Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/20aNUbx4GtmJWsQpoTuzIaKEMg4.roa
File: 20aNUbx4GtmJWsQpoTuzIaKEMg4.roa (raw, json)
Hash identifier: WJMit5YPz1TTaK1QJr6kz9AzUf0hWtV4NAL7w13FalQ=
Subject key identifier: DB:46:8D:51:BC:78:1A:D9:89:5A:C4:29:A1:3B:B3:21:A2:84:32:0E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0703
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/20aNUbx4GtmJWsQpoTuzIaKEMg4.roa
Signing time: Mon 26 Aug 2024 15:55:02 +0000
ROA not before: Mon 26 Aug 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1795 (0x703)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 26 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DB468D51BC781AD9895AC429A13BB321A284320E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:28:b5:2b:72:2f:0d:51:66:4b:d8:59:dd:d8:
e2:13:8f:14:7b:f3:c0:58:93:99:57:05:4a:61:d1:
9a:8f:b4:fe:b7:c5:0c:b5:eb:46:bb:a5:48:45:65:
7a:29:9a:27:7c:09:75:23:25:30:f5:da:39:b4:d1:
8e:45:be:00:51:e4:43:73:a8:32:42:09:d9:81:3e:
83:45:a2:3b:0a:15:48:83:8e:6f:10:63:5d:88:90:
29:0e:da:0f:6b:42:13:90:8c:53:e6:21:89:fc:78:
c5:47:51:24:14:33:dd:46:23:a4:ca:03:e1:fd:c7:
f6:66:6b:9e:28:a6:67:9a:d2:35:8b:96:2a:d9:f8:
99:23:17:10:65:b5:20:08:5e:ed:f6:74:be:21:07:
5b:62:27:82:68:09:0a:b0:47:89:35:f2:9f:a1:33:
1d:61:20:6c:bd:18:6b:60:aa:9d:a5:44:28:5d:97:
b3:99:83:0a:71:ff:b6:5d:16:fe:a5:0f:01:e5:5a:
db:30:60:6b:ef:e5:90:7c:a5:52:d9:f7:1d:6b:4f:
a2:2d:52:20:fb:76:fd:f6:1c:2c:a9:9a:eb:65:de:
c2:91:3b:7d:5b:f0:57:a8:52:f8:20:15:b5:56:31:
b2:da:79:7d:a4:3d:e4:4d:48:48:9c:a7:c8:07:d6:
ee:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:46:8D:51:BC:78:1A:D9:89:5A:C4:29:A1:3B:B3:21:A2:84:32:0E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/20aNUbx4GtmJWsQpoTuzIaKEMg4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
11:80:55:dd:d7:10:20:62:04:0f:59:24:b1:10:fe:e3:89:b1:
7d:6e:05:47:06:5a:70:23:4c:34:f1:fe:99:1f:31:e7:34:d6:
23:f4:ad:2d:0a:73:84:78:a2:33:08:27:47:3a:89:b9:f3:16:
87:78:be:9a:3f:f1:fb:3e:de:00:5f:fe:62:a0:91:4e:64:b3:
7e:34:6e:96:58:1b:4b:2c:f8:74:d5:a8:0f:e7:a1:53:c9:f5:
29:31:4f:0b:ed:77:99:85:c9:4c:7a:56:4f:7f:e7:bc:7d:2e:
ee:5c:bd:15:9b:c6:ba:f5:54:43:c1:4c:51:cd:cb:37:6a:0c:
c6:34:62:0b:93:82:8d:16:d7:5d:90:59:5b:11:9c:88:4e:e7:
67:85:01:d5:bf:29:33:c8:da:93:df:ed:6b:d0:8f:1b:4a:ae:
ec:14:66:c3:fc:04:59:4d:15:af:eb:eb:92:79:37:b3:df:d1:
1e:1f:0c:51:c7:61:13:d8:63:c1:77:c0:ab:8f:80:54:bc:35:
ff:e4:64:e7:d5:7e:9f:8e:f2:2f:58:e8:bb:73:7c:87:37:6a:
35:63:71:91:63:54:65:35:34:09:2b:08:7a:ae:de:96:e0:bc:
e4:3b:59:21:f2:b5:7b:5f:73:80:18:29:c8:85:25:62:6d:3b:
fd:be:c5:c2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjYx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERCNDY4RDUxQkM3ODFB
RDk4OTVBQzQyOUExM0JCMzIxQTI4NDMyMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCKLUrci8NUWZL2Fnd2OITjxR788BYk5lXBUph0ZqPtP63xQy1
60a7pUhFZXopmid8CXUjJTD12jm00Y5FvgBR5ENzqDJCCdmBPoNFojsKFUiDjm8Q
Y12IkCkO2g9rQhOQjFPmIYn8eMVHUSQUM91GI6TKA+H9x/Zma54opmea0jWLlirZ
+JkjFxBltSAIXu32dL4hB1tiJ4JoCQqwR4k18p+hMx1hIGy9GGtgqp2lRChdl7OZ
gwpx/7ZdFv6lDwHlWtswYGvv5ZB8pVLZ9x1rT6ItUiD7dv32HCypmutl3sKRO31b
8FeoUvggFbVWMbLaeX2kPeRNSEicp8gH1u7XAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU20aNUbx4GtmJWsQpoTuzIaKEMg4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzIwYU5VYng0R3RtSldz
UXBvVHV6SWFLRU1nNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABGAVd3XECBiBA9ZJLEQ/uOJsX1uBUcGWnAj
TDTx/pkfMec01iP0rS0Kc4R4ojMIJ0c6ibnzFod4vpo/8fs+3gBf/mKgkU5ks340
bpZYG0ss+HTVqA/noVPJ9SkxTwvtd5mFyUx6Vk9/57x9Lu5cvRWbxrr1VEPBTFHN
yzdqDMY0YguTgo0W112QWVsRnIhO52eFAdW/KTPI2pPf7WvQjxtKruwUZsP8BFlN
Fa/r65J5N7Pf0R4fDFHHYRPYY8F3wKuPgFS8Nf/kZOfVfp+O8i9Y6LtzfIc3ajVj
cZFjVGU1NAkrCHqu3pbgvOQ7WSHytXtfc4AYKciFJWJtO/2+xcI=
-----END CERTIFICATE-----
Generated at Mon Aug 26 22:09:48 2024 by rpki-client on console-ams.rpki-client.org