Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/yP-SvY49F8fXoP5TmMODUzdFuEE.roa
File: yP-SvY49F8fXoP5TmMODUzdFuEE.roa (raw, json)
Hash identifier: mv1wCujBy3kJixp/z2zuHUt9tvGjzN8FxJ5iwGmY/JM=
Subject key identifier: C8:FF:92:BD:8E:3D:17:C7:D7:A0:FE:53:98:C3:83:53:37:45:B8:41
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0808
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yP-SvY49F8fXoP5TmMODUzdFuEE.roa
Signing time: Tue 24 Sep 2024 15:55:03 +0000
ROA not before: Tue 24 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2056 (0x808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 24 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C8FF92BD8E3D17C7D7A0FE5398C383533745B841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:3b:bc:c4:0b:21:b8:a9:f6:ad:58:a7:72:
fe:0c:a1:8e:a0:28:26:72:e2:d6:a4:16:4f:ea:ec:
82:70:1c:4d:b0:63:8a:2e:17:d2:33:58:c5:ea:9e:
9d:f8:ff:cb:c9:80:05:12:a4:65:3d:c0:c4:0f:98:
98:a7:e5:43:61:7f:f4:46:44:fb:a1:76:83:23:cd:
c2:87:3c:b8:11:7d:59:1a:10:30:c9:b0:30:4d:e2:
ac:b8:a5:94:4e:79:bb:96:68:33:77:cf:51:2e:9e:
32:2c:4e:c8:ca:17:9a:9a:81:49:24:73:ed:d5:39:
60:ca:06:d4:92:e0:de:9c:27:17:83:a2:d4:d7:68:
84:b9:ad:c7:af:86:3e:61:61:bb:29:3a:1f:37:10:
3e:81:fb:17:ca:8d:5e:be:b6:e0:d8:2e:63:09:af:
de:4e:41:e0:0f:8b:ae:a5:75:4a:cc:d1:57:2a:a4:
88:5a:88:10:67:55:dd:60:d1:fc:5b:95:0d:05:05:
75:fb:38:a0:13:f9:5c:da:fe:94:d0:c6:33:21:d8:
80:67:e0:82:7a:05:89:44:f1:6a:7f:21:7a:27:d2:
dd:ea:3b:2d:de:8a:18:73:34:f0:80:4b:16:6b:47:
64:d0:e2:fb:df:dc:9e:4f:5b:df:c4:18:4f:b1:62:
88:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FF:92:BD:8E:3D:17:C7:D7:A0:FE:53:98:C3:83:53:37:45:B8:41
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yP-SvY49F8fXoP5TmMODUzdFuEE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:00:85:db:b8:1b:14:49:6e:fb:31:a4:c4:cc:39:00:c2:c6:
08:fb:e8:9d:4b:8e:e7:12:bd:c1:5b:fd:97:d0:12:eb:38:1b:
ae:76:1b:98:d7:81:5c:81:c5:8a:7b:81:99:a7:5c:b5:eb:60:
1b:38:f4:4f:12:69:c9:1e:0d:87:cc:94:8b:87:b6:d6:24:a5:
5e:ec:be:b1:33:a7:63:b7:ee:55:4c:16:a5:eb:4d:42:92:6a:
14:a8:37:f4:4f:04:32:0b:ee:69:4b:ee:e1:fc:79:8f:4e:74:
24:a4:db:50:5a:c6:57:55:95:3a:94:6f:08:eb:e1:05:ac:a3:
37:5d:b4:62:8d:c1:a3:b6:cf:6a:83:87:6b:b0:e0:85:91:23:
bb:f8:11:0e:ad:73:60:ad:eb:1b:5f:7d:c5:4e:2e:b9:de:b4:
bb:22:de:49:92:33:4b:27:0a:8b:c7:6f:07:96:a2:9c:df:56:
de:20:6f:a5:f7:9c:a1:b2:1d:6c:2a:c4:e2:0e:24:13:14:e5:
66:89:2a:5d:fc:e6:40:a6:8a:ef:64:f4:b0:f1:60:5f:90:97:
3f:a0:d0:66:c6:31:ac:4e:a0:12:d0:1d:f0:e9:f4:da:e7:40:
00:96:e6:97:d8:31:f9:4a:f4:c3:a1:96:5f:db:f9:0b:f3:dc:
89:8f:ec:3f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MjQx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM4RkY5MkJEOEUzRDE3
QzdEN0EwRkU1Mzk4QzM4MzUzMzc0NUI4NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/DDu8xAshuKn2rVincv4MoY6gKCZy4takFk/q7IJwHE2wY4ou
F9IzWMXqnp34/8vJgAUSpGU9wMQPmJin5UNhf/RGRPuhdoMjzcKHPLgRfVkaEDDJ
sDBN4qy4pZROebuWaDN3z1EunjIsTsjKF5qagUkkc+3VOWDKBtSS4N6cJxeDotTX
aIS5rcevhj5hYbspOh83ED6B+xfKjV6+tuDYLmMJr95OQeAPi66ldUrM0VcqpIha
iBBnVd1g0fxblQ0FBXX7OKAT+Vza/pTQxjMh2IBn4IJ6BYlE8Wp/IXon0t3qOy3e
ihhzNPCASxZrR2TQ4vvf3J5PW9/EGE+xYoj5AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUyP+SvY49F8fXoP5TmMODUzdFuEEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3lQLVN2WTQ5RjhmWG9Q
NVRtTU9EVXpkRnVFRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEoAhdu4GxRJbvsxpMTMOQDCxgj76J1LjucS
vcFb/ZfQEus4G652G5jXgVyBxYp7gZmnXLXrYBs49E8SackeDYfMlIuHttYkpV7s
vrEzp2O37lVMFqXrTUKSahSoN/RPBDIL7mlL7uH8eY9OdCSk21BaxldVlTqUbwjr
4QWsozddtGKNwaO2z2qDh2uw4IWRI7v4EQ6tc2Ct6xtffcVOLrnetLsi3kmSM0sn
CovHbweWopzfVt4gb6X3nKGyHWwqxOIOJBMU5WaJKl385kCmiu9k9LDxYF+Qlz+g
0GbGMaxOoBLQHfDp9NrnQACW5pfYMflK9MOhll/b+Qvz3ImP7D8=
-----END CERTIFICATE-----
Generated at Tue Sep 24 22:03:02 2024 by rpki-client on console-fra.rpki-client.org