Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/sgn3J5wsqlnWLNQ1QjJsJLkLkRY.roa
File: sgn3J5wsqlnWLNQ1QjJsJLkLkRY.roa (raw, json)
Hash identifier: qFKEnB4fZkPYpuHacq+rDqsE99Yy0oDyxEnFIb68r9o=
Subject key identifier: B2:09:F7:27:9C:2C:AA:59:D6:2C:D4:35:42:32:6C:24:B9:0B:91:16
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0697
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/sgn3J5wsqlnWLNQ1QjJsJLkLkRY.roa
Signing time: Wed 14 Aug 2024 15:55:04 +0000
ROA not before: Wed 14 Aug 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1687 (0x697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 14 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B209F7279C2CAA59D62CD43542326C24B90B9116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e9:bf:42:ce:b2:60:09:eb:a5:96:58:66:fb:
b2:61:e2:86:79:a2:ce:80:13:93:ba:40:63:74:5f:
69:40:63:19:aa:fc:d7:7f:63:41:ef:a9:cf:f8:c1:
27:7c:3b:47:c5:5b:df:aa:2e:8f:94:c5:55:93:bd:
e5:24:ea:ed:93:2a:b9:3f:ea:a3:99:c2:2a:8f:60:
e2:7a:99:e0:48:87:b2:7c:7e:21:8e:7c:52:77:cc:
b0:44:a5:d8:d3:68:c9:19:3e:60:87:25:3c:2b:65:
a4:ba:c3:ea:7b:e0:99:8a:1c:78:6f:c2:58:95:44:
e9:f7:ab:22:09:aa:20:b2:06:4c:17:1e:93:97:76:
95:8b:66:79:4a:66:ee:68:90:c7:ac:cd:bc:99:dd:
cf:63:60:70:36:f5:63:c0:aa:f9:14:3c:8b:20:8b:
c9:fe:bf:9a:3f:c6:2a:dd:fb:71:45:34:ca:11:12:
18:14:5b:65:a5:31:78:fe:69:6d:99:90:ae:af:2e:
c4:d6:41:70:64:ad:5d:42:81:de:a2:bf:25:37:b6:
fb:a2:1c:a0:ca:e6:0f:34:f4:51:44:b1:6b:df:b6:
23:a9:af:54:8d:ed:eb:94:c8:3d:4e:35:c7:79:44:
7d:04:bb:0d:49:f6:38:76:c3:5b:29:d2:d9:6c:c4:
ca:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:09:F7:27:9C:2C:AA:59:D6:2C:D4:35:42:32:6C:24:B9:0B:91:16
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/sgn3J5wsqlnWLNQ1QjJsJLkLkRY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:90:4e:3e:84:17:78:bf:cf:b8:92:e4:e8:7b:1e:0c:91:04:
d3:9a:1d:12:28:42:85:52:6f:59:be:4a:e0:d5:2a:df:31:0b:
9a:55:d7:96:6f:92:70:d3:83:eb:9c:e0:34:81:ba:29:ef:1a:
2e:0b:82:fa:ec:a2:00:a6:7d:e7:e3:18:82:24:b7:19:bd:2f:
17:21:cc:49:5c:bf:0b:58:40:84:88:f7:13:01:3d:b8:3d:d3:
d0:56:eb:41:96:f6:9c:2d:4a:82:2f:d9:8f:18:4a:fe:47:76:
82:69:3c:51:7b:0c:66:37:71:75:a4:94:98:93:29:58:c6:45:
45:72:22:a8:93:07:37:44:f7:8d:7d:89:13:77:d2:97:4a:87:
37:b9:2d:0e:67:00:3e:aa:94:25:33:b6:c0:fd:9a:d4:d1:52:
6e:76:60:a3:1b:ae:7d:c1:fa:33:10:cf:9a:f6:5a:27:49:f7:
77:57:b3:76:a5:07:4a:75:7e:8c:17:e4:4b:63:3e:06:87:a7:
cb:19:ae:38:34:de:6a:31:67:cf:d7:3b:bd:3d:79:90:de:83:
36:e9:4e:ee:1a:90:70:c6:cc:69:db:6a:0b:22:2a:90:9e:c1:
dd:50:33:b3:fb:1f:ec:eb:f4:03:05:2c:97:9f:7c:87:e6:93:
89:17:4f:bc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTQx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEIyMDlGNzI3OUMyQ0FB
NTlENjJDRDQzNTQyMzI2QzI0QjkwQjkxMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD6b9CzrJgCeulllhm+7Jh4oZ5os6AE5O6QGN0X2lAYxmq/Nd/
Y0Hvqc/4wSd8O0fFW9+qLo+UxVWTveUk6u2TKrk/6qOZwiqPYOJ6meBIh7J8fiGO
fFJ3zLBEpdjTaMkZPmCHJTwrZaS6w+p74JmKHHhvwliVROn3qyIJqiCyBkwXHpOX
dpWLZnlKZu5okMeszbyZ3c9jYHA29WPAqvkUPIsgi8n+v5o/xird+3FFNMoREhgU
W2WlMXj+aW2ZkK6vLsTWQXBkrV1Cgd6ivyU3tvuiHKDK5g809FFEsWvftiOpr1SN
7euUyD1ONcd5RH0Euw1J9jh2w1sp0tlsxMqhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUsgn3J5wsqlnWLNQ1QjJsJLkLkRYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3NnbjNKNXdzcWxuV0xO
UTFRakpzSkxrTGtSWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD6QTj6EF3i/z7iS5Oh7HgyRBNOaHRIoQoVS
b1m+SuDVKt8xC5pV15ZvknDTg+uc4DSBuinvGi4LgvrsogCmfefjGIIktxm9Lxch
zElcvwtYQISI9xMBPbg909BW60GW9pwtSoIv2Y8YSv5HdoJpPFF7DGY3cXWklJiT
KVjGRUVyIqiTBzdE9419iRN30pdKhze5LQ5nAD6qlCUztsD9mtTRUm52YKMbrn3B
+jMQz5r2WidJ93dXs3alB0p1fowX5EtjPgaHp8sZrjg03moxZ8/XO709eZDegzbp
Tu4akHDGzGnbagsiKpCewd1QM7P7H+zr9AMFLJeffIfmk4kXT7w=
-----END CERTIFICATE-----
Generated at Wed Aug 14 22:30:40 2024 by rpki-client on console-fra.rpki-client.org