Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/40NcTOcsV_KQz5f1BPsSvVFpQDc.roa
File: 40NcTOcsV_KQz5f1BPsSvVFpQDc.roa (raw, json)
Hash identifier: A88o90Pe37dNckwVS5eJqjv5JmbuWhsSSQchdi4cnO4=
Subject key identifier: E3:43:5C:4C:E7:2C:57:F2:90:CF:97:F5:04:FB:12:BD:51:69:40:37
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 068E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/40NcTOcsV_KQz5f1BPsSvVFpQDc.roa
Signing time: Tue 13 Aug 2024 15:55:04 +0000
ROA not before: Tue 13 Aug 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1678 (0x68e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 13 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E3435C4CE72C57F290CF97F504FB12BD51694037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e7:7b:ed:3e:ab:1e:92:01:2c:6c:3a:c2:f8:
45:80:5c:57:ac:e3:a9:fc:6d:01:1d:cc:01:63:cd:
93:d4:05:49:27:24:61:8b:0c:cc:0b:ae:7f:52:54:
a6:6e:13:f0:10:48:9f:6e:25:03:a4:6d:8e:95:09:
26:b3:f6:3c:0e:a9:7d:ec:06:9f:06:b7:2e:88:87:
ba:6a:f7:10:74:e9:41:55:0a:65:ee:cd:d4:0b:d1:
84:1e:47:ea:9f:00:7c:1a:91:9c:7d:0e:8c:86:ec:
46:a7:0b:c2:f3:1c:f9:e4:f1:9c:c8:89:f5:5a:38:
79:22:8d:c1:c8:9f:2b:b1:cc:b3:53:3a:a1:f6:28:
b5:d0:98:3e:07:c9:a5:ff:7b:38:b0:64:d1:6b:51:
a5:72:56:80:67:04:3b:af:1f:2a:a0:99:35:26:00:
56:7f:14:a4:cf:c5:13:0b:73:65:56:b1:3e:e1:18:
b6:c7:79:ec:1f:f4:eb:c6:d0:45:f2:0e:52:51:de:
bc:cd:eb:a8:d1:ba:36:5a:a1:21:7f:9b:d0:f1:a6:
9e:44:51:bd:6d:3f:ef:d6:9a:57:03:85:40:cd:bf:
27:a2:34:b6:ba:36:1d:5d:cd:ce:65:1a:d7:74:0a:
3d:fa:21:bc:df:5b:ca:5d:82:e4:e6:77:07:f7:9b:
42:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:43:5C:4C:E7:2C:57:F2:90:CF:97:F5:04:FB:12:BD:51:69:40:37
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/40NcTOcsV_KQz5f1BPsSvVFpQDc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b2:47:3d:a6:54:ca:d1:d7:7e:fa:19:b4:8a:6f:54:cb:68:
c7:c8:d9:e2:91:5e:71:7d:19:c3:3d:a0:75:ef:43:5c:34:08:
6f:9b:fd:b2:fb:9b:36:10:d4:87:5d:d4:11:28:07:94:bd:75:
64:43:5e:88:37:93:cc:97:72:2b:80:4a:98:9e:10:63:7a:3e:
86:dc:40:a9:e5:c2:16:83:5a:53:1d:ba:50:12:e3:97:4f:0a:
16:e0:74:da:db:54:18:95:53:2d:19:87:43:54:41:00:f9:63:
f2:af:93:c7:52:2d:c4:92:60:74:ca:da:d0:a0:4b:a5:52:b3:
87:29:9f:2a:5e:75:d3:2c:42:35:cc:3a:b9:d7:eb:55:d6:7e:
d3:e7:f5:9e:a9:2d:16:df:41:01:87:a7:f6:e4:68:b7:fe:0a:
e4:cf:e6:b1:0b:84:ec:8b:51:f4:d4:82:61:be:06:d2:58:42:
56:30:af:b8:5f:4f:3d:52:a0:32:89:82:a1:2d:83:7d:0e:92:
8e:fd:bc:6b:f1:b8:8f:37:76:54:3a:9c:72:d0:5c:6a:e2:72:
01:b9:b3:83:5a:2c:12:08:f3:ef:fe:1f:4a:c1:7c:22:e9:ff:
86:9d:c9:b2:05:51:6f:a0:81:2b:f8:c3:a9:7b:ef:59:3e:6e:
57:6d:0e:dc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTMx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUzNDM1QzRDRTcyQzU3
RjI5MENGOTdGNTA0RkIxMkJENTE2OTQwMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDt53vtPqsekgEsbDrC+EWAXFes46n8bQEdzAFjzZPUBUknJGGL
DMwLrn9SVKZuE/AQSJ9uJQOkbY6VCSaz9jwOqX3sBp8Gty6Ih7pq9xB06UFVCmXu
zdQL0YQeR+qfAHwakZx9DoyG7EanC8LzHPnk8ZzIifVaOHkijcHInyuxzLNTOqH2
KLXQmD4HyaX/eziwZNFrUaVyVoBnBDuvHyqgmTUmAFZ/FKTPxRMLc2VWsT7hGLbH
eewf9OvG0EXyDlJR3rzN66jRujZaoSF/m9Dxpp5EUb1tP+/WmlcDhUDNvyeiNLa6
Nh1dzc5lGtd0Cj36IbzfW8pdguTmdwf3m0K7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU40NcTOcsV/KQz5f1BPsSvVFpQDcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzQwTmNUT2NzVl9LUXo1
ZjFCUHNTdlZGcFFEYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJCyRz2mVMrR1376GbSKb1TLaMfI2eKRXnF9
GcM9oHXvQ1w0CG+b/bL7mzYQ1Idd1BEoB5S9dWRDXog3k8yXciuASpieEGN6Pobc
QKnlwhaDWlMdulAS45dPChbgdNrbVBiVUy0Zh0NUQQD5Y/Kvk8dSLcSSYHTK2tCg
S6VSs4cpnypeddMsQjXMOrnX61XWftPn9Z6pLRbfQQGHp/bkaLf+CuTP5rELhOyL
UfTUgmG+BtJYQlYwr7hfTz1SoDKJgqEtg30Oko79vGvxuI83dlQ6nHLQXGricgG5
s4NaLBII8+/+H0rBfCLp/4adybIFUW+ggSv4w6l771k+bldtDtw=
-----END CERTIFICATE-----
Generated at Tue Aug 13 22:07:12 2024 by rpki-client on console-ams.rpki-client.org