Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/15__tclWwcNMw41NBrhbtqEO6YQ.roa
File: 15__tclWwcNMw41NBrhbtqEO6YQ.roa (raw, json)
Hash identifier: 7FEJ/E4wBct0Y3jVs6ZTyF0l1uaK8erfTRxoxOM/0YQ=
Subject key identifier: D7:9F:FF:B5:C9:56:C1:C3:4C:C3:8D:4D:06:B8:5B:B6:A1:0E:E9:84
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A04
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/15__tclWwcNMw41NBrhbtqEO6YQ.roa
Signing time: Tue 19 Nov 2024 23:55:04 +0000
ROA not before: Tue 19 Nov 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2564 (0xa04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 19 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D79FFFB5C956C1C34CC38D4D06B85BB6A10EE984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:98:dc:c3:36:74:0c:f5:f8:2b:02:7a:c7:dc:
6a:62:11:14:83:75:95:bd:b8:92:96:b6:da:43:4c:
98:46:62:65:05:8a:92:2c:e7:32:a2:14:a8:82:7b:
95:b8:15:e0:0d:e9:55:9f:0d:ae:23:be:0a:9f:a1:
86:c1:9a:26:fc:3d:b1:a0:13:11:ad:f1:70:d7:05:
71:61:18:1a:03:97:38:d3:64:75:fa:33:d9:4b:60:
b8:1b:3b:f1:5f:51:5e:7f:d9:b9:33:f4:97:e7:9b:
26:bf:5f:9e:42:e8:5f:0a:a0:e2:71:31:f4:e0:c7:
19:bb:30:14:7d:01:5a:1c:a7:5f:e2:ce:b6:a6:a9:
20:d7:02:e0:ed:35:d3:fa:99:fa:eb:a7:97:32:1a:
ea:e1:4d:58:28:cc:57:3a:c3:0b:bb:ab:76:33:55:
2b:c8:67:30:31:bd:8d:d0:1d:e0:16:63:b1:c3:76:
dd:22:99:df:ae:1f:e1:36:5c:5b:40:84:35:96:85:
93:5d:72:ba:a5:6d:44:9a:d4:d6:08:2c:5e:89:c2:
33:c5:79:9d:11:21:d5:05:35:7b:f9:e0:ff:26:a1:
aa:6d:e9:54:56:61:5c:be:4b:ca:eb:66:ef:6c:09:
18:e2:c2:ce:af:9a:64:aa:7f:aa:a3:58:2a:9a:45:
e3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9F:FF:B5:C9:56:C1:C3:4C:C3:8D:4D:06:B8:5B:B6:A1:0E:E9:84
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/15__tclWwcNMw41NBrhbtqEO6YQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
51:03:6f:68:6d:70:05:c7:f5:79:59:62:7c:0d:67:71:73:9c:
b4:42:c6:21:df:75:60:b2:c9:48:50:32:5f:00:6c:80:3e:7d:
9f:ff:e1:3c:b9:b3:b1:ad:24:ce:52:9d:84:e0:1b:b6:2d:e2:
28:95:be:be:70:79:32:7d:88:38:22:75:3a:99:25:90:eb:42:
96:19:7c:5f:13:9f:f3:16:2c:59:d5:a0:a1:4d:64:3e:3f:2c:
07:ce:9b:6f:2a:24:8c:59:15:25:ab:61:fe:69:88:b7:9b:ac:
e5:d4:19:78:7a:cc:7c:e9:fd:78:c6:9a:ae:42:b7:00:2f:05:
4b:5f:eb:90:fd:d9:c8:23:48:df:92:f2:c8:dc:11:2a:e2:82:
cd:3e:4a:2a:06:63:6c:80:cc:1a:3a:ad:7e:9e:0e:ec:fd:07:
f8:6d:91:a9:51:a9:fd:83:21:dc:3b:4d:c7:20:ad:ac:27:28:
44:aa:6a:8e:6d:cf:1b:9b:e2:7a:ec:c6:19:98:b8:6f:cb:69:
6b:af:f7:be:10:80:b2:b3:d7:20:fd:ee:80:37:c2:56:6f:ae:
52:fa:e6:03:0f:76:2f:99:b6:5d:c8:f3:ab:d2:25:75:66:93:
85:b5:38:e0:ad:f1:c4:9f:d8:42:b9:b7:b4:a0:0c:8e:5c:79:
9d:d5:27:33
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCgQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTky
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ3OUZGRkI1Qzk1NkMx
QzM0Q0MzOEQ0RDA2Qjg1QkI2QTEwRUU5ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSmNzDNnQM9fgrAnrH3GpiERSDdZW9uJKWttpDTJhGYmUFipIs
5zKiFKiCe5W4FeAN6VWfDa4jvgqfoYbBmib8PbGgExGt8XDXBXFhGBoDlzjTZHX6
M9lLYLgbO/FfUV5/2bkz9Jfnmya/X55C6F8KoOJxMfTgxxm7MBR9AVocp1/izram
qSDXAuDtNdP6mfrrp5cyGurhTVgozFc6wwu7q3YzVSvIZzAxvY3QHeAWY7HDdt0i
md+uH+E2XFtAhDWWhZNdcrqlbUSa1NYILF6JwjPFeZ0RIdUFNXv54P8moapt6VRW
YVy+S8rrZu9sCRjiws6vmmSqf6qjWCqaRePHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU15//tclWwcNMw41NBrhbtqEO6YQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzE1X190Y2xXd2NOTXc0
MU5CcmhidHFFTzZZUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFEDb2htcAXH9XlZYnwNZ3FznLRCxiHfdWCy
yUhQMl8AbIA+fZ//4Ty5s7GtJM5SnYTgG7Yt4iiVvr5weTJ9iDgidTqZJZDrQpYZ
fF8Tn/MWLFnVoKFNZD4/LAfOm28qJIxZFSWrYf5piLebrOXUGXh6zHzp/XjGmq5C
twAvBUtf65D92cgjSN+S8sjcESrigs0+SioGY2yAzBo6rX6eDuz9B/htkalRqf2D
Idw7TccgrawnKESqao5tzxub4nrsxhmYuG/LaWuv974QgLKz1yD97oA3wlZvrlL6
5gMPdi+Ztl3I86vSJXVmk4W1OOCt8cSf2EK5t7SgDI5ceZ3VJzM=
-----END CERTIFICATE-----
Generated at Wed Nov 20 07:02:16 2024 by rpki-client on console-ams.rpki-client.org