Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/3bopk32HFB0MoW8f93AVZ2kiauc.roa
File: 3bopk32HFB0MoW8f93AVZ2kiauc.roa (raw, json)
Hash identifier: irDPpJE5XB5XG8LgEd2Cr8EOs/L04F/aOJx2HwB5Hzg=
Subject key identifier: DD:BA:29:93:7D:87:14:1D:0C:A1:6F:1F:F7:70:15:67:69:22:6A:E7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0673
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3bopk32HFB0MoW8f93AVZ2kiauc.roa
Signing time: Sat 10 Aug 2024 15:55:03 +0000
ROA not before: Sat 10 Aug 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1651 (0x673)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 10 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DDBA29937D87141D0CA16F1FF770156769226AE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:00:e9:97:76:d6:28:fd:ac:83:df:16:99:32:
04:56:3a:c0:82:2b:6e:2c:48:2a:c2:ed:a1:b3:5e:
81:a1:80:41:2f:16:e0:7c:0e:f3:fb:25:1a:70:66:
e4:d1:79:97:fd:4b:bf:4a:8b:56:15:84:49:69:01:
b5:49:0e:fc:55:93:be:d8:a0:2d:24:d7:bf:5e:39:
5e:31:8a:35:8f:25:12:5c:1c:00:1c:8b:16:4b:e7:
6e:e7:0d:52:22:56:b2:1a:bc:6c:f8:98:de:ae:b2:
43:84:b3:bc:3d:c8:c9:64:a7:36:8d:47:12:c2:70:
e5:8d:d0:64:eb:9a:ca:aa:40:2c:22:64:c9:27:df:
6a:b0:bf:65:bf:5a:08:a1:6b:f0:7e:85:22:38:1a:
f3:04:a2:41:b1:da:fe:d4:07:1b:6d:0e:64:1e:f5:
bc:00:05:1e:43:59:f8:68:d2:96:3d:14:0d:a5:b8:
ff:6e:73:75:cc:0b:ec:56:63:18:4a:69:43:49:f9:
38:31:45:ed:48:11:7e:7d:64:d6:00:ee:77:46:e9:
0f:3c:88:a2:7d:c8:54:01:d1:30:a5:b9:87:05:89:
d1:a1:a2:7d:7f:36:3b:99:23:46:90:78:e1:38:3c:
c6:44:17:a2:98:1a:bf:7f:67:86:8d:7a:ee:7d:b0:
49:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BA:29:93:7D:87:14:1D:0C:A1:6F:1F:F7:70:15:67:69:22:6A:E7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3bopk32HFB0MoW8f93AVZ2kiauc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:63:9e:55:b6:fa:a6:0c:64:c2:aa:87:22:52:65:db:4d:79:
d8:4f:71:0b:d1:eb:a6:45:ea:04:67:74:e2:18:ca:93:0f:81:
c6:6f:e3:b3:be:4e:ac:fe:d2:ca:60:b8:35:6c:7e:6d:ae:0b:
6b:04:5b:43:80:37:32:b4:37:d7:ba:f7:cb:2f:36:03:0e:fe:
31:f6:12:78:e7:2e:8c:25:5e:e7:9f:31:bb:ef:f7:a6:50:4b:
6d:09:8b:d0:67:5b:60:0e:7b:29:2a:77:85:66:b8:d8:4f:f9:
74:55:59:b8:09:5b:a3:72:71:67:8e:13:75:7f:6f:d8:f9:84:
d4:4c:6c:b0:f3:ea:39:2e:24:ec:33:2d:e6:9c:b0:e4:c7:2b:
26:87:79:29:fe:69:0f:e2:d7:eb:21:34:7f:d4:d6:e7:fb:40:
51:79:b5:d2:d3:4a:29:fb:6d:d8:f8:28:9b:ee:3f:70:1b:d4:
cb:9b:83:28:d8:4c:53:b8:16:7a:d1:00:6f:56:7b:e2:2a:b5:
db:d7:88:95:a9:16:9a:09:e7:66:e4:ef:fd:65:37:3a:4f:2c:
46:63:e9:51:52:06:84:ce:3c:28:5c:07:45:fc:0f:0c:ce:37:
e0:ac:da:bf:b6:e0:24:f0:e4:39:46:89:b0:55:07:6f:04:b7:
01:8f:5b:02
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBnMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTAx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEREQkEyOTkzN0Q4NzE0
MUQwQ0ExNkYxRkY3NzAxNTY3NjkyMjZBRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtAOmXdtYo/ayD3xaZMgRWOsCCK24sSCrC7aGzXoGhgEEvFuB8
DvP7JRpwZuTReZf9S79Ki1YVhElpAbVJDvxVk77YoC0k179eOV4xijWPJRJcHAAc
ixZL527nDVIiVrIavGz4mN6uskOEs7w9yMlkpzaNRxLCcOWN0GTrmsqqQCwiZMkn
32qwv2W/Wgiha/B+hSI4GvMEokGx2v7UBxttDmQe9bwABR5DWfho0pY9FA2luP9u
c3XMC+xWYxhKaUNJ+TgxRe1IEX59ZNYA7ndG6Q88iKJ9yFQB0TCluYcFidGhon1/
NjuZI0aQeOE4PMZEF6KYGr9/Z4aNeu59sEnNAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU3bopk32HFB0MoW8f93AVZ2kiaucwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzNib3BrMzJIRkIwTW9X
OGY5M0FWWjJraWF1Yy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANxjnlW2+qYMZMKqhyJSZdtNedhPcQvR66ZF
6gRndOIYypMPgcZv47O+Tqz+0spguDVsfm2uC2sEW0OANzK0N9e698svNgMO/jH2
EnjnLowlXuefMbvv96ZQS20Ji9BnW2AOeykqd4VmuNhP+XRVWbgJW6NycWeOE3V/
b9j5hNRMbLDz6jkuJOwzLeacsOTHKyaHeSn+aQ/i1+shNH/U1uf7QFF5tdLTSin7
bdj4KJvuP3Ab1MubgyjYTFO4FnrRAG9We+IqtdvXiJWpFpoJ52bk7/1lNzpPLEZj
6VFSBoTOPChcB0X8DwzON+Cs2r+24CTw5DlGibBVB28EtwGPWwI=
-----END CERTIFICATE-----
Generated at Sat Aug 10 23:00:53 2024 by rpki-client on console-fra.rpki-client.org