Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/s8SSFMCWbYP4UEHzppXwYmVFZEQ.roa
File: s8SSFMCWbYP4UEHzppXwYmVFZEQ.roa (raw, json)
Hash identifier: CPDMBr2XCW+hzgytE80o2G+eaSlsh38dhIyJE4qV16k=
Subject key identifier: B3:C4:92:14:C0:96:6D:83:F8:50:41:F3:A6:95:F0:62:65:45:64:44
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 083B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s8SSFMCWbYP4UEHzppXwYmVFZEQ.roa
Signing time: Mon 30 Sep 2024 07:55:03 +0000
ROA not before: Mon 30 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2107 (0x83b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 30 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B3C49214C0966D83F85041F3A695F06265456444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:08:46:f9:00:24:22:e8:0b:f6:c2:e0:eb:
3d:73:57:23:6d:25:a0:04:99:85:a6:c3:90:6b:34:
32:42:75:6b:d7:7a:4d:f6:f4:3c:7d:d7:6a:d1:74:
2d:d2:5e:ef:6f:d9:46:fa:48:d8:93:69:fb:4b:78:
8e:19:67:5e:c8:30:3a:2a:bc:e8:a7:5e:eb:27:9d:
e7:04:07:82:9e:10:88:e3:53:b9:83:88:0b:7f:f0:
5a:7d:2c:ce:4e:e0:47:18:e9:d9:96:ec:4e:8b:97:
14:05:35:8a:e2:3e:70:85:0e:79:2a:68:45:0f:5f:
49:91:54:fe:7b:5d:82:de:b5:3c:62:e6:11:c6:0b:
07:b4:64:0a:e0:eb:e6:e7:e7:27:82:f4:6c:45:0c:
84:1b:b5:a7:a6:d8:aa:ce:92:43:9d:7e:bf:11:8d:
11:16:b4:cd:b0:43:f3:28:ab:0e:41:39:b0:22:6e:
a9:d9:24:a9:7e:bc:64:69:f3:8a:19:2e:b7:3a:a8:
53:03:f6:a3:81:68:74:8f:41:d7:e6:71:a7:91:3e:
4a:47:5b:a8:55:b7:66:fb:e5:60:8c:94:16:31:3e:
3f:a1:c0:e7:38:27:c8:e9:36:50:44:6c:3d:3e:38:
56:b1:d6:05:24:fb:22:03:99:37:c4:d1:4b:a9:2b:
ec:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C4:92:14:C0:96:6D:83:F8:50:41:F3:A6:95:F0:62:65:45:64:44
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s8SSFMCWbYP4UEHzppXwYmVFZEQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:06:3f:37:61:4b:5a:b5:e3:67:67:0c:54:24:d3:df:0a:ef:
b6:db:75:9e:d1:1d:30:88:3e:aa:e1:1a:6f:ba:5d:9d:30:de:
e2:b4:f6:23:59:3e:41:0d:d8:71:c9:7e:42:71:f0:a5:85:54:
71:78:8a:8a:2c:7e:78:d5:d9:20:f9:22:58:76:d6:28:5d:97:
f6:59:4f:b1:93:2b:93:e6:a9:e7:d8:2b:e1:ca:10:ec:47:c7:
1e:eb:99:aa:ea:b6:27:ba:6a:8a:6f:d5:2a:fe:1a:cb:85:3f:
fc:46:6a:7b:75:26:d8:5a:46:4b:5b:e8:d9:f0:14:46:08:ab:
e5:e1:dd:07:dd:40:67:bc:02:e8:94:15:22:d2:86:f5:c9:98:
d1:ef:0f:91:b5:7c:bf:9a:d9:98:51:32:90:98:b6:30:08:7b:
30:23:70:db:85:ef:30:61:ea:f0:d4:e2:43:00:00:f1:d2:4b:
0c:99:be:a1:7e:64:8c:05:f8:4f:da:96:41:b5:08:0a:8a:1e:
db:03:af:2b:66:49:04:41:2b:57:21:f1:5b:29:12:92:19:99:
5d:54:a7:71:15:c4:33:77:70:4f:eb:59:5b:9e:f6:a1:b4:6e:
a5:c1:81:30:4f:fa:c8:8d:a5:94:60:b7:94:19:43:aa:06:ad:
a4:f0:42:19
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCDswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MzAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEIzQzQ5MjE0QzA5NjZE
ODNGODUwNDFGM0E2OTVGMDYyNjU0NTY0NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNXQhG+QAkIugL9sLg6z1zVyNtJaAEmYWmw5BrNDJCdWvXek32
9Dx912rRdC3SXu9v2Ub6SNiTaftLeI4ZZ17IMDoqvOinXusnnecEB4KeEIjjU7mD
iAt/8Fp9LM5O4EcY6dmW7E6LlxQFNYriPnCFDnkqaEUPX0mRVP57XYLetTxi5hHG
Cwe0ZArg6+bn5yeC9GxFDIQbtaem2KrOkkOdfr8RjREWtM2wQ/Moqw5BObAibqnZ
JKl+vGRp84oZLrc6qFMD9qOBaHSPQdfmcaeRPkpHW6hVt2b75WCMlBYxPj+hwOc4
J8jpNlBEbD0+OFax1gUk+yIDmTfE0UupK+zdAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUs8SSFMCWbYP4UEHzppXwYmVFZEQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3M4U1NGTUNXYllQNFVF
SHpwcFh3WW1WRlpFUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANgGPzdhS1q142dnDFQk098K77bbdZ7RHTCI
PqrhGm+6XZ0w3uK09iNZPkEN2HHJfkJx8KWFVHF4ioosfnjV2SD5Ilh21ihdl/ZZ
T7GTK5PmqefYK+HKEOxHxx7rmarqtie6aopv1Sr+GsuFP/xGant1JthaRktb6Nnw
FEYIq+Xh3QfdQGe8AuiUFSLShvXJmNHvD5G1fL+a2ZhRMpCYtjAIezAjcNuF7zBh
6vDU4kMAAPHSSwyZvqF+ZIwF+E/alkG1CAqKHtsDrytmSQRBK1ch8VspEpIZmV1U
p3EVxDN3cE/rWVue9qG0bqXBgTBP+siNpZRgt5QZQ6oGraTwQhk=
-----END CERTIFICATE-----
Generated at Mon Sep 30 15:37:21 2024 by rpki-client on console-fra.rpki-client.org