Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/s9KDz4AMc7F29kBQ0m2vcW8Q1mw.roa
File: s9KDz4AMc7F29kBQ0m2vcW8Q1mw.roa (raw, json)
Hash identifier: HAoq8Q9Ow/P3M6H3kIKFY/73oARz1izypouFvhDzWYM=
Subject key identifier: B3:D2:83:CF:80:0C:73:B1:76:F6:40:50:D2:6D:AF:71:6F:10:D6:6C
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0844
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s9KDz4AMc7F29kBQ0m2vcW8Q1mw.roa
Signing time: Tue 01 Oct 2024 07:55:03 +0000
ROA not before: Tue 01 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2116 (0x844)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 1 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B3D283CF800C73B176F64050D26DAF716F10D66C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:0f:e1:55:c5:33:aa:35:77:c3:cc:6e:72:
5a:be:f3:f8:16:85:4a:50:4a:f0:56:4a:ff:60:04:
8c:88:41:6a:34:c5:17:03:6c:c0:f3:c4:32:a9:3a:
02:cb:48:e0:8d:9d:fe:33:1c:63:05:a3:04:e2:62:
c5:45:3f:40:3e:ee:d9:ca:4a:f6:c9:4c:c0:b2:6f:
53:81:37:fd:aa:68:3f:56:40:85:b7:31:35:5c:66:
55:5f:03:7c:fc:cb:21:3f:2b:26:15:39:1a:e9:47:
96:83:8b:58:45:58:e5:a9:32:f9:4a:a4:b2:5f:90:
4f:34:8f:fd:dd:3a:57:1e:b8:36:98:8d:7d:13:30:
45:56:96:ae:8c:cf:83:4b:26:7a:ff:21:54:05:11:
3e:70:25:34:52:dd:ce:be:33:bb:b7:01:4a:94:26:
6e:78:78:0e:c5:fa:d4:a7:00:9d:f5:21:83:38:e3:
52:aa:1b:77:ba:c9:d4:dd:3a:8a:68:0c:6c:fb:77:
56:14:3c:84:27:ba:b2:c0:05:4c:f0:b2:dd:39:73:
7a:b3:ef:ab:e8:e5:28:be:c3:04:17:6d:0a:4d:a1:
fa:24:f5:b5:f5:98:a0:ef:a7:0f:10:db:ac:4e:e9:
2d:a9:4a:29:a1:a3:50:2f:bd:a7:0c:54:af:cb:30:
f1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D2:83:CF:80:0C:73:B1:76:F6:40:50:D2:6D:AF:71:6F:10:D6:6C
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s9KDz4AMc7F29kBQ0m2vcW8Q1mw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c0:78:0f:90:fa:a8:cf:4c:eb:28:65:4f:e9:69:d4:29:62:
d8:99:a3:b8:7e:cb:f6:af:89:0f:1c:9d:17:6b:34:30:64:37:
24:01:0f:ab:89:8a:c2:c9:50:2b:62:07:07:67:97:8e:57:48:
c5:7f:0a:65:cb:34:83:87:fe:4b:08:1f:3d:04:f9:45:1b:e6:
da:66:03:ff:c6:03:62:dc:28:e0:c7:21:c6:ad:f8:b5:16:7a:
53:dd:f1:28:61:44:f8:cd:ad:d7:57:75:4c:9c:70:d7:7b:2f:
c6:be:81:5b:0a:f2:12:12:c1:e3:85:e7:56:66:06:ec:7f:b5:
e6:c1:5b:fd:cd:d2:cb:3d:52:44:7a:59:34:d1:10:92:b0:4e:
b5:7e:ac:56:51:d9:f6:8d:9b:f7:a3:c2:8b:fc:6a:1c:d4:d8:
80:e1:7a:63:67:b1:ba:d0:bf:3d:4c:12:de:89:71:15:11:54:
d1:1d:d6:36:4c:44:50:e2:0a:4e:f3:8f:bb:24:a9:b6:e9:02:
e1:a8:d7:09:53:9a:f4:de:ea:55:2c:e6:32:0b:f2:15:45:97:
37:3c:57:a4:82:18:ac:f8:bc:6e:ed:70:e6:98:64:0e:fa:3c:
50:e9:c4:90:99:8d:45:a6:a3:98:45:1f:c3:64:46:3e:5f:d6:
7e:da:68:b1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEIzRDI4M0NGODAwQzcz
QjE3NkY2NDA1MEQyNkRBRjcxNkYxMEQ2NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmVw/hVcUzqjV3w8xuclq+8/gWhUpQSvBWSv9gBIyIQWo0xRcD
bMDzxDKpOgLLSOCNnf4zHGMFowTiYsVFP0A+7tnKSvbJTMCyb1OBN/2qaD9WQIW3
MTVcZlVfA3z8yyE/KyYVORrpR5aDi1hFWOWpMvlKpLJfkE80j/3dOlceuDaYjX0T
MEVWlq6Mz4NLJnr/IVQFET5wJTRS3c6+M7u3AUqUJm54eA7F+tSnAJ31IYM441Kq
G3e6ydTdOopoDGz7d1YUPIQnurLABUzwst05c3qz76vo5Si+wwQXbQpNofok9bX1
mKDvpw8Q26xO6S2pSimho1AvvacMVK/LMPHRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUs9KDz4AMc7F29kBQ0m2vcW8Q1mwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3M5S0R6NEFNYzdGMjlr
QlEwbTJ2Y1c4UTFtdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIbAeA+Q+qjPTOsoZU/padQpYtiZo7h+y/av
iQ8cnRdrNDBkNyQBD6uJisLJUCtiBwdnl45XSMV/CmXLNIOH/ksIHz0E+UUb5tpm
A//GA2LcKODHIcat+LUWelPd8ShhRPjNrddXdUyccNd7L8a+gVsK8hISweOF51Zm
Bux/tebBW/3N0ss9UkR6WTTREJKwTrV+rFZR2faNm/ejwov8ahzU2IDhemNnsbrQ
vz1MEt6JcRURVNEd1jZMRFDiCk7zj7skqbbpAuGo1wlTmvTe6lUs5jIL8hVFlzc8
V6SCGKz4vG7tcOaYZA76PFDpxJCZjUWmo5hFH8NkRj5f1n7aaLE=
-----END CERTIFICATE-----
Generated at Tue Oct 1 14:39:04 2024 by rpki-client on console-ams.rpki-client.org