Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/nfhFrwqBhD6P6akDjBOv7JLASmA.roa
File: nfhFrwqBhD6P6akDjBOv7JLASmA.roa (raw, json)
Hash identifier: 8DsS6UvWjnPgziAYMIHWs1o40roqI0MFBcU98Qy08k0=
Subject key identifier: 9D:F8:45:AF:0A:81:84:3E:8F:E9:A9:03:8C:13:AF:EC:92:C0:4A:60
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0998
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nfhFrwqBhD6P6akDjBOv7JLASmA.roa
Signing time: Thu 07 Nov 2024 23:55:03 +0000
ROA not before: Thu 07 Nov 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2456 (0x998)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 7 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9DF845AF0A81843E8FE9A9038C13AFEC92C04A60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ad:b3:db:4a:a4:68:09:3a:be:09:81:15:13:
92:81:ed:7a:26:f7:61:b6:36:15:9b:a4:f5:41:20:
c9:ce:45:dd:ef:89:b5:d5:f3:9e:a4:cc:0f:2b:ef:
da:7e:12:d9:d4:0c:23:55:f3:21:a6:5d:cd:f0:45:
29:a7:90:10:58:fd:67:d0:3b:ff:39:95:77:fc:a7:
f3:97:83:4f:94:ea:4e:7d:39:97:74:37:40:50:77:
23:d5:35:e9:d1:fe:48:94:81:12:6e:80:86:96:9b:
db:e3:af:6a:bb:49:f3:0f:80:a7:15:21:74:08:bd:
ec:3f:a0:7c:fb:ff:26:3f:e7:7a:fa:42:e4:3c:2a:
b0:3f:2f:67:5c:3f:a5:92:cb:47:5c:d9:1d:c5:6c:
47:5e:10:bb:27:cc:0d:5d:0f:81:25:a4:db:5c:5d:
de:c9:12:50:ee:8d:41:44:37:f0:af:71:d5:df:28:
4f:7a:ba:f7:d0:08:cf:c5:49:a4:46:eb:ca:5d:b0:
f8:06:dd:bf:a7:1b:0b:8b:2b:b0:80:5d:10:ea:2a:
1e:28:25:11:b6:44:7d:27:68:12:a5:05:b1:32:e3:
e4:b6:50:7c:cf:32:b2:14:2d:43:48:e5:59:c2:47:
d3:02:79:99:c2:dd:1a:b4:b1:9e:4d:0e:9d:7e:7f:
9b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F8:45:AF:0A:81:84:3E:8F:E9:A9:03:8C:13:AF:EC:92:C0:4A:60
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nfhFrwqBhD6P6akDjBOv7JLASmA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3e:5f:9e:99:7e:67:bc:32:3b:b9:a2:3a:30:a7:b9:2c:cf:
2b:8c:8d:ef:e3:76:68:52:52:04:ee:1f:3b:47:19:1b:08:13:
2f:9e:3e:3e:97:f6:0e:28:8d:ad:56:73:1d:09:a6:51:1f:1f:
5c:70:a4:10:5e:80:ea:a7:01:a7:b2:aa:06:94:f1:2d:57:b8:
3d:bf:01:b6:1a:5f:7f:d8:8a:a6:50:2e:16:db:b5:d6:81:4d:
6c:40:3c:41:d3:77:33:51:6b:c8:5f:24:49:74:bc:c5:63:53:
42:99:2c:f9:1d:76:18:83:e0:ed:79:02:b3:5d:7a:d2:f1:6f:
7f:66:61:6f:df:7c:f6:ca:05:21:02:fd:e6:44:60:61:e0:d4:
94:09:ce:ed:67:6e:63:80:2c:64:84:60:96:cb:73:96:6f:ff:
bd:e1:66:ec:3f:34:0b:80:c6:04:0f:d8:9b:49:00:e9:5d:e7:
89:c7:c3:43:c4:8f:ce:0f:17:e9:54:27:90:1f:db:da:5b:cf:
19:ab:cb:27:91:94:dc:7a:97:10:e7:40:4e:9d:52:c7:30:79:
a1:73:2d:69:d6:bf:cd:3f:7b:89:29:40:21:76:55:5f:84:fb:
65:e9:6a:05:f2:3f:48:2e:f8:b2:8a:c0:93:7a:b1:04:c4:f5:
86:63:ae:bb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCZgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDcy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlERjg0NUFGMEE4MTg0
M0U4RkU5QTkwMzhDMTNBRkVDOTJDMDRBNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJrbPbSqRoCTq+CYEVE5KB7Xom92G2NhWbpPVBIMnORd3vibXV
856kzA8r79p+EtnUDCNV8yGmXc3wRSmnkBBY/WfQO/85lXf8p/OXg0+U6k59OZd0
N0BQdyPVNenR/kiUgRJugIaWm9vjr2q7SfMPgKcVIXQIvew/oHz7/yY/53r6QuQ8
KrA/L2dcP6WSy0dc2R3FbEdeELsnzA1dD4ElpNtcXd7JElDujUFEN/CvcdXfKE96
uvfQCM/FSaRG68pdsPgG3b+nGwuLK7CAXRDqKh4oJRG2RH0naBKlBbEy4+S2UHzP
MrIULUNI5VnCR9MCeZnC3Rq0sZ5NDp1+f5tzAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUnfhFrwqBhD6P6akDjBOv7JLASmAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25maEZyd3FCaEQ2UDZh
a0RqQk92N0pMQVNtQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADM+X56Zfme8Mju5ojowp7kszyuMje/jdmhS
UgTuHztHGRsIEy+ePj6X9g4oja1Wcx0JplEfH1xwpBBegOqnAaeyqgaU8S1XuD2/
AbYaX3/YiqZQLhbbtdaBTWxAPEHTdzNRa8hfJEl0vMVjU0KZLPkddhiD4O15ArNd
etLxb39mYW/ffPbKBSEC/eZEYGHg1JQJzu1nbmOALGSEYJbLc5Zv/73hZuw/NAuA
xgQP2JtJAOld54nHw0PEj84PF+lUJ5Af29pbzxmryyeRlNx6lxDnQE6dUscweaFz
LWnWv80/e4kpQCF2VV+E+2XpagXyP0gu+LKKwJN6sQTE9YZjrrs=
-----END CERTIFICATE-----
Generated at Fri Nov 8 06:33:10 2024 by rpki-client on console-ams.rpki-client.org