Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/p9B3KcvxlFSvWqTYAlMWB2k4Gdw.roa
File: p9B3KcvxlFSvWqTYAlMWB2k4Gdw.roa (raw, json)
Hash identifier: IPfdTAls7+3IW2dIhD+XW7NTQZKHKCchR2y+Z+HVa4E=
Subject key identifier: A7:D0:77:29:CB:F1:94:54:AF:5A:A4:D8:02:53:16:07:69:38:19:DC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0772
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/p9B3KcvxlFSvWqTYAlMWB2k4Gdw.roa
Signing time: Sat 07 Sep 2024 23:55:03 +0000
ROA not before: Sat 07 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Sep 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1906 (0x772)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 7 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A7D07729CBF19454AF5AA4D802531607693819DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:bd:de:ef:61:48:c3:72:b1:12:96:ac:2f:
f6:72:84:c5:84:80:cb:08:29:09:d9:a5:6c:ae:ac:
7b:bc:1f:0e:03:df:54:d9:a0:a0:23:43:ad:76:73:
54:5b:7c:34:3d:8b:fc:10:26:26:49:0c:53:db:fe:
8f:05:20:50:e9:3b:18:55:47:9a:18:ec:71:03:8d:
82:55:a9:52:0d:e0:c5:1a:fd:19:24:5b:01:66:e9:
40:c5:79:75:d8:7d:61:d4:fe:2e:2e:6b:77:f5:7f:
a9:ac:b4:2d:02:ed:ba:40:d5:94:62:14:e2:0d:56:
ad:7f:f0:4c:8b:e4:40:92:16:06:2a:86:a8:5e:4f:
d7:96:f2:9a:5e:7d:50:8f:c3:a2:0e:b0:a7:bf:dd:
1f:0b:4e:ee:82:66:e1:d5:24:3a:34:ac:13:24:0c:
c8:4e:1a:19:0e:fd:99:4e:0b:d6:ec:6c:75:bf:db:
63:17:8f:60:70:2f:7e:08:9d:36:a4:51:55:d7:17:
99:c4:7d:ad:8d:ce:86:c9:1d:cf:5b:86:79:8c:43:
88:70:c3:5f:6d:6d:39:b9:c5:79:6f:89:ea:af:6e:
0e:4c:dc:20:bb:ac:5f:03:98:b2:d8:ea:ea:49:f9:
f2:00:49:99:00:8e:d4:b4:c4:fc:95:f7:3b:00:77:
67:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D0:77:29:CB:F1:94:54:AF:5A:A4:D8:02:53:16:07:69:38:19:DC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/p9B3KcvxlFSvWqTYAlMWB2k4Gdw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
53:2a:e0:8f:05:e1:ff:09:d6:1f:99:14:39:7d:f1:88:8c:e1:
c5:0c:c9:43:cc:10:e9:01:87:fa:e1:b6:bc:8f:4f:00:e1:ce:
6f:be:45:4a:26:86:f3:6c:ed:8b:89:53:3e:8f:23:32:bd:27:
f8:c3:a8:66:26:f5:6d:8e:80:44:cb:56:3e:e7:da:a1:33:8c:
e3:f3:8f:a4:5c:3c:69:f3:ba:70:d7:ff:25:b0:d6:d8:c0:67:
9d:a0:53:b1:19:e6:97:64:66:30:5f:bb:1f:cb:e6:22:62:0c:
94:95:8b:bb:f3:b8:31:35:c4:9b:39:7b:71:f5:84:e8:f5:73:
31:c3:d7:55:ab:4a:7f:66:39:59:12:1e:5b:f6:09:05:a6:3b:
52:cf:f7:13:24:3a:2d:a6:74:d9:9e:5c:c7:74:18:4a:32:76:
ff:db:48:9d:33:e3:c0:8f:88:dd:1f:df:28:f2:52:0e:1e:b2:
7b:2d:5f:ef:b1:1c:f8:c6:f9:b0:a4:bc:94:b5:0d:09:d9:1e:
50:61:e2:3a:e9:c2:36:70:0a:50:8b:85:dc:c8:c4:91:b4:64:
aa:3d:93:53:53:3e:08:dd:d1:64:a9:e3:50:02:b4:51:d4:1d:
39:40:f2:2c:86:91:65:16:d3:f3:5e:85:72:d5:9e:06:82:e4:
04:4a:f0:17
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDcy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEE3RDA3NzI5Q0JGMTk0
NTRBRjVBQTREODAyNTMxNjA3NjkzODE5REMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Hr3e72FIw3KxEpasL/ZyhMWEgMsIKQnZpWyurHu8Hw4D31TZ
oKAjQ612c1RbfDQ9i/wQJiZJDFPb/o8FIFDpOxhVR5oY7HEDjYJVqVIN4MUa/Rkk
WwFm6UDFeXXYfWHU/i4ua3f1f6mstC0C7bpA1ZRiFOINVq1/8EyL5ECSFgYqhqhe
T9eW8ppefVCPw6IOsKe/3R8LTu6CZuHVJDo0rBMkDMhOGhkO/ZlOC9bsbHW/22MX
j2BwL34InTakUVXXF5nEfa2NzobJHc9bhnmMQ4hww19tbTm5xXlvieqvbg5M3CC7
rF8DmLLY6upJ+fIASZkAjtS0xPyV9zsAd2frAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUp9B3KcvxlFSvWqTYAlMWB2k4GdwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3A5QjNLY3Z4bEZTdldx
VFlBbE1XQjJrNEdkdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFMq4I8F4f8J1h+ZFDl98YiM4cUMyUPMEOkB
h/rhtryPTwDhzm++RUomhvNs7YuJUz6PIzK9J/jDqGYm9W2OgETLVj7n2qEzjOPz
j6RcPGnzunDX/yWw1tjAZ52gU7EZ5pdkZjBfux/L5iJiDJSVi7vzuDE1xJs5e3H1
hOj1czHD11WrSn9mOVkSHlv2CQWmO1LP9xMkOi2mdNmeXMd0GEoydv/bSJ0z48CP
iN0f3yjyUg4esnstX++xHPjG+bCkvJS1DQnZHlBh4jrpwjZwClCLhdzIxJG0ZKo9
k1NTPgjd0WSp41ACtFHUHTlA8iyGkWUW0/NehXLVngaC5ARK8Bc=
-----END CERTIFICATE-----
Generated at Sun Sep 8 05:48:51 2024 by rpki-client on console-ams.rpki-client.org