Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/xD9OPegNRaYdR_XvECcClLfCb_g.roa
File: xD9OPegNRaYdR_XvECcClLfCb_g.roa (raw, json)
Hash identifier: 2Ekinmdj1q4nap/jhj1COJnjcrQoKhIQFn1yAJVtJbA=
Subject key identifier: C4:3F:4E:3D:E8:0D:45:A6:1D:47:F5:EF:10:27:02:94:B7:C2:6F:F8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 083E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xD9OPegNRaYdR_XvECcClLfCb_g.roa
Signing time: Mon 30 Sep 2024 15:55:03 +0000
ROA not before: Mon 30 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2110 (0x83e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 30 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C43F4E3DE80D45A61D47F5EF10270294B7C26FF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b7:c0:db:b6:72:1b:dc:48:15:ac:2b:db:c5:
67:a0:d7:78:23:64:4e:b8:72:28:e0:f9:90:01:6c:
73:32:3b:1a:ce:c3:94:9f:0a:8e:f2:44:79:9b:0a:
e6:00:d8:4b:59:7f:38:f3:de:13:a7:4c:68:4c:45:
f8:9e:37:11:86:b6:54:e5:ef:64:62:ba:5b:52:aa:
25:bb:90:12:e6:b6:fc:2f:77:90:9e:63:9a:56:3b:
c8:a0:a1:82:41:d7:29:74:41:18:06:2b:c9:65:db:
26:97:a6:b0:b2:4d:bd:18:89:b5:c5:d9:59:64:17:
cf:05:c4:4d:0c:e5:20:13:6a:33:f0:3e:54:bf:df:
4f:09:bd:8a:16:b3:ae:87:74:f4:2d:32:7b:1e:35:
ad:c6:5f:28:17:89:96:66:8e:80:bd:d5:2a:66:a2:
e0:15:7b:f7:c9:fb:2a:1b:fc:67:ec:90:76:58:a6:
38:43:75:c1:bb:9c:14:60:26:8d:17:56:db:c8:48:
06:45:e2:b8:61:bc:4b:45:2a:ad:5c:e3:8d:9a:a4:
cb:6e:25:52:4f:f5:a5:f7:a7:3e:e0:f9:67:b5:2a:
70:54:6d:79:12:b6:e4:ef:ce:f0:94:bd:54:e0:54:
9d:72:8d:cb:5b:35:0c:25:9e:49:bc:21:82:84:71:
78:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3F:4E:3D:E8:0D:45:A6:1D:47:F5:EF:10:27:02:94:B7:C2:6F:F8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xD9OPegNRaYdR_XvECcClLfCb_g.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
15:98:12:bc:3d:b8:aa:5f:5d:e0:3f:9e:78:f9:54:b9:97:af:
6d:93:68:a7:b9:1a:d7:05:d3:eb:b6:fa:a8:26:1c:c1:2b:05:
74:8a:73:35:8b:9b:78:3c:6b:11:bf:fc:fb:7d:b6:15:00:b5:
7a:22:fe:32:c5:21:b4:62:b7:be:52:12:35:fb:77:85:04:ab:
79:11:0a:dc:b9:0f:75:8f:93:55:7d:14:8f:5d:fc:fa:cd:cb:
b6:d8:42:fa:31:b7:77:2a:84:97:33:7c:22:5f:b8:73:25:14:
4a:df:80:b2:0c:5c:b4:13:f5:4a:ad:b1:a7:39:da:b9:89:71:
94:72:cf:91:42:6f:3f:cc:bd:54:aa:95:f2:27:d2:ae:5d:67:
ec:9e:09:d2:2c:32:96:aa:03:e6:f5:ac:23:f6:81:d6:0b:0e:
6a:7c:cf:e7:55:8d:05:0e:96:bc:ea:0f:ae:ea:8e:b4:5f:90:
c3:92:08:76:fc:5a:d1:2d:ef:c6:81:c5:06:e9:75:c5:d3:ba:
c1:d9:2a:b7:d1:3b:97:91:01:ab:d2:09:88:a2:58:5a:d7:1e:
a9:ec:1e:5a:a0:a7:0c:c6:7b:25:8f:10:82:ee:39:a9:10:b6:
50:83:19:42:c4:d5:34:63:77:e8:76:79:a5:84:9d:e6:4a:e2:
54:12:11:30
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCD4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MzAx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM0M0Y0RTNERTgwRDQ1
QTYxRDQ3RjVFRjEwMjcwMjk0QjdDMjZGRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYt8DbtnIb3EgVrCvbxWeg13gjZE64cijg+ZABbHMyOxrOw5Sf
Co7yRHmbCuYA2EtZfzjz3hOnTGhMRfieNxGGtlTl72RiultSqiW7kBLmtvwvd5Ce
Y5pWO8igoYJB1yl0QRgGK8ll2yaXprCyTb0YibXF2VlkF88FxE0M5SATajPwPlS/
308JvYoWs66HdPQtMnseNa3GXygXiZZmjoC91SpmouAVe/fJ+yob/GfskHZYpjhD
dcG7nBRgJo0XVtvISAZF4rhhvEtFKq1c442apMtuJVJP9aX3pz7g+We1KnBUbXkS
tuTvzvCUvVTgVJ1yjctbNQwlnkm8IYKEcXhPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUxD9OPegNRaYdR/XvECcClLfCb/gwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3hEOU9QZWdOUmFZZFJf
WHZFQ2NDbExmQ2JfZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABWYErw9uKpfXeA/nnj5VLmXr22TaKe5GtcF
0+u2+qgmHMErBXSKczWLm3g8axG//Pt9thUAtXoi/jLFIbRit75SEjX7d4UEq3kR
Cty5D3WPk1V9FI9d/PrNy7bYQvoxt3cqhJczfCJfuHMlFErfgLIMXLQT9Uqtsac5
2rmJcZRyz5FCbz/MvVSqlfIn0q5dZ+yeCdIsMpaqA+b1rCP2gdYLDmp8z+dVjQUO
lrzqD67qjrRfkMOSCHb8WtEt78aBxQbpdcXTusHZKrfRO5eRAavSCYiiWFrXHqns
HlqgpwzGeyWPEILuOakQtlCDGULE1TRjd+h2eaWEneZK4lQSETA=
-----END CERTIFICATE-----
Generated at Mon Sep 30 22:02:10 2024 by rpki-client on console-fra.rpki-client.org