Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/rZ5dkRxbbhgIpkSnFBmVbfrSUeg.roa
File: rZ5dkRxbbhgIpkSnFBmVbfrSUeg.roa (raw, json)
Hash identifier: fVemvqvmFxVO6gcmvQXHEj8lOBkgD1bMCeLd6ArN3tk=
Subject key identifier: AD:9E:5D:91:1C:5B:6E:18:08:A6:44:A7:14:19:95:6D:FA:D2:51:E8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0784
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rZ5dkRxbbhgIpkSnFBmVbfrSUeg.roa
Signing time: Mon 09 Sep 2024 23:55:03 +0000
ROA not before: Mon 09 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1924 (0x784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 9 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=AD9E5D911C5B6E1808A644A71419956DFAD251E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:89:c6:5f:fd:c9:73:a2:ee:ce:fc:e1:f4:f6:
3b:c0:46:36:40:38:8c:29:44:18:87:b0:38:7d:23:
65:d1:2c:00:25:13:71:2d:ad:af:c4:64:72:2d:ce:
4a:c9:24:86:21:77:ed:81:cb:24:e0:48:39:d0:96:
ef:7a:7f:64:db:1d:6f:5d:ee:67:0c:a1:58:76:80:
03:d5:54:84:85:22:35:35:91:32:a8:2b:da:af:e9:
81:aa:89:e9:6b:3c:cf:49:b0:18:de:fd:58:4e:89:
13:08:2c:f2:10:0c:6c:3d:05:7a:dd:7e:65:65:f6:
c1:3c:b1:3e:9d:5e:9c:fd:e0:76:0b:ec:12:f7:71:
23:b0:66:b9:1b:0a:5a:e4:9b:80:d7:3e:93:56:26:
4f:6c:b2:4d:28:c9:c5:a4:e5:dd:43:06:3b:b1:64:
55:33:13:56:d1:a7:ea:9a:fa:26:d9:93:2e:3b:a9:
e8:c9:b6:6d:8a:8a:d6:4d:33:37:9e:9b:3d:46:8f:
b3:7e:6e:c9:d1:e7:80:35:78:72:e3:95:a7:43:c1:
df:00:c8:c2:08:1d:4e:59:3e:52:8b:2c:e0:72:89:
bb:e3:07:04:e7:e8:76:04:81:ff:9c:48:02:dd:5b:
58:af:04:aa:b3:7d:80:75:48:78:37:e7:dc:22:bb:
38:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9E:5D:91:1C:5B:6E:18:08:A6:44:A7:14:19:95:6D:FA:D2:51:E8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rZ5dkRxbbhgIpkSnFBmVbfrSUeg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:dc:3e:5d:2a:3a:3c:ae:80:ff:ea:a3:4d:9a:ca:8c:18:5e:
58:e5:03:d4:cc:c7:7c:2a:be:9f:56:81:21:4a:23:07:a4:f8:
9c:fc:e9:4d:6d:8a:f6:6a:4a:db:13:59:07:79:00:5b:4e:08:
35:0d:ba:17:fb:ff:92:43:cc:89:07:35:cd:a4:3b:3f:ae:16:
c1:45:54:0f:b0:d4:1d:bf:53:10:c4:ba:81:d6:6b:c1:6e:99:
d3:f9:fd:1e:c2:d9:78:24:c4:83:88:67:b9:db:13:b3:09:ff:
dc:98:e1:45:88:a1:29:0f:c7:10:bb:2b:a5:d9:6e:2e:b5:64:
06:ce:4c:d6:82:03:0a:c5:7b:e6:c4:71:03:a5:b8:32:ef:9b:
5a:3e:36:08:75:99:70:39:28:ff:9a:ad:2a:d5:a7:a2:fd:38:
9d:2c:b8:1a:30:99:3c:65:fc:c5:c1:39:a8:42:43:e7:92:ba:
e5:41:70:32:6c:a2:a5:ef:91:a6:64:8f:f0:88:2e:f8:a4:a3:
b9:f9:05:bd:19:d8:ed:a0:45:e0:d5:b8:b6:22:ed:cf:ae:b2:
c9:75:a1:68:c3:a0:90:af:a6:b5:e2:26:19:4a:dc:86:3d:14:
dc:65:d5:f7:43:8f:53:4c:58:11:79:c3:ba:64:f2:71:07:72:
b0:f4:a0:a6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MDky
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEFEOUU1RDkxMUM1QjZF
MTgwOEE2NDRBNzE0MTk5NTZERkFEMjUxRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjicZf/clzou7O/OH09jvARjZAOIwpRBiHsDh9I2XRLAAlE3Et
ra/EZHItzkrJJIYhd+2ByyTgSDnQlu96f2TbHW9d7mcMoVh2gAPVVISFIjU1kTKo
K9qv6YGqielrPM9JsBje/VhOiRMILPIQDGw9BXrdfmVl9sE8sT6dXpz94HYL7BL3
cSOwZrkbClrkm4DXPpNWJk9ssk0oycWk5d1DBjuxZFUzE1bRp+qa+ibZky47qejJ
tm2KitZNMzeemz1Gj7N+bsnR54A1eHLjladDwd8AyMIIHU5ZPlKLLOByibvjBwTn
6HYEgf+cSALdW1ivBKqzfYB1SHg359wiuzjtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUrZ5dkRxbbhgIpkSnFBmVbfrSUegwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3JaNWRrUnhiYmhnSXBr
U25GQm1WYmZyU1VlZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAI/cPl0qOjyugP/qo02ayowYXljlA9TMx3wq
vp9WgSFKIwek+Jz86U1tivZqStsTWQd5AFtOCDUNuhf7/5JDzIkHNc2kOz+uFsFF
VA+w1B2/UxDEuoHWa8FumdP5/R7C2XgkxIOIZ7nbE7MJ/9yY4UWIoSkPxxC7K6XZ
bi61ZAbOTNaCAwrFe+bEcQOluDLvm1o+Ngh1mXA5KP+arSrVp6L9OJ0suBowmTxl
/MXBOahCQ+eSuuVBcDJsoqXvkaZkj/CILviko7n5Bb0Z2O2gReDVuLYi7c+ussl1
oWjDoJCvprXiJhlK3IY9FNxl1fdDj1NMWBF5w7pk8nEHcrD0oKY=
-----END CERTIFICATE-----
Generated at Tue Sep 10 05:22:34 2024 by rpki-client on console-fra.rpki-client.org