Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/xAqv-cesYuIhjPYUbEKyrRz4cdE.roa
File: xAqv-cesYuIhjPYUbEKyrRz4cdE.roa (raw, json)
Hash identifier: uXyCMzl3MBYtzt//GOxQRM0uLCMK8WEyELo2T5XgJ5Y=
Subject key identifier: C4:0A:AF:F9:C7:AC:62:E2:21:8C:F6:14:6C:42:B2:AD:1C:F8:71:D1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0868
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xAqv-cesYuIhjPYUbEKyrRz4cdE.roa
Signing time: Sat 05 Oct 2024 07:55:03 +0000
ROA not before: Sat 05 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2152 (0x868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 5 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C40AAFF9C7AC62E2218CF6146C42B2AD1CF871D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b1:fa:f8:b2:c6:a7:5a:ed:4f:6c:cc:ee:ae:
73:fc:e0:ce:a8:64:28:8b:93:7e:c0:92:db:12:16:
a0:36:5c:fd:b8:60:f7:43:29:bb:a6:62:9d:52:47:
6b:b6:f8:b2:54:49:21:bf:da:57:db:1f:ff:ef:d6:
38:f7:f2:92:4f:2c:6f:20:30:ec:db:d7:6f:63:6d:
94:7a:a8:8f:f2:39:13:10:fd:06:2e:f4:82:ab:30:
50:71:6b:53:e2:d9:fb:af:25:c6:3b:ef:7e:0a:8c:
14:67:5d:8c:6b:bc:97:d1:25:80:4f:90:aa:bc:6d:
fe:e3:51:8a:e6:f9:08:d1:c5:e0:1f:96:74:1a:bd:
38:f4:c6:45:bf:3c:9d:a6:90:17:96:e0:ca:42:28:
2e:cd:c0:cb:60:b7:40:d2:4b:43:8c:64:80:fd:48:
ef:2d:67:00:5c:2e:9f:56:e1:62:8b:95:dd:49:b3:
03:80:88:1e:e0:9d:c7:e2:62:6d:93:4a:6d:a6:fb:
b3:cf:75:2d:78:dd:8d:9c:e6:b7:d2:2a:1a:4f:ed:
c0:dd:ee:b3:8e:c8:c0:8d:53:05:49:ad:3f:4f:01:
b1:e3:b7:dc:ff:33:d4:c3:ec:25:85:bd:16:b3:3c:
bb:8c:aa:2f:f7:a5:3a:a2:b7:df:02:11:6b:66:93:
7f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0A:AF:F9:C7:AC:62:E2:21:8C:F6:14:6C:42:B2:AD:1C:F8:71:D1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xAqv-cesYuIhjPYUbEKyrRz4cdE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:02:c9:46:db:92:98:ea:fe:fa:c9:9f:6e:3b:5a:34:a7:64:
48:e7:31:3e:9e:2c:66:d7:ac:dc:d4:b0:b6:be:f5:88:35:52:
1e:0a:d4:7e:56:32:0a:b5:ac:53:d3:b9:b2:ee:c5:57:f0:09:
a2:78:a5:56:8a:07:88:0d:e4:50:19:79:58:a3:d3:09:70:d7:
4b:d7:db:32:46:9c:44:3f:53:91:d9:15:ea:f8:68:b8:0a:79:
81:a0:c2:00:0a:75:6d:37:15:95:4c:76:e1:45:00:af:8b:81:
3f:38:30:6a:41:ef:03:d3:b1:34:c0:f0:c6:35:d1:60:85:fc:
ed:e7:71:f4:a4:57:a5:67:7a:c9:d0:d3:7c:76:42:cf:af:ec:
04:7d:45:ae:24:08:bd:99:e8:bc:41:8b:f0:b6:ce:93:5e:0e:
36:61:01:b5:6a:74:35:76:c7:97:f9:b1:8e:7b:42:b8:c7:e2:
be:91:c6:0e:23:7a:db:1c:5f:8d:67:3d:b7:d6:59:d8:6d:d4:
a2:be:7d:49:bf:b0:d0:cb:18:df:36:66:27:5c:24:a7:fe:3e:
d7:43:f4:89:f1:10:5f:3a:c7:18:c0:b6:b6:a5:69:2c:40:f9:
d6:1e:95:a5:47:ed:7c:54:76:9b:3a:eb:21:c0:43:77:a5:63:
44:8b:89:b0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDUw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM0MEFBRkY5QzdBQzYy
RTIyMThDRjYxNDZDNDJCMkFEMUNGODcxRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/sfr4ssanWu1PbMzurnP84M6oZCiLk37AktsSFqA2XP24YPdD
KbumYp1SR2u2+LJUSSG/2lfbH//v1jj38pJPLG8gMOzb129jbZR6qI/yORMQ/QYu
9IKrMFBxa1Pi2fuvJcY7734KjBRnXYxrvJfRJYBPkKq8bf7jUYrm+QjRxeAflnQa
vTj0xkW/PJ2mkBeW4MpCKC7NwMtgt0DSS0OMZID9SO8tZwBcLp9W4WKLld1JswOA
iB7gncfiYm2TSm2m+7PPdS143Y2c5rfSKhpP7cDd7rOOyMCNUwVJrT9PAbHjt9z/
M9TD7CWFvRazPLuMqi/3pTqit98CEWtmk393AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUxAqv+cesYuIhjPYUbEKyrRz4cdEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3hBcXYtY2VzWXVJaGpQ
WVViRUt5clJ6NGNkRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADsCyUbbkpjq/vrJn247WjSnZEjnMT6eLGbX
rNzUsLa+9Yg1Uh4K1H5WMgq1rFPTubLuxVfwCaJ4pVaKB4gN5FAZeVij0wlw10vX
2zJGnEQ/U5HZFer4aLgKeYGgwgAKdW03FZVMduFFAK+LgT84MGpB7wPTsTTA8MY1
0WCF/O3ncfSkV6VnesnQ03x2Qs+v7AR9Ra4kCL2Z6LxBi/C2zpNeDjZhAbVqdDV2
x5f5sY57QrjH4r6Rxg4jetscX41nPbfWWdht1KK+fUm/sNDLGN82ZidcJKf+PtdD
9InxEF86xxjAtralaSxA+dYelaVH7XxUdps66yHAQ3elY0SLibA=
-----END CERTIFICATE-----
Generated at Sat Oct 5 16:36:54 2024 by rpki-client on console-fra.rpki-client.org