Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/s44N1i57orIg2Kt0zjbJiRq_FoU.roa
File: s44N1i57orIg2Kt0zjbJiRq_FoU.roa (raw, json)
Hash identifier: i8M/0e1bdg3e5NRxZov7GkSKTPlMqluV11A+jFx5wZQ=
Subject key identifier: B3:8E:0D:D6:2E:7B:A2:B2:20:D8:AB:74:CE:36:C9:89:1A:BF:16:85
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0923
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s44N1i57orIg2Kt0zjbJiRq_FoU.roa
Signing time: Fri 25 Oct 2024 23:55:02 +0000
ROA not before: Fri 25 Oct 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2339 (0x923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 25 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B38E0DD62E7BA2B220D8AB74CE36C9891ABF1685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:9f:f2:10:c9:60:1e:b9:21:95:e7:7a:e5:78:
bc:dc:eb:9d:67:df:f5:91:d2:ed:0c:cc:69:72:19:
fd:ee:27:d3:6e:8d:e0:bf:62:a6:4f:ad:95:94:9f:
ab:ef:40:88:d7:61:d7:8b:67:ae:d9:7b:93:5b:98:
f4:92:75:63:c4:3f:dd:52:6b:08:a9:06:32:5b:b9:
46:1f:8b:4e:42:16:7d:b5:d6:5f:4b:0a:a6:9d:37:
cf:72:11:0d:4d:2d:10:93:60:07:e7:a7:60:c5:9e:
32:a1:20:1c:32:c8:d9:c1:f9:95:db:5b:42:7d:ed:
81:73:2b:90:f5:fb:92:6e:73:71:1e:a4:d2:f8:a7:
db:0f:62:c3:14:f5:a3:09:78:89:43:dd:03:ee:26:
f6:40:2c:a6:2d:e1:de:c2:0d:1b:59:89:c7:c9:55:
28:11:87:03:a9:b6:59:75:c5:0b:5b:ac:f1:bd:82:
bf:71:d3:71:d4:75:b8:46:d6:f8:7a:2e:ca:2e:bd:
df:cd:42:39:dd:10:21:59:ff:25:b1:59:08:7e:f7:
2d:c5:8a:db:e3:1e:3c:02:68:c9:4e:e2:ff:c1:50:
05:49:7b:f8:83:09:54:90:59:a9:23:a1:b0:27:6d:
1c:d4:66:b0:cb:c1:34:81:1b:0d:13:19:21:ff:d6:
9e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8E:0D:D6:2E:7B:A2:B2:20:D8:AB:74:CE:36:C9:89:1A:BF:16:85
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s44N1i57orIg2Kt0zjbJiRq_FoU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0b:95:38:b1:3b:51:78:07:30:74:61:c2:a2:1d:e0:b5:78:
96:34:26:a0:67:c0:f4:b0:eb:1f:30:33:e2:df:b5:1b:90:c9:
11:a1:17:14:fc:f0:87:b0:96:b4:8b:8d:1c:09:5c:c8:40:0b:
ee:cc:2f:58:0d:31:a1:30:44:05:ac:9a:7d:70:5a:d6:ec:2f:
04:d2:63:90:66:b6:96:f5:e0:c0:01:c1:e7:88:cc:5c:7a:c1:
d3:23:6f:c9:20:5d:24:d5:00:31:5f:d2:88:e4:1f:39:56:e5:
4f:d3:a3:33:f1:54:aa:61:0f:86:df:c5:25:e0:00:a9:65:25:
5c:2c:a0:a8:15:9e:2d:11:49:e9:85:28:58:83:9f:9b:cb:6b:
93:1e:c2:55:0e:2e:5a:9b:5f:79:ed:bb:82:e5:b5:e5:b1:f9:
3c:69:7c:65:87:ae:43:f5:60:4e:78:bf:a6:57:fd:27:d0:a3:
ad:2a:88:60:28:ee:31:27:4c:de:ec:4d:f2:3e:1b:45:06:86:
0f:94:13:0a:d1:1a:39:f9:52:c4:e1:66:2b:47:0a:d2:bb:0f:
b9:7c:88:04:05:12:f5:28:ed:76:c3:b4:96:48:55:2b:89:c1:
90:35:9e:e4:02:3f:01:4e:7c:90:0c:e4:40:e1:06:38:fa:e5:
52:be:ae:69
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCSMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjUy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEIzOEUwREQ2MkU3QkEy
QjIyMEQ4QUI3NENFMzZDOTg5MUFCRjE2ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDun/IQyWAeuSGV53rleLzc651n3/WR0u0MzGlyGf3uJ9NujeC/
YqZPrZWUn6vvQIjXYdeLZ67Ze5NbmPSSdWPEP91SawipBjJbuUYfi05CFn211l9L
CqadN89yEQ1NLRCTYAfnp2DFnjKhIBwyyNnB+ZXbW0J97YFzK5D1+5Juc3EepNL4
p9sPYsMU9aMJeIlD3QPuJvZALKYt4d7CDRtZicfJVSgRhwOptll1xQtbrPG9gr9x
03HUdbhG1vh6Lsouvd/NQjndECFZ/yWxWQh+9y3FitvjHjwCaMlO4v/BUAVJe/iD
CVSQWakjobAnbRzUZrDLwTSBGw0TGSH/1p5RAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUs44N1i57orIg2Kt0zjbJiRq/FoUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3M0NE4xaTU3b3JJZzJL
dDB6amJKaVJxX0ZvVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFoLlTixO1F4BzB0YcKiHeC1eJY0JqBnwPSw
6x8wM+LftRuQyRGhFxT88IewlrSLjRwJXMhAC+7ML1gNMaEwRAWsmn1wWtbsLwTS
Y5Bmtpb14MABweeIzFx6wdMjb8kgXSTVADFf0ojkHzlW5U/TozPxVKphD4bfxSXg
AKllJVwsoKgVni0RSemFKFiDn5vLa5MewlUOLlqbX3ntu4LlteWx+TxpfGWHrkP1
YE54v6ZX/SfQo60qiGAo7jEnTN7sTfI+G0UGhg+UEwrRGjn5UsThZitHCtK7D7l8
iAQFEvUo7XbDtJZIVSuJwZA1nuQCPwFOfJAM5EDhBjj65VK+rmk=
-----END CERTIFICATE-----
Generated at Sat Oct 26 06:12:36 2024 by rpki-client on console-ams.rpki-client.org