Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/nRSz6KRz_bRhjMDddKGHIQsuomM.roa
File: nRSz6KRz_bRhjMDddKGHIQsuomM.roa (raw, json)
Hash identifier: YHnFUD5ERim32dKIK1ek+/10kGPP4yKgz/RK+0DAg6k=
Subject key identifier: 9D:14:B3:E8:A4:73:FD:B4:61:8C:C0:DD:74:A1:87:21:0B:2E:A2:63
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09F8
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nRSz6KRz_bRhjMDddKGHIQsuomM.roa
Signing time: Mon 18 Nov 2024 15:55:02 +0000
ROA not before: Mon 18 Nov 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2552 (0x9f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 18 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9D14B3E8A473FDB4618CC0DD74A187210B2EA263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:d7:d4:b8:5d:cd:25:3c:f7:a1:68:be:23:
e5:34:4a:36:11:94:68:9f:a2:68:2f:a6:47:20:5d:
3d:fa:28:a1:8c:4b:64:a5:a5:ba:ef:6c:9f:32:d0:
e5:a9:4c:16:54:73:9f:37:0b:07:59:5d:43:e1:db:
69:1d:a4:f7:5a:9d:ac:6d:1e:0b:bc:39:7c:14:ec:
51:ad:54:43:0a:39:0a:9b:82:79:25:99:66:c8:43:
df:97:c6:12:2a:1c:a6:e6:85:05:d8:8b:0c:16:06:
fc:a9:c4:f7:66:92:84:ac:2c:2f:62:8d:16:72:73:
8a:91:df:56:e2:8c:1f:c8:23:60:a9:28:79:52:be:
d9:19:6b:40:aa:08:61:38:49:89:72:0f:03:0a:7a:
69:ff:ee:4d:ab:cb:e4:a1:2b:cf:1c:79:9f:a1:8b:
92:96:fa:64:f9:55:b7:16:e4:fa:4e:11:70:74:93:
e2:9d:69:c1:43:4e:fb:d2:a7:f6:40:fd:52:8f:48:
7e:a6:57:a4:c2:80:4c:e5:cf:4e:9b:da:1e:07:cf:
c2:73:f0:e6:a0:ca:1e:69:ef:80:a9:76:d6:9d:47:
a3:cd:40:0a:ef:ae:c9:ef:95:f3:a0:0c:1a:94:47:
62:54:c0:bd:d7:d3:95:8a:14:bb:ee:6b:1c:0e:97:
f8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:14:B3:E8:A4:73:FD:B4:61:8C:C0:DD:74:A1:87:21:0B:2E:A2:63
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nRSz6KRz_bRhjMDddKGHIQsuomM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
31:2d:bc:b9:31:a6:a0:b6:59:f3:ef:44:33:ff:71:74:db:04:
28:ba:d1:52:0f:4f:a7:51:e3:6a:f7:b4:49:1f:27:df:d2:51:
43:16:66:00:ea:3f:af:5b:e3:b4:d9:ca:f8:fd:eb:d4:74:6a:
54:d3:39:1e:b3:4a:40:ce:fc:39:f2:db:13:60:75:fd:7e:b4:
c5:b2:e4:03:e4:00:78:99:78:bf:19:70:16:46:8b:72:74:ab:
5f:58:b1:a8:c4:a2:7a:e7:40:38:c6:17:08:e3:49:18:23:25:
0f:45:b1:b4:ba:3f:1d:5f:ee:8a:e1:0d:e0:70:45:f0:a4:a8:
56:40:81:88:1a:18:39:f6:62:bd:2b:73:de:50:aa:7d:8d:ee:
5d:90:ac:6e:04:e5:f1:9f:8e:8d:63:2f:4b:e5:da:64:5d:c0:
46:4d:42:3a:39:bb:68:31:38:d7:d2:7c:0f:50:cd:8f:c5:f9:
02:3a:40:79:84:66:f5:af:91:db:e8:81:a2:8b:b0:00:37:9b:
92:57:9e:4f:e8:fb:29:21:28:ea:2a:b5:72:fc:5a:c2:4f:94:
ad:9d:49:72:f7:4c:55:0c:e5:b1:b3:56:3b:1b:a3:21:1b:d9:
ad:92:49:a8:46:9e:3f:ba:c1:3f:1e:e8:5d:f5:56:a5:6a:b2:
60:b5:74:ad
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTgx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlEMTRCM0U4QTQ3M0ZE
QjQ2MThDQzBERDc0QTE4NzIxMEIyRUEyNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcgNfUuF3NJTz3oWi+I+U0SjYRlGifomgvpkcgXT36KKGMS2Sl
pbrvbJ8y0OWpTBZUc583CwdZXUPh22kdpPdanaxtHgu8OXwU7FGtVEMKOQqbgnkl
mWbIQ9+XxhIqHKbmhQXYiwwWBvypxPdmkoSsLC9ijRZyc4qR31bijB/II2CpKHlS
vtkZa0CqCGE4SYlyDwMKemn/7k2ry+ShK88ceZ+hi5KW+mT5VbcW5PpOEXB0k+Kd
acFDTvvSp/ZA/VKPSH6mV6TCgEzlz06b2h4Hz8Jz8Oagyh5p74CpdtadR6PNQArv
rsnvlfOgDBqUR2JUwL3X05WKFLvuaxwOl/i5AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUnRSz6KRz/bRhjMDddKGHIQsuomMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25SU3o2S1J6X2JSaGpN
RGRkS0dISVFzdW9tTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADEtvLkxpqC2WfPvRDP/cXTbBCi60VIPT6dR
42r3tEkfJ9/SUUMWZgDqP69b47TZyvj969R0alTTOR6zSkDO/Dny2xNgdf1+tMWy
5APkAHiZeL8ZcBZGi3J0q19YsajEonrnQDjGFwjjSRgjJQ9FsbS6Px1f7orhDeBw
RfCkqFZAgYgaGDn2Yr0rc95Qqn2N7l2QrG4E5fGfjo1jL0vl2mRdwEZNQjo5u2gx
ONfSfA9QzY/F+QI6QHmEZvWvkdvogaKLsAA3m5JXnk/o+ykhKOoqtXL8WsJPlK2d
SXL3TFUM5bGzVjsboyEb2a2SSahGnj+6wT8e6F31VqVqsmC1dK0=
-----END CERTIFICATE-----
Generated at Mon Nov 18 23:26:37 2024 by rpki-client on console-fra.rpki-client.org