:
c0:53:cd:df:a8:cc:5c:54:02:fd:5e:5d:f8:2f:1d:
66:7c:81:22:04:e0:87:cd:cd:d3:16:8c:20:ba:06:
fc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1A:51:8F:6C:72:A0:57:69:09:C1:B1:33:AC:7C:88:07:FB:17:51
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mxpRj2xyoFdpCcGxM6x8iAf7F1E.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d3:29:eb:71:1e:ef:4b:41:c1:9b:a3:23:08:0c:85:61:76:
0c:db:3e:aa:9e:2e:4d:51:c6:93:ce:36:e2:8d:5d:bd:7b:96:
1e:a2:55:29:81:2e:4e:01:05:8f:6d:f7:52:c2:ea:50:89:81:
0a:ec:8b:cb:7c:ea:97:02:18:52:e6:19:12:39:5a:d2:2a:e0:
08:fb:07:ea:0f:26:46:ec:c8:54:d2:95:61:33:f5:65:6a:70:
cc:d1:c3:36:5c:d5:dc:eb:7c:c7:a7:cc:51:0c:5f:62:ee:2e:
3d:b5:da:04:b1:df:ae:81:8e:27:fe:83:50:7e:97:07:0f:21:
67:c2:18:d3:8d:1b:38:10:de:1b:ab:5b:df:27:c5:9b:7f:00:
02:6c:76:76:7d:af:6d:0d:21:ba:8f:23:be:c3:2b:d3:a7:17:
0d:95:6e:75:55:11:4b:f9:f4:cd:47:67:e8:aa:84:a6:a5:6e:
d4:14:2c:54:32:a0:c7:ca:fe:be:b9:19:81:b1:d1:77:c8:00:
1f:6e:28:ce:6d:4b:36:78:48:a1:09:5d:06:49:11:df:d0:77:
79:8e:48:88:ac:0d:47:f4:11:82:0f:b6:11:2e:33:34:fe:6c:
a2:fd:ae:7b:72:77:44:cd:99:0e:98:ee:43:9b:e5:68:51:8d:
97:ad:48:39
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjAx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlCMUE1MThGNkM3MkEw
NTc2OTA5QzFCMTMzQUM3Qzg4MDdGQjE3NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDl2gEYGEH9teI/RpbWTKi6ZCUS0AtQKLpfy2VbEr765hJzwaK
CbwziQaFs2ENh3nhYb1jeDufyC2wHYsdbeWuVSUDX8P808/fyJ9mWZRdAeVMXCEF
r3GqcGgzRi9B21z7avFPwQQVibFAQOjKTKHW+2OqBjpH4r4pQ0xyNubi2VcCTM3F
c4YXUkVmPkz7DX9RLl7bJciY+AoCmXaA/YR8RpvMWZCiV8zW+5w9uo3/7Y0D/+nu
UvnLsWPxwwG0jpGnwFLQXf08XopELuanGv6OJx5GWQ6ZK5MNwCi8I/jvIMBTzd+o
zFxUAv1eXfgvHWZ8gSIE4IfNzdMWjCC6BvwHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUmxpRj2xyoFdpCcGxM6x8iAf7F1EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL214cFJqMnh5b0ZkcENj
R3hNNng4aUFmN0YxRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFPTKetxHu9LQcGboyMIDIVhdgzbPqqeLk1R
xpPONuKNXb17lh6iVSmBLk4BBY9t91LC6lCJgQrsi8t86pcCGFLmGRI5WtIq4Aj7
B+oPJkbsyFTSlWEz9WVqcMzRwzZc1dzrfMenzFEMX2LuLj212gSx366Bjif+g1B+
lwcPIWfCGNONGzgQ3hurW98nxZt/AAJsdnZ9r20NIbqPI77DK9OnFw2VbnVVEUv5
9M1HZ+iqhKalbtQULFQyoMfK/r65GYGx0XfIAB9uKM5tSzZ4SKEJXQZJEd/Qd3mO
SIisDUf0EYIPthEuMzT+bKL9rntyd0TNmQ6Y7kOb5WhRjZetSDk=
-----END CERTIFICATE-----
Generated at Wed Nov 20 22:21:00 2024 by rpki-client on console-ams.rpki-client.org