Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oSyYW7ZzYkP-l1LyakP5fLPH6OA.roa
File: oSyYW7ZzYkP-l1LyakP5fLPH6OA.roa (raw, json)
Hash identifier: Wjn3aq5FDz1Xqi2UyKtlXiDXP7GNCXNqcU/mIVwBACw=
Subject key identifier: A1:2C:98:5B:B6:73:62:43:FE:97:52:F2:6A:43:F9:7C:B3:C7:E8:E0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0877
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oSyYW7ZzYkP-l1LyakP5fLPH6OA.roa
Signing time: Sun 06 Oct 2024 23:55:03 +0000
ROA not before: Sun 06 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2167 (0x877)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 6 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A12C985BB6736243FE9752F26A43F97CB3C7E8E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b2:f0:00:c3:b2:2f:05:29:90:c5:1e:9e:cd:
9d:57:b0:ef:27:c5:e6:9a:71:1c:b9:9e:a2:49:81:
36:3a:d6:d8:7b:43:56:73:9a:cc:05:e7:08:68:1b:
d7:49:b6:f5:19:3e:c0:bb:24:7d:82:91:12:11:95:
42:f4:fa:d6:48:d8:cb:11:08:9f:aa:fa:b2:51:bb:
80:9c:59:4b:c7:f2:3e:ca:76:67:a8:4b:75:82:d7:
3c:56:af:b8:08:b5:28:4e:18:3b:2c:2c:44:7c:1b:
8e:66:3a:06:94:f2:20:d1:75:01:03:dd:d9:32:af:
5a:cc:27:f4:20:a8:b5:cf:8c:ac:24:cc:3e:af:5c:
4d:54:85:bd:d2:cd:f7:35:3c:83:79:03:1a:24:2b:
65:ed:8c:cb:db:7f:d8:c8:1c:b9:7c:93:16:f0:d4:
4a:77:48:9f:1e:47:9a:7a:96:96:7b:ab:10:04:d1:
d9:ff:68:6c:02:83:33:11:23:20:16:1f:1b:30:e3:
e0:71:7f:c8:0b:a6:b6:95:c6:ed:90:b6:46:6c:47:
24:ab:7a:b5:76:8f:0a:78:c9:94:19:54:24:27:0b:
00:a9:60:dd:e6:e0:fd:92:83:45:76:45:66:12:d1:
71:ca:3c:d9:9b:34:1c:78:3c:48:0c:64:0f:6d:97:
56:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2C:98:5B:B6:73:62:43:FE:97:52:F2:6A:43:F9:7C:B3:C7:E8:E0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oSyYW7ZzYkP-l1LyakP5fLPH6OA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
99:aa:db:7b:30:88:8c:9b:61:fc:61:37:79:b7:4f:91:78:b0:
86:d7:03:ce:d2:0e:6b:76:ef:2c:4e:96:f2:4e:d9:75:92:4f:
b5:18:7c:f9:5a:bc:6b:db:d9:fc:c0:c3:1a:65:8f:08:bd:89:
a9:45:f0:80:7f:ae:ef:dc:7a:6a:d0:82:d5:53:de:45:7c:a7:
22:37:ba:37:97:56:7b:ad:61:f3:83:b8:3f:67:0f:4e:41:ff:
26:87:df:a6:57:b7:58:ef:3a:91:73:cd:1c:84:79:40:f2:dc:
58:1c:bf:d6:74:07:a3:29:a3:09:3d:40:97:e2:7e:a6:d0:63:
75:e8:b8:25:94:07:a7:21:3a:24:2b:f3:0e:3b:d3:09:c9:e3:
7e:e0:6c:96:c1:f6:51:b7:d5:f1:f2:45:2e:c5:26:f5:f9:a2:
e3:77:96:c2:4d:e5:71:46:bb:43:dc:f9:79:e0:5b:9a:90:9b:
6e:16:4b:1f:b0:85:f1:88:a4:70:f6:e9:a9:f6:fd:34:11:44:
91:6f:7f:c6:79:59:2e:8d:04:c4:80:4a:4c:27:ea:7f:c1:4f:
43:3b:a7:47:88:ab:61:8d:d7:5f:c5:0c:a9:6b:07:d2:cd:a3:
71:03:e5:23:40:97:e4:8a:38:27:1a:62:d5:dc:a1:7c:b7:b7:
0d:f5:b9:34
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDYy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEExMkM5ODVCQjY3MzYy
NDNGRTk3NTJGMjZBNDNGOTdDQjNDN0U4RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOsvAAw7IvBSmQxR6ezZ1XsO8nxeaacRy5nqJJgTY61th7Q1Zz
mswF5whoG9dJtvUZPsC7JH2CkRIRlUL0+tZI2MsRCJ+q+rJRu4CcWUvH8j7Kdmeo
S3WC1zxWr7gItShOGDssLER8G45mOgaU8iDRdQED3dkyr1rMJ/QgqLXPjKwkzD6v
XE1Uhb3Szfc1PIN5AxokK2XtjMvbf9jIHLl8kxbw1Ep3SJ8eR5p6lpZ7qxAE0dn/
aGwCgzMRIyAWHxsw4+Bxf8gLpraVxu2QtkZsRySrerV2jwp4yZQZVCQnCwCpYN3m
4P2Sg0V2RWYS0XHKPNmbNBx4PEgMZA9tl1aHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoSyYW7ZzYkP+l1LyakP5fLPH6OAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29TeVlXN1p6WWtQLWwx
THlha1A1ZkxQSDZPQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJmq23swiIybYfxhN3m3T5F4sIbXA87SDmt2
7yxOlvJO2XWST7UYfPlavGvb2fzAwxpljwi9ialF8IB/ru/cemrQgtVT3kV8pyI3
ujeXVnutYfODuD9nD05B/yaH36ZXt1jvOpFzzRyEeUDy3Fgcv9Z0B6Mpowk9QJfi
fqbQY3XouCWUB6chOiQr8w470wnJ437gbJbB9lG31fHyRS7FJvX5ouN3lsJN5XFG
u0Pc+XngW5qQm24WSx+whfGIpHD26an2/TQRRJFvf8Z5WS6NBMSASkwn6n/BT0M7
p0eIq2GN11/FDKlrB9LNo3ED5SNAl+SKOCcaYtXcoXy3tw31uTQ=
-----END CERTIFICATE-----
Generated at Mon Oct 7 06:38:31 2024 by rpki-client on console-ams.rpki-client.org