Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/nQIEtYJnFoeYGZBripw3ZHZVkZo.roa
File: nQIEtYJnFoeYGZBripw3ZHZVkZo.roa (raw, json)
Hash identifier: zKXPDku93/NvtVPpfMjhJ9bqI/E0KxOvzlftWHtgFJc=
Subject key identifier: 9D:02:04:B5:82:67:16:87:98:19:90:6B:8A:9C:37:64:76:55:91:9A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 075D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nQIEtYJnFoeYGZBripw3ZHZVkZo.roa
Signing time: Thu 05 Sep 2024 15:55:03 +0000
ROA not before: Thu 05 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1885 (0x75d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 5 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9D0204B5826716879819906B8A9C37647655919A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:da:70:8a:31:6a:1c:6c:af:50:3e:66:db:
13:13:87:4b:a5:a6:67:28:f1:cb:d2:d2:69:37:4c:
52:26:31:de:66:6d:0d:b7:bf:9d:7e:52:40:cc:f2:
ba:cf:35:e9:3e:32:98:0b:fd:58:7e:a5:ef:a1:e8:
27:75:f2:17:b1:74:49:1e:fb:a2:1e:c6:0b:eb:24:
be:29:d0:1e:c0:52:4f:df:b8:a1:a7:c2:ce:4c:cb:
d5:e4:6c:df:11:8c:7d:d7:0a:80:f8:8d:05:9f:35:
7a:70:15:e1:aa:57:cb:af:2c:67:43:4b:2a:8d:5b:
c5:40:d0:cb:fd:1b:f8:0e:ca:13:b5:6b:e8:8c:27:
69:7d:18:d4:02:a5:a1:73:06:fc:9c:0a:61:13:a5:
3e:3a:fe:d8:3d:17:35:1f:1b:78:22:9d:59:8e:cf:
1a:62:20:98:72:77:38:e4:48:e2:27:74:2f:b2:15:
64:f6:7d:29:a2:7f:b7:65:7d:ad:15:d6:b0:67:e5:
68:05:45:16:bc:e7:cc:3e:eb:0f:80:02:43:a7:0d:
11:da:fd:22:06:0c:a9:db:4a:33:41:2d:b9:9d:48:
40:6e:f8:9d:58:5b:f4:c7:c8:61:fa:43:d9:59:14:
84:ea:1c:44:d7:0c:d6:8c:f4:7e:c2:ef:17:17:ab:
dd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:02:04:B5:82:67:16:87:98:19:90:6B:8A:9C:37:64:76:55:91:9A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nQIEtYJnFoeYGZBripw3ZHZVkZo.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8b:4d:3c:ec:5c:ea:15:ef:1a:bf:ea:52:0a:a1:c5:f0:49:
79:2b:08:88:a4:75:90:6f:f1:ea:e3:83:8c:b6:c3:22:8f:47:
d7:b6:1a:b7:e6:18:29:d3:8a:ab:4a:a4:b5:30:5e:9f:73:98:
0c:55:bc:07:35:7a:32:e2:bf:98:53:54:dc:07:b8:64:c0:d9:
72:63:32:6d:9e:01:49:84:6e:4b:b8:35:8c:eb:82:50:54:1f:
f6:51:a3:77:e8:29:30:84:7d:3d:e9:a8:02:3b:54:36:39:eb:
ea:da:86:d3:6c:47:8a:62:8a:cd:11:13:2a:5e:8e:f3:d3:20:
ef:67:82:ba:fd:6d:4a:6a:0a:84:42:10:1f:7b:75:9f:79:02:
30:16:84:f7:20:0f:f2:53:ec:72:b1:26:a1:af:91:7d:3d:d8:
c7:6b:ad:60:4c:5a:b6:e8:3e:bb:f8:3b:13:44:fc:a5:cb:55:
27:da:50:cf:d4:56:9c:c0:f7:40:de:2e:36:ee:90:10:1f:7d:
10:67:e0:7f:e6:13:8a:59:b8:39:05:ea:01:70:ee:97:bc:de:
f6:63:55:d1:26:b2:ff:9f:11:9e:e1:37:be:f0:15:a4:ed:0a:
df:ff:6e:30:bd:29:ac:b0:91:78:cb:84:d2:73:4e:c2:90:e1:
76:d9:ba:b4
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDUx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlEMDIwNEI1ODI2NzE2
ODc5ODE5OTA2QjhBOUMzNzY0NzY1NTkxOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6s9pwijFqHGyvUD5m2xMTh0ulpmco8cvS0mk3TFImMd5mbQ23
v51+UkDM8rrPNek+MpgL/Vh+pe+h6Cd18hexdEke+6IexgvrJL4p0B7AUk/fuKGn
ws5My9XkbN8RjH3XCoD4jQWfNXpwFeGqV8uvLGdDSyqNW8VA0Mv9G/gOyhO1a+iM
J2l9GNQCpaFzBvycCmETpT46/tg9FzUfG3ginVmOzxpiIJhydzjkSOIndC+yFWT2
fSmif7dlfa0V1rBn5WgFRRa858w+6w+AAkOnDRHa/SIGDKnbSjNBLbmdSEBu+J1Y
W/THyGH6Q9lZFITqHETXDNaM9H7C7xcXq90TAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUnQIEtYJnFoeYGZBripw3ZHZVkZowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25RSUV0WUpuRm9lWUda
QnJpcHczWkhaVmtaby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEuLTTzsXOoV7xq/6lIKocXwSXkrCIikdZBv
8erjg4y2wyKPR9e2GrfmGCnTiqtKpLUwXp9zmAxVvAc1ejLiv5hTVNwHuGTA2XJj
Mm2eAUmEbku4NYzrglBUH/ZRo3foKTCEfT3pqAI7VDY56+rahtNsR4piis0REype
jvPTIO9ngrr9bUpqCoRCEB97dZ95AjAWhPcgD/JT7HKxJqGvkX092MdrrWBMWrbo
Prv4OxNE/KXLVSfaUM/UVpzA90DeLjbukBAffRBn4H/mE4pZuDkF6gFw7pe83vZj
VdEmsv+fEZ7hN77wFaTtCt//bjC9KaywkXjLhNJzTsKQ4XbZurQ=
-----END CERTIFICATE-----
Generated at Thu Sep 5 20:59:17 2024 by rpki-client on console-fra.rpki-client.org