Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/xo9iSq608CKFS4H7fVrSKsFmGM8.roa
File: xo9iSq608CKFS4H7fVrSKsFmGM8.roa (raw, json)
Hash identifier: 1EJFI4x5AbDQhsoOqDGNxJuSABCIEKcT55WqzO7K3aI=
Subject key identifier: C6:8F:62:4A:AE:B4:F0:22:85:4B:81:FB:7D:5A:D2:2A:C1:66:18:CF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09B9
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xo9iSq608CKFS4H7fVrSKsFmGM8.roa
Signing time: Mon 11 Nov 2024 15:55:03 +0000
ROA not before: Mon 11 Nov 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2489 (0x9b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 11 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C68F624AAEB4F022854B81FB7D5AD22AC16618CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ec:d5:c5:5e:c5:6f:28:9a:1e:ba:37:12:fb:
96:48:01:53:14:73:89:e0:83:05:01:d4:00:b1:f1:
46:8f:94:0f:0d:b1:fc:21:5b:28:5b:ce:11:3d:1c:
d8:35:d9:f8:eb:9d:87:cb:7b:8c:a1:69:73:16:01:
ab:b7:81:cd:11:25:e6:9f:7e:c9:3c:1f:d8:c5:bc:
de:40:91:83:c5:ff:3c:16:5f:88:41:aa:9f:7a:c2:
fd:d1:fc:db:22:bc:bc:f9:4e:bf:d4:40:46:98:19:
af:6a:d0:6b:67:15:c1:e5:5f:bc:57:98:5e:18:a2:
d9:f6:69:b9:4c:3e:cf:76:4b:43:16:06:dd:35:de:
1f:ae:04:8f:17:fd:f9:91:ad:fa:00:50:12:2d:10:
a2:82:71:05:76:22:33:3e:ee:cc:2f:48:ad:56:9c:
a4:57:56:0d:8c:14:4e:53:19:c3:76:80:71:36:9b:
cb:e9:62:95:35:6d:36:8a:34:63:e8:9f:a4:d1:9d:
b4:ee:6c:cf:5c:23:23:c9:93:86:7b:9a:8b:1a:19:
5c:36:3d:51:62:24:47:e2:39:3a:22:10:61:a9:2e:
ef:68:2b:27:43:2a:c4:8e:db:4f:b4:f0:dc:86:10:
b9:51:c5:15:d2:2a:5d:84:da:e1:d2:39:5f:b8:7b:
49:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8F:62:4A:AE:B4:F0:22:85:4B:81:FB:7D:5A:D2:2A:C1:66:18:CF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xo9iSq608CKFS4H7fVrSKsFmGM8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a2:0e:8d:f1:00:4f:c6:5e:59:df:a0:61:13:0f:5d:a3:42:
fe:68:f9:9c:a7:f5:56:23:06:58:6c:db:a1:43:20:12:d3:b8:
f9:e7:fa:04:8d:80:75:28:18:25:f3:52:ee:dc:dd:29:ea:1c:
e6:76:77:6c:a2:fc:40:96:33:b4:07:a2:34:c1:26:0c:0c:22:
04:f4:e7:b3:73:34:51:54:a3:ab:22:cb:2a:79:5c:5e:3e:d6:
49:ef:9b:14:18:fd:8d:bb:bb:d0:90:0a:4e:57:1f:5b:83:04:
14:da:26:a4:85:49:08:91:7f:93:df:6d:02:cb:f8:fb:86:2e:
e6:8e:e5:ce:2f:ab:32:23:90:fd:50:68:5e:b5:cc:58:ac:67:
7f:f2:4c:d4:5d:1c:f7:bd:ba:8c:bf:92:cc:bc:69:81:05:9d:
aa:f0:1d:a7:19:37:78:52:cb:90:d6:90:28:5c:06:77:64:1c:
07:a2:d4:a3:88:28:96:8f:22:48:0a:d3:31:7a:c7:6f:ba:65:
18:40:16:12:9a:6c:b9:71:97:0b:af:09:11:ad:17:06:42:70:
d5:d6:28:f6:85:f5:61:81:a6:7a:e2:d5:5e:94:99:ec:69:71:
b2:17:d9:43:5f:db:15:ae:8b:e8:fc:9f:01:86:e2:64:0b:dd:
38:9d:cc:48
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM2OEY2MjRBQUVCNEYw
MjI4NTRCODFGQjdENUFEMjJBQzE2NjE4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDd7NXFXsVvKJoeujcS+5ZIAVMUc4nggwUB1ACx8UaPlA8Nsfwh
WyhbzhE9HNg12fjrnYfLe4yhaXMWAau3gc0RJeaffsk8H9jFvN5AkYPF/zwWX4hB
qp96wv3R/NsivLz5Tr/UQEaYGa9q0GtnFcHlX7xXmF4Yotn2ablMPs92S0MWBt01
3h+uBI8X/fmRrfoAUBItEKKCcQV2IjM+7swvSK1WnKRXVg2MFE5TGcN2gHE2m8vp
YpU1bTaKNGPon6TRnbTubM9cIyPJk4Z7mosaGVw2PVFiJEfiOToiEGGpLu9oKydD
KsSO20+08NyGELlRxRXSKl2E2uHSOV+4e0kjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUxo9iSq608CKFS4H7fVrSKsFmGM8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3hvOWlTcTYwOENLRlM0
SDdmVnJTS3NGbUdNOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEeiDo3xAE/GXlnfoGETD12jQv5o+Zyn9VYj
Blhs26FDIBLTuPnn+gSNgHUoGCXzUu7c3SnqHOZ2d2yi/ECWM7QHojTBJgwMIgT0
57NzNFFUo6siyyp5XF4+1knvmxQY/Y27u9CQCk5XH1uDBBTaJqSFSQiRf5PfbQLL
+PuGLuaO5c4vqzIjkP1QaF61zFisZ3/yTNRdHPe9uoy/ksy8aYEFnarwHacZN3hS
y5DWkChcBndkHAei1KOIKJaPIkgK0zF6x2+6ZRhAFhKabLlxlwuvCRGtFwZCcNXW
KPaF9WGBpnri1V6UmexpcbIX2UNf2xWui+j8nwGG4mQL3TidzEg=
-----END CERTIFICATE-----
Generated at Tue Nov 12 00:40:41 2024 by rpki-client on console-ams.rpki-client.org