Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/v9oj3gNDhPIHY4qkoojv2eGWY_Q.roa
File: v9oj3gNDhPIHY4qkoojv2eGWY_Q.roa (raw, json)
Hash identifier: 2YaWJPJRmCJPx/qsIPiH8EOW83zx5HlgRNzRLAJfsyI=
Subject key identifier: BF:DA:23:DE:03:43:84:F2:07:63:8A:A4:A2:88:EF:D9:E1:96:63:F4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 04BA
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/v9oj3gNDhPIHY4qkoojv2eGWY_Q.roa
Signing time: Sat 22 Jun 2024 15:55:03 +0000
ROA not before: Sat 22 Jun 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1210 (0x4ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 22 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=BFDA23DE034384F207638AA4A288EFD9E19663F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:45:18:d6:30:23:06:dc:34:7f:ab:65:7a:87:
49:2a:52:9c:14:8c:4b:d9:69:f7:9e:8b:18:5f:6e:
a1:45:65:e6:c2:c1:e4:63:ae:40:34:bd:6d:ba:1a:
35:8a:ba:96:c0:12:44:4b:04:0c:1c:e1:ab:c0:b7:
34:98:86:ee:fc:66:61:48:97:6a:cd:c4:10:19:c7:
4c:1a:c2:17:0e:37:e5:51:df:e4:ba:b6:b6:60:06:
f1:e7:46:ac:50:16:da:16:03:f7:19:59:36:86:a7:
62:ed:13:4d:d3:19:03:aa:81:96:f3:59:b0:86:75:
ee:76:47:67:a9:92:d7:ad:6a:2a:3b:73:5e:9a:0c:
19:f6:a5:b6:fe:f3:2a:67:2b:10:59:68:8c:1b:08:
e2:24:75:fd:80:9b:47:c9:e1:04:76:16:7b:38:2d:
fc:1f:be:6b:47:ac:47:97:59:d8:02:25:cd:51:45:
ed:48:a2:2e:39:64:7d:46:d4:5e:4a:07:b4:8a:ee:
3b:e3:34:a2:c1:60:73:84:39:cb:d5:2a:0c:cb:a0:
62:18:67:d3:c8:90:42:7b:b8:0a:a0:2b:b2:f8:1b:
4f:c5:f5:77:30:17:8d:9a:34:ca:27:82:f9:1c:16:
13:5d:5f:90:3a:99:76:cb:50:98:b0:a1:8e:95:53:
a0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DA:23:DE:03:43:84:F2:07:63:8A:A4:A2:88:EF:D9:E1:96:63:F4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/v9oj3gNDhPIHY4qkoojv2eGWY_Q.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
76:03:be:70:6a:33:ef:21:d0:20:3d:af:8a:45:83:16:af:ea:
83:80:15:0d:27:5a:cc:e3:ed:56:17:a6:aa:23:a3:51:6a:1c:
e3:c3:4f:eb:1e:e2:5d:d8:1f:c4:6e:b0:11:70:90:5c:58:58:
2d:f6:8d:19:9a:73:e2:e9:ff:2f:cd:17:74:15:e8:02:93:db:
6b:19:d0:6b:73:91:42:04:7f:0e:89:fa:79:12:4c:ca:70:a8:
be:23:16:17:0f:42:c0:77:ba:a1:56:72:f4:f8:63:91:c7:22:
1c:0e:50:a2:01:18:e3:ba:85:aa:25:5d:25:2f:71:07:46:ca:
b3:3c:7f:1a:b3:3d:bc:2e:de:29:b9:19:40:e6:df:9f:a3:26:
90:1c:d9:ca:e0:ab:ee:e5:c1:65:4c:ad:c2:d7:87:bb:c7:cf:
d5:54:80:c5:b7:0c:66:64:ac:8a:48:a8:d0:c5:92:6b:85:05:
e7:27:f2:28:7e:28:16:16:63:bc:70:ae:32:23:d1:8a:68:e4:
6d:7e:4c:93:98:80:ba:f3:64:01:69:4c:72:e4:dd:79:3f:38:
56:84:fc:71:b6:18:16:20:6a:d0:3d:c4:fd:68:4d:a5:55:76:
cc:c6:4f:78:ae:32:44:6b:7c:a0:48:74:ee:e3:b4:2a:53:87:
27:65:71:ca
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBLowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MjIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEJGREEyM0RFMDM0Mzg0
RjIwNzYzOEFBNEEyODhFRkQ5RTE5NjYzRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoRRjWMCMG3DR/q2V6h0kqUpwUjEvZafeeixhfbqFFZebCweRj
rkA0vW26GjWKupbAEkRLBAwc4avAtzSYhu78ZmFIl2rNxBAZx0wawhcON+VR3+S6
trZgBvHnRqxQFtoWA/cZWTaGp2LtE03TGQOqgZbzWbCGde52R2epktetaio7c16a
DBn2pbb+8ypnKxBZaIwbCOIkdf2Am0fJ4QR2Fns4LfwfvmtHrEeXWdgCJc1RRe1I
oi45ZH1G1F5KB7SK7jvjNKLBYHOEOcvVKgzLoGIYZ9PIkEJ7uAqgK7L4G0/F9Xcw
F42aNMongvkcFhNdX5A6mXbLUJiwoY6VU6CTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUv9oj3gNDhPIHY4qkoojv2eGWY/QwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3Y5b2ozZ05EaFBJSFk0
cWtvb2p2MmVHV1lfUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHYDvnBqM+8h0CA9r4pFgxav6oOAFQ0nWszj
7VYXpqojo1FqHOPDT+se4l3YH8RusBFwkFxYWC32jRmac+Lp/y/NF3QV6AKT22sZ
0GtzkUIEfw6J+nkSTMpwqL4jFhcPQsB3uqFWcvT4Y5HHIhwOUKIBGOO6haolXSUv
cQdGyrM8fxqzPbwu3im5GUDm35+jJpAc2crgq+7lwWVMrcLXh7vHz9VUgMW3DGZk
rIpIqNDFkmuFBecn8ih+KBYWY7xwrjIj0Ypo5G1+TJOYgLrzZAFpTHLk3Xk/OFaE
/HG2GBYgatA9xP1oTaVVdszGT3iuMkRrfKBIdO7jtCpThydlcco=
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:05:23 2024 by rpki-client on console-fra.rpki-client.org