Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/tOFiUbUUNU2HQZFJBlHDKqjLlZs.roa
File: tOFiUbUUNU2HQZFJBlHDKqjLlZs.roa (raw, json)
Hash identifier: phknug0fS/jhHA87pYnD2ExVcAY5rTFRsndgM4/uRaY=
Subject key identifier: B4:E1:62:51:B5:14:35:4D:87:41:91:49:06:51:C3:2A:A8:CB:95:9B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 081D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tOFiUbUUNU2HQZFJBlHDKqjLlZs.roa
Signing time: Thu 26 Sep 2024 23:55:03 +0000
ROA not before: Thu 26 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2077 (0x81d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 26 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B4E16251B514354D874191490651C32AA8CB959B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1a:58:d6:24:83:51:a7:c7:c6:76:e7:83:f0:
e7:a9:38:2f:3c:60:5e:2e:3b:59:7b:f7:6a:e4:f3:
a1:ee:48:c8:d0:17:3d:55:79:fb:95:3b:f7:f4:31:
b7:f5:a2:6c:95:11:27:f6:10:76:05:8c:d6:df:1d:
b3:34:54:cc:b7:cb:ff:7b:77:f7:0b:fd:bb:be:db:
41:54:4a:82:82:9c:92:66:1e:be:ed:9b:18:fd:bc:
06:e4:3c:16:09:bc:d8:93:5a:81:14:bf:a1:ea:7e:
ec:91:2e:59:ce:b5:4c:65:0d:e3:f0:4d:ab:6c:10:
34:3c:ea:88:96:8e:1d:76:cb:9c:93:0d:cc:ee:cd:
64:42:ad:b5:37:09:7e:bf:e7:cb:7f:07:d2:5b:a1:
52:0b:e8:fe:49:10:87:10:b7:e8:84:0f:8e:b0:68:
7c:38:dc:72:e1:ee:ed:78:8b:08:e0:86:84:51:0b:
4f:71:48:b8:33:da:d8:11:02:bf:95:b6:ec:fe:d8:
7c:4a:b5:2f:10:24:3c:f5:d3:8a:a6:7a:74:c0:a9:
57:f8:b4:50:5d:67:e6:aa:2a:df:36:cc:16:b2:be:
be:60:17:02:98:76:3b:58:23:cb:b2:28:e1:f8:f8:
31:20:51:38:de:1c:d1:1b:00:34:1e:3b:5d:eb:89:
c1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E1:62:51:B5:14:35:4D:87:41:91:49:06:51:C3:2A:A8:CB:95:9B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tOFiUbUUNU2HQZFJBlHDKqjLlZs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b4:82:d6:a9:a3:b1:17:6b:67:df:6f:89:5f:b5:e2:62:38:
fd:3c:cc:6f:4f:1d:d3:64:99:99:f9:1b:7c:88:69:68:43:b1:
54:e8:9d:5b:67:e5:00:a5:01:13:c2:03:7a:ab:75:84:e9:ad:
1c:9e:d6:10:20:7f:06:6c:0f:cf:e8:e9:e0:50:eb:55:0e:99:
3c:1a:df:4f:48:40:ee:dd:26:f6:94:bd:a6:c7:e8:b1:e5:f8:
14:a8:e0:56:55:12:c2:17:b1:08:c5:5d:ea:ce:8e:d7:27:a5:
28:98:b2:35:73:92:8b:57:d6:96:ed:5e:2c:47:08:3d:8b:46:
31:c5:02:0f:ce:9b:53:e3:88:80:79:9b:49:41:40:d0:7d:12:
30:75:45:4a:9d:7a:dd:f2:bb:35:ad:18:80:d0:d6:be:ce:b2:
85:c6:a9:c2:6b:3b:e4:89:da:7b:5f:c9:58:2a:7c:0f:d0:4a:
9b:0d:4c:d0:bf:8a:a5:9e:09:b7:64:72:a1:0b:92:77:9f:e9:
33:6f:be:3a:fb:fd:96:bb:35:e1:ec:ca:1c:25:ca:2e:be:d3:
5c:84:71:58:8c:ed:f4:0e:1d:02:53:7e:37:84:f7:e4:c8:4a:
8a:cd:b5:05:99:27:43:1e:0b:b4:e7:ad:02:4c:81:6d:12:12:
94:85:e2:d8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCB0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjYy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI0RTE2MjUxQjUxNDM1
NEQ4NzQxOTE0OTA2NTFDMzJBQThDQjk1OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5GljWJINRp8fGdueD8OepOC88YF4uO1l792rk86HuSMjQFz1V
efuVO/f0Mbf1omyVESf2EHYFjNbfHbM0VMy3y/97d/cL/bu+20FUSoKCnJJmHr7t
mxj9vAbkPBYJvNiTWoEUv6HqfuyRLlnOtUxlDePwTatsEDQ86oiWjh12y5yTDczu
zWRCrbU3CX6/58t/B9JboVIL6P5JEIcQt+iED46waHw43HLh7u14iwjghoRRC09x
SLgz2tgRAr+Vtuz+2HxKtS8QJDz104qmenTAqVf4tFBdZ+aqKt82zBayvr5gFwKY
djtYI8uyKOH4+DEgUTjeHNEbADQeO13ricHDAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUtOFiUbUUNU2HQZFJBlHDKqjLlZswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3RPRmlVYlVVTlUySFFa
RkpCbEhES3FqTGxacy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHG0gtapo7EXa2ffb4lfteJiOP08zG9PHdNk
mZn5G3yIaWhDsVTonVtn5QClARPCA3qrdYTprRye1hAgfwZsD8/o6eBQ61UOmTwa
309IQO7dJvaUvabH6LHl+BSo4FZVEsIXsQjFXerOjtcnpSiYsjVzkotX1pbtXixH
CD2LRjHFAg/Om1PjiIB5m0lBQNB9EjB1RUqdet3yuzWtGIDQ1r7OsoXGqcJrO+SJ
2ntfyVgqfA/QSpsNTNC/iqWeCbdkcqELknef6TNvvjr7/Za7NeHsyhwlyi6+01yE
cViM7fQOHQJTfjeE9+TISorNtQWZJ0MeC7TnrQJMgW0SEpSF4tg=
-----END CERTIFICATE-----
Generated at Fri Sep 27 05:07:44 2024 by rpki-client on console-fra.rpki-client.org