Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oC1n5PBn-qM7KFIp00kKbhPCa90.roa
File: oC1n5PBn-qM7KFIp00kKbhPCa90.roa (raw, json)
Hash identifier: zzGoDuxAuS5QCEZlLZUqcywfLHFsJJb8W098UcezQCM=
Subject key identifier: A0:2D:67:E4:F0:67:FA:A3:3B:28:52:29:D3:49:0A:6E:13:C2:6B:DD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0974
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oC1n5PBn-qM7KFIp00kKbhPCa90.roa
Signing time: Sun 03 Nov 2024 23:55:02 +0000
ROA not before: Sun 03 Nov 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2420 (0x974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 3 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A02D67E4F067FAA33B285229D3490A6E13C26BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:06:06:d6:7a:66:7d:86:ba:a2:e6:64:ad:9f:
da:14:38:94:c1:46:a6:a6:51:8a:c4:c8:c1:22:ba:
aa:41:f1:86:aa:9c:14:9c:38:3b:06:1d:8f:8f:65:
fd:44:cb:04:9f:2e:42:c0:5e:b9:fd:1b:a7:f1:ac:
79:d9:fc:4c:e8:15:8b:13:c7:15:c4:61:23:95:4d:
1d:78:89:43:cc:78:18:fd:2f:1b:a8:62:eb:9d:4a:
e4:96:d3:5c:eb:9e:a0:2e:7d:0e:3b:02:f6:7f:c5:
f0:bb:96:a7:54:ec:cd:e8:99:3b:45:79:27:f6:b8:
d3:fb:c1:86:a4:53:34:80:f9:df:34:63:8a:8a:59:
64:b7:ef:a5:70:4e:eb:8d:23:e9:5b:47:a4:4e:e5:
57:99:9d:eb:31:5a:f5:dc:b9:be:0e:58:7a:78:2b:
30:4e:b1:df:74:92:cc:f2:9c:d8:f4:5f:a4:bd:9a:
8d:bb:48:6a:14:85:15:66:41:58:eb:ef:7f:3b:34:
ba:a6:ee:8d:93:44:23:12:6f:e2:f2:d2:f6:69:49:
8a:d7:93:3c:3d:b6:7b:dc:4e:8f:1d:16:2a:31:bb:
61:69:2f:90:24:85:c0:cd:d3:51:f5:bd:47:c3:b2:
7f:61:f8:bd:2d:39:eb:f9:fe:b3:30:32:12:11:19:
8a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2D:67:E4:F0:67:FA:A3:3B:28:52:29:D3:49:0A:6E:13:C2:6B:DD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oC1n5PBn-qM7KFIp00kKbhPCa90.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
75:15:78:66:3b:66:9b:58:34:70:ed:d8:f2:19:2d:17:e8:b0:
d2:a0:3c:a6:e0:df:fc:bb:37:2b:7c:3a:c9:28:8d:9b:88:d2:
85:08:c1:ef:1d:26:85:dd:3d:d2:61:5a:67:4c:fc:6c:57:26:
89:c3:50:ad:65:77:42:58:52:23:87:8b:73:aa:ff:80:73:a3:
cc:3e:e7:47:ed:8f:08:6c:77:54:64:83:bf:f9:f3:f5:41:ab:
3c:74:ce:bf:d6:eb:62:91:cc:29:39:49:65:6c:39:f6:34:1d:
8d:0b:c9:8c:01:dd:b6:d3:49:dd:42:a8:5f:4a:70:32:ac:f2:
7f:d2:f9:fa:38:5f:ef:51:67:2d:02:bd:87:5d:b1:65:a7:e3:
ba:42:67:c6:62:db:5a:54:df:45:1e:f4:03:1b:b6:91:b1:8b:
8a:71:22:86:c6:0b:8e:10:51:70:8a:9f:8a:d6:4b:38:c0:9c:
ae:01:2c:8f:8e:5b:66:9b:04:14:15:57:d5:87:9c:9b:27:23:
11:4a:22:da:53:f8:b8:87:da:c9:bf:74:74:c3:26:fb:2b:e8:
a0:2c:34:ce:06:b3:a5:8f:19:00:92:19:4f:37:d0:1e:04:12:
87:2d:00:61:27:25:0a:e2:5f:4c:5e:d7:14:38:f3:96:d1:6e:
7b:b1:5d:fa
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDMy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEwMkQ2N0U0RjA2N0ZB
QTMzQjI4NTIyOUQzNDkwQTZFMTNDMjZCREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmBgbWemZ9hrqi5mStn9oUOJTBRqamUYrEyMEiuqpB8YaqnBSc
ODsGHY+PZf1EywSfLkLAXrn9G6fxrHnZ/EzoFYsTxxXEYSOVTR14iUPMeBj9Lxuo
YuudSuSW01zrnqAufQ47AvZ/xfC7lqdU7M3omTtFeSf2uNP7wYakUzSA+d80Y4qK
WWS376VwTuuNI+lbR6RO5VeZnesxWvXcub4OWHp4KzBOsd90kszynNj0X6S9mo27
SGoUhRVmQVjr7387NLqm7o2TRCMSb+Ly0vZpSYrXkzw9tnvcTo8dFioxu2FpL5Ak
hcDN01H1vUfDsn9h+L0tOev5/rMwMhIRGYohAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoC1n5PBn+qM7KFIp00kKbhPCa90wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29DMW41UEJuLXFNN0tG
SXAwMGtLYmhQQ2E5MC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHUVeGY7ZptYNHDt2PIZLRfosNKgPKbg3/y7
Nyt8OskojZuI0oUIwe8dJoXdPdJhWmdM/GxXJonDUK1ld0JYUiOHi3Oq/4Bzo8w+
50ftjwhsd1Rkg7/58/VBqzx0zr/W62KRzCk5SWVsOfY0HY0LyYwB3bbTSd1CqF9K
cDKs8n/S+fo4X+9RZy0CvYddsWWn47pCZ8Zi21pU30Ue9AMbtpGxi4pxIobGC44Q
UXCKn4rWSzjAnK4BLI+OW2abBBQVV9WHnJsnIxFKItpT+LiH2sm/dHTDJvsr6KAs
NM4Gs6WPGQCSGU830B4EEoctAGEnJQriX0xe1xQ485bRbnuxXfo=
-----END CERTIFICATE-----
Generated at Mon Nov 4 07:12:06 2024 by rpki-client on console-ams.rpki-client.org