Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/nnXomH0aAvfHz3V40nkAGOqle4E.roa
File: nnXomH0aAvfHz3V40nkAGOqle4E.roa (raw, json)
Hash identifier: VQ5wBbeDewlYOQLmxITyQXxBjW0igSBYwiZqHXtKnyo=
Subject key identifier: 9E:75:E8:98:7D:1A:02:F7:C7:CF:75:78:D2:79:00:18:EA:A5:7B:81
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0661
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nnXomH0aAvfHz3V40nkAGOqle4E.roa
Signing time: Thu 08 Aug 2024 15:55:03 +0000
ROA not before: Thu 08 Aug 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1633 (0x661)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 8 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9E75E8987D1A02F7C7CF7578D2790018EAA57B81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:68:5a:b9:ee:1c:32:8a:5e:74:0f:38:94:
94:29:58:76:17:f3:2a:72:3e:e2:1b:04:d9:3c:73:
40:ee:32:a4:69:8d:9d:39:eb:0f:f6:35:30:bd:db:
50:02:5a:bd:cd:7e:0d:9d:47:41:4a:95:a5:05:f5:
d5:e8:89:a1:00:13:cf:a4:81:46:d6:28:55:6f:55:
dc:03:f3:b0:88:ab:e9:f9:a5:98:73:af:b9:86:10:
40:c6:8c:69:41:0b:45:b7:dc:b4:6b:ad:49:11:bc:
1d:2a:95:66:a6:6a:ef:aa:78:b9:d2:8a:08:bc:3d:
c1:44:d7:8f:aa:67:1f:92:55:e6:4f:51:f9:77:5b:
c7:4f:9b:02:46:cc:33:31:26:21:2d:42:36:19:cf:
b4:3f:4c:65:0f:31:f3:c0:e5:c6:6a:ed:92:8e:b1:
b0:dc:79:2c:16:06:b0:ec:5d:f9:f0:cf:0f:3b:90:
66:ca:be:35:af:3c:2d:7f:81:77:03:89:93:eb:eb:
ae:8a:04:83:59:0b:96:7c:9e:63:41:56:7f:40:ff:
c4:36:c6:ae:4e:0c:e6:48:95:7d:44:a0:91:38:15:
cc:d5:0b:a5:7e:54:69:22:b2:1d:21:a8:b3:67:b2:
72:d1:f5:b8:14:4c:e9:b4:e4:d1:d5:14:9a:c3:a2:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:75:E8:98:7D:1A:02:F7:C7:CF:75:78:D2:79:00:18:EA:A5:7B:81
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nnXomH0aAvfHz3V40nkAGOqle4E.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:1c:2e:85:d8:ef:ac:c2:58:7a:35:73:be:7e:20:c1:55:3b:
f6:6e:c1:49:c2:45:9a:cd:44:6e:bf:2f:57:27:e3:c9:b4:eb:
b1:a6:08:b0:12:a2:36:07:ac:42:fa:06:d1:bb:e0:77:93:f5:
d7:6a:02:a0:73:dd:7f:29:77:01:a5:10:7e:fe:89:d0:66:ce:
dc:a8:ed:c9:54:8b:8f:ee:2d:fc:2c:f0:f1:10:c8:77:81:a7:
d4:a0:84:f9:42:e8:d9:49:f9:23:71:96:f7:14:85:2b:3a:af:
86:ea:07:5b:33:96:f5:2f:f0:22:a7:79:c4:db:bc:e7:05:5f:
15:8f:a6:86:ae:48:89:b2:4a:d8:2d:0d:2b:1b:f7:55:ad:1f:
d2:6b:22:98:eb:fc:b5:ea:c3:f6:62:2a:62:cb:c2:8c:4a:29:
81:16:0a:73:a1:1d:52:fe:5f:cc:54:9c:b5:f9:7e:5a:71:d4:
f6:c5:2e:fc:92:16:ed:c7:78:8a:ae:11:d0:d0:7e:29:b5:29:
78:57:9d:94:ae:2a:32:ca:2e:65:e6:04:e6:09:9a:62:40:de:
30:1d:57:62:4e:d1:1d:f9:b9:7c:3e:62:6d:54:62:1b:29:4f:
2f:92:8b:6a:da:3a:59:fc:37:f4:c3:ac:5b:f7:88:08:21:cf:
b0:e2:e3:30
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDgx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlFNzVFODk4N0QxQTAy
RjdDN0NGNzU3OEQyNzkwMDE4RUFBNTdCODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAPWhaue4cMopedA84lJQpWHYX8ypyPuIbBNk8c0DuMqRpjZ05
6w/2NTC921ACWr3Nfg2dR0FKlaUF9dXoiaEAE8+kgUbWKFVvVdwD87CIq+n5pZhz
r7mGEEDGjGlBC0W33LRrrUkRvB0qlWamau+qeLnSigi8PcFE14+qZx+SVeZPUfl3
W8dPmwJGzDMxJiEtQjYZz7Q/TGUPMfPA5cZq7ZKOsbDceSwWBrDsXfnwzw87kGbK
vjWvPC1/gXcDiZPr666KBINZC5Z8nmNBVn9A/8Q2xq5ODOZIlX1EoJE4FczVC6V+
VGkish0hqLNnsnLR9bgUTOm05NHVFJrDolpXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUnnXomH0aAvfHz3V40nkAGOqle4EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25uWG9tSDBhQXZmSHoz
VjQwbmtBR09xbGU0RS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAM0cLoXY76zCWHo1c75+IMFVO/ZuwUnCRZrN
RG6/L1cn48m067GmCLASojYHrEL6BtG74HeT9ddqAqBz3X8pdwGlEH7+idBmztyo
7clUi4/uLfws8PEQyHeBp9SghPlC6NlJ+SNxlvcUhSs6r4bqB1szlvUv8CKnecTb
vOcFXxWPpoauSImyStgtDSsb91WtH9JrIpjr/LXqw/ZiKmLLwoxKKYEWCnOhHVL+
X8xUnLX5flpx1PbFLvySFu3HeIquEdDQfim1KXhXnZSuKjLKLmXmBOYJmmJA3jAd
V2JO0R35uXw+Ym1UYhspTy+Si2raOln8N/TDrFv3iAghz7Di4zA=
-----END CERTIFICATE-----
Generated at Thu Aug 8 22:24:16 2024 by rpki-client on console-fra.rpki-client.org