Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ykQSFz4SKhkQGNgUvo_pnmO6f48.roa
File: ykQSFz4SKhkQGNgUvo_pnmO6f48.roa (raw, json)
Hash identifier: 2/+t4l0vQV63is+jScgzNJTj4BE+YmONv+GFpFsBGt8=
Subject key identifier: CA:44:12:17:3E:12:2A:19:10:18:D8:14:BE:8F:E9:9E:63:BA:7F:8F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 05F2
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ykQSFz4SKhkQGNgUvo_pnmO6f48.roa
Signing time: Sat 27 Jul 2024 07:55:04 +0000
ROA not before: Sat 27 Jul 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1522 (0x5f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 27 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=CA4412173E122A191018D814BE8FE99E63BA7F8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:44:6f:57:90:61:49:a1:99:00:98:2f:a9:69:
26:2e:5e:bf:cf:98:46:ad:77:64:8d:33:f4:2f:68:
d9:7a:6d:c3:3b:1b:15:e0:e6:83:0a:1d:02:fe:bf:
96:e6:c0:71:2a:59:6a:77:51:65:5c:c7:b1:51:7a:
5b:31:25:3b:c1:69:49:ff:89:e5:29:8c:78:57:2b:
51:ab:93:78:71:b6:0a:d9:0a:85:e6:fc:40:1c:b1:
0e:c4:36:d5:9a:8f:b4:82:a3:2a:78:62:ec:36:7b:
d6:a8:25:48:df:7e:9d:c2:6e:87:4e:af:94:a2:5c:
65:6b:46:59:05:2b:92:4e:d5:37:81:fe:05:c6:69:
72:ea:a8:b3:a0:1f:cd:63:2a:f9:6b:cc:7b:1c:47:
aa:14:c1:cf:e1:c1:dc:7f:1b:51:d5:33:f2:f9:01:
67:0b:d6:ad:45:2e:49:cc:82:32:de:09:e6:10:0b:
e9:f8:90:2c:b6:54:ba:cb:00:57:52:3c:be:a8:b0:
6e:00:7e:81:b8:5f:e9:1b:88:b2:db:ee:a8:78:41:
5e:52:0c:28:42:56:29:20:87:6d:a6:f7:39:24:86:
9d:23:15:73:e3:e8:01:86:9f:ad:95:97:34:8e:dc:
3b:59:3f:63:45:5c:39:f8:c5:2e:98:13:de:d8:6b:
e3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:12:17:3E:12:2A:19:10:18:D8:14:BE:8F:E9:9E:63:BA:7F:8F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ykQSFz4SKhkQGNgUvo_pnmO6f48.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
03:da:a5:be:a4:ca:72:a8:09:19:69:28:5b:25:03:ab:d2:4d:
d8:8e:32:56:1d:cd:a3:dd:39:b5:ee:a5:b1:4b:d2:18:45:32:
b5:68:58:0a:40:0e:ed:a8:c3:81:63:9b:68:9f:dc:d9:61:ad:
78:fe:34:54:80:dd:1a:ab:a0:01:16:7d:5f:da:1a:a3:47:2e:
d3:58:21:22:0c:20:72:3b:1c:6d:15:85:a6:a5:83:0b:df:62:
40:75:cf:df:80:0c:35:d9:63:d3:60:dd:dd:eb:8c:54:2f:03:
d1:d6:00:0d:f8:92:f1:41:11:8c:0d:9e:95:b7:21:04:1e:09:
40:d9:4b:58:22:5d:37:55:2a:84:0a:ed:2b:13:a1:e8:26:6a:
75:8a:1f:5f:49:1f:61:21:07:f9:f4:c0:f1:b2:03:6b:66:80:
5a:59:9c:27:fd:35:95:12:c9:0c:b4:55:03:5c:f6:92:84:57:
0e:06:e5:d6:72:86:f0:9f:19:73:7b:1d:f5:a4:fd:b2:46:20:
42:01:64:0f:a2:a7:0c:3e:4b:6a:66:d4:88:3f:0b:86:17:05:
46:24:60:3e:ea:9e:77:61:b7:a3:06:ed:5b:28:cc:51:f0:74:
bb:f6:57:f7:e3:8c:2f:4b:fe:2d:3f:58:44:6e:26:48:62:98:
df:7f:88:5d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3Mjcw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKENBNDQxMjE3M0UxMjJB
MTkxMDE4RDgxNEJFOEZFOTlFNjNCQTdGOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyRG9XkGFJoZkAmC+paSYuXr/PmEatd2SNM/QvaNl6bcM7GxXg
5oMKHQL+v5bmwHEqWWp3UWVcx7FRelsxJTvBaUn/ieUpjHhXK1Grk3hxtgrZCoXm
/EAcsQ7ENtWaj7SCoyp4Yuw2e9aoJUjffp3CbodOr5SiXGVrRlkFK5JO1TeB/gXG
aXLqqLOgH81jKvlrzHscR6oUwc/hwdx/G1HVM/L5AWcL1q1FLknMgjLeCeYQC+n4
kCy2VLrLAFdSPL6osG4AfoG4X+kbiLLb7qh4QV5SDChCVikgh22m9zkkhp0jFXPj
6AGGn62VlzSO3DtZP2NFXDn4xS6YE97Ya+N/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUykQSFz4SKhkQGNgUvo/pnmO6f48wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3lrUVNGejRTS2hrUUdO
Z1V2b19wbm1PNmY0OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAPapb6kynKoCRlpKFslA6vSTdiOMlYdzaPd
ObXupbFL0hhFMrVoWApADu2ow4Fjm2if3NlhrXj+NFSA3RqroAEWfV/aGqNHLtNY
ISIMIHI7HG0VhaalgwvfYkB1z9+ADDXZY9Ng3d3rjFQvA9HWAA34kvFBEYwNnpW3
IQQeCUDZS1giXTdVKoQK7SsToegmanWKH19JH2EhB/n0wPGyA2tmgFpZnCf9NZUS
yQy0VQNc9pKEVw4G5dZyhvCfGXN7HfWk/bJGIEIBZA+ipww+S2pm1Ig/C4YXBUYk
YD7qnndht6MG7VsozFHwdLv2V/fjjC9L/i0/WERuJkhimN9/iF0=
-----END CERTIFICATE-----
Generated at Sat Jul 27 13:09:44 2024 by rpki-client on console-fra.rpki-client.org