Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/uzJuGXPlGRz81ymz4I60BcSh-5E.roa
File: uzJuGXPlGRz81ymz4I60BcSh-5E.roa (raw, json)
Hash identifier: pVKOHXzKzw4yVC0NE6ttu+wTcHZJmsbPgIW17hob0Go=
Subject key identifier: BB:32:6E:19:73:E5:19:1C:FC:D7:29:B3:E0:8E:B4:05:C4:A1:FB:91
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 05D1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/uzJuGXPlGRz81ymz4I60BcSh-5E.roa
Signing time: Tue 23 Jul 2024 15:55:03 +0000
ROA not before: Tue 23 Jul 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1489 (0x5d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 23 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=BB326E1973E5191CFCD729B3E08EB405C4A1FB91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:c4:7a:c2:19:8a:bc:03:62:cf:3f:3d:e1:67:
99:4d:c1:bb:96:d4:52:ea:eb:cd:d1:15:bb:e8:cf:
5d:52:f8:6b:75:f1:b1:9d:fd:86:d4:ce:35:3f:a3:
66:06:8c:83:9a:ee:9c:42:3a:35:04:73:34:29:52:
6d:35:48:c4:55:4d:70:a6:e4:67:ce:c0:0d:3a:6c:
5e:a1:a5:15:25:0e:d8:b6:9b:f3:69:d5:ba:a5:7b:
c9:bb:52:25:52:10:ee:8a:f8:f7:d1:6f:08:52:49:
d9:7d:89:44:c3:fe:00:c5:2e:05:e6:8e:92:db:79:
22:f3:85:f3:7a:07:0d:3c:e2:6d:41:04:be:c7:8e:
b8:d0:a4:c7:01:3f:61:7e:38:48:f1:ae:0f:90:9e:
5b:c5:a6:50:4a:30:ee:78:46:25:db:11:72:45:58:
a8:15:96:cb:f1:7c:9e:e8:12:34:0c:51:41:3a:04:
01:64:45:cc:b1:60:61:17:1d:a1:b6:70:c4:e8:5e:
a7:9b:45:03:ec:58:06:ac:54:88:ed:cc:7d:ff:5d:
e0:93:66:15:61:db:fc:a1:98:34:08:64:d2:5e:53:
4d:8d:66:8c:a1:cb:89:cc:2b:f9:1e:69:e5:53:e3:
2e:7b:7e:15:da:5b:c8:05:6f:d9:0d:f3:7b:55:69:
af:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:32:6E:19:73:E5:19:1C:FC:D7:29:B3:E0:8E:B4:05:C4:A1:FB:91
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/uzJuGXPlGRz81ymz4I60BcSh-5E.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
21:24:4a:64:99:97:34:e8:78:6d:03:65:c2:4e:9f:a7:50:82:
cc:13:97:9f:e9:b0:a2:8f:07:60:17:7d:52:02:30:88:3b:24:
a7:2c:91:53:1c:cb:ac:ac:3b:b7:17:ca:a4:44:46:d5:74:f9:
37:78:ec:5f:60:8a:d8:24:1d:7e:6e:53:0c:32:ff:b2:33:7c:
e7:12:ec:db:46:c0:a4:ad:27:eb:da:7c:a5:4c:6c:43:01:98:
22:2f:14:6b:a9:c7:38:dd:11:32:d5:a3:2d:cf:f2:b7:9f:93:
fb:c8:b4:ed:25:f4:45:ba:76:9a:89:7c:48:49:f9:89:22:ec:
bf:f2:64:6e:de:16:47:3a:e4:f6:56:0a:8e:28:44:57:44:f8:
72:d4:ad:b8:f2:2f:81:f5:36:dd:a0:a6:95:f2:fa:3f:cc:d1:
83:5d:3b:88:d6:de:22:43:53:e8:55:5a:57:62:12:56:45:2f:
ad:cf:a1:81:bc:19:b0:7a:6c:98:2b:91:67:86:45:eb:59:f3:
56:40:94:84:f7:be:b9:97:af:d5:3b:ba:ac:07:7d:3f:f6:d1:
34:f3:f4:71:48:66:df:36:fc:a8:51:43:b4:c9:3d:1c:9e:51:
a9:da:b4:2d:7b:a0:c7:5b:6b:64:fe:e5:60:e3:97:35:7f:e3:
ae:a7:91:87
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MjMx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEJCMzI2RTE5NzNFNTE5
MUNGQ0Q3MjlCM0UwOEVCNDA1QzRBMUZCOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5xHrCGYq8A2LPPz3hZ5lNwbuW1FLq683RFbvoz11S+Gt18bGd
/YbUzjU/o2YGjIOa7pxCOjUEczQpUm01SMRVTXCm5GfOwA06bF6hpRUlDti2m/Np
1bqle8m7UiVSEO6K+PfRbwhSSdl9iUTD/gDFLgXmjpLbeSLzhfN6Bw084m1BBL7H
jrjQpMcBP2F+OEjxrg+QnlvFplBKMO54RiXbEXJFWKgVlsvxfJ7oEjQMUUE6BAFk
RcyxYGEXHaG2cMToXqebRQPsWAasVIjtzH3/XeCTZhVh2/yhmDQIZNJeU02NZoyh
y4nMK/keaeVT4y57fhXaW8gFb9kN83tVaa8vAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUuzJuGXPlGRz81ymz4I60BcSh+5EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3V6SnVHWFBsR1J6ODF5
bXo0STYwQmNTaC01RS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACEkSmSZlzToeG0DZcJOn6dQgswTl5/psKKP
B2AXfVICMIg7JKcskVMcy6ysO7cXyqRERtV0+Td47F9gitgkHX5uUwwy/7IzfOcS
7NtGwKStJ+vafKVMbEMBmCIvFGupxzjdETLVoy3P8refk/vItO0l9EW6dpqJfEhJ
+Yki7L/yZG7eFkc65PZWCo4oRFdE+HLUrbjyL4H1Nt2gppXy+j/M0YNdO4jW3iJD
U+hVWldiElZFL63PoYG8GbB6bJgrkWeGRetZ81ZAlIT3vrmXr9U7uqwHfT/20TTz
9HFIZt82/KhRQ7TJPRyeUanatC17oMdba2T+5WDjlzV/466nkYc=
-----END CERTIFICATE-----
Generated at Tue Jul 23 21:58:31 2024 by rpki-client on console-fra.rpki-client.org