Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4k5EosGBIOw6T65yDknL4jAk6U0.roa
File: 4k5EosGBIOw6T65yDknL4jAk6U0.roa (raw, json)
Hash identifier: oRNrMJa4jvt7cihLKPCT5X+I5JePaTPdQPvbUst4oQU=
Subject key identifier: E2:4E:44:A2:C1:81:20:EC:3A:4F:AE:72:0E:49:CB:E2:30:24:E9:4D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0820
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4k5EosGBIOw6T65yDknL4jAk6U0.roa
Signing time: Fri 27 Sep 2024 07:55:03 +0000
ROA not before: Fri 27 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2080 (0x820)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 27 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E24E44A2C18120EC3A4FAE720E49CBE23024E94D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:dd:6e:17:2f:ed:81:d9:6c:97:71:e2:64:c2:
c6:b3:f7:86:6d:20:d5:74:dc:9c:71:2c:2d:50:25:
61:18:9f:35:09:55:63:4f:8a:93:e4:66:8b:22:18:
bc:95:f0:fb:fe:72:e7:dc:28:8e:12:6b:8f:59:6e:
70:ca:a5:dc:76:a8:e7:c0:84:34:e5:c2:e9:9b:5b:
42:89:94:dc:2b:6e:cc:c3:10:83:b5:a3:fd:ca:3f:
ea:c9:c3:2a:e0:6b:04:a2:a2:b1:d8:f0:9d:43:d1:
e3:a5:6e:b7:58:73:ed:23:74:7f:47:c9:f7:10:29:
c9:56:bf:93:5c:ff:ea:fb:dd:6c:39:3c:71:09:81:
e7:03:2b:31:1b:ba:99:60:ac:c0:0a:37:ae:33:ba:
b6:89:fc:c5:17:d8:7e:be:6a:49:03:e0:8f:7e:06:
20:1b:b2:16:b8:d2:40:29:90:e9:b7:f3:9f:9c:b9:
0b:64:ed:30:bc:78:db:a8:3b:53:8a:2c:06:99:69:
9e:c5:7c:53:8a:7b:bf:5f:03:94:93:2d:72:d6:94:
2e:78:db:a5:62:e9:1c:22:a8:8d:64:73:bc:99:59:
3c:a4:a9:6e:2b:55:dc:41:65:aa:fd:47:84:7b:91:
ba:3f:33:0b:8e:d3:34:28:24:e5:c6:83:01:88:fd:
1e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4E:44:A2:C1:81:20:EC:3A:4F:AE:72:0E:49:CB:E2:30:24:E9:4D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4k5EosGBIOw6T65yDknL4jAk6U0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:b3:29:b9:43:bc:25:8e:f1:c4:77:b1:86:cd:56:82:ea:05:
9c:79:07:a4:5f:cb:f9:0b:3c:9c:38:32:41:df:79:5c:c5:88:
92:aa:9c:e8:41:95:aa:8d:22:be:32:a4:0c:5e:b1:bc:50:9e:
15:7c:2f:00:46:c3:55:5a:86:a7:11:c3:9c:8d:59:31:c2:3b:
a1:cc:11:58:43:54:f9:7e:92:0e:f2:02:a3:52:13:de:5e:50:
a3:73:3e:ef:3b:62:63:44:86:f8:aa:f0:94:30:8d:4c:80:5a:
2b:5d:d3:4e:7f:3a:7e:6a:e6:ab:83:10:ce:99:4b:7e:3c:b2:
96:77:cf:82:bc:dc:10:b2:a5:6b:28:3d:d3:2c:27:9e:ae:c0:
c2:91:d1:69:a4:20:83:7d:bb:de:da:e1:db:ef:1c:99:24:f4:
9c:75:1c:a6:ec:9d:6b:aa:81:1a:1f:93:03:1c:d4:64:ba:80:
24:93:7d:70:de:68:d0:5a:6a:d3:28:25:dc:75:3c:b8:f9:06:
04:7e:9c:80:af:b3:23:61:8a:05:1f:91:1a:3b:28:4b:10:97:
a8:ad:38:f9:15:d9:77:d8:34:02:2e:7b:ca:54:48:4b:18:eb:
c1:e8:5b:53:cb:96:c7:fc:17:19:63:65:32:6b:0b:b2:c4:bc:
e7:9a:41:cf
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCCAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5Mjcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUyNEU0NEEyQzE4MTIw
RUMzQTRGQUU3MjBFNDlDQkUyMzAyNEU5NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh3W4XL+2B2WyXceJkwsaz94ZtINV03JxxLC1QJWEYnzUJVWNP
ipPkZosiGLyV8Pv+cufcKI4Sa49ZbnDKpdx2qOfAhDTlwumbW0KJlNwrbszDEIO1
o/3KP+rJwyrgawSiorHY8J1D0eOlbrdYc+0jdH9HyfcQKclWv5Nc/+r73Ww5PHEJ
gecDKzEbuplgrMAKN64zuraJ/MUX2H6+akkD4I9+BiAbsha40kApkOm385+cuQtk
7TC8eNuoO1OKLAaZaZ7FfFOKe79fA5STLXLWlC5426Vi6RwiqI1kc7yZWTykqW4r
VdxBZar9R4R7kbo/MwuO0zQoJOXGgwGI/R5JAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4k5EosGBIOw6T65yDknL4jAk6U0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzRrNUVvc0dCSU93NlQ2
NXlEa25MNGpBazZVMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKWzKblDvCWO8cR3sYbNVoLqBZx5B6Rfy/kL
PJw4MkHfeVzFiJKqnOhBlaqNIr4ypAxesbxQnhV8LwBGw1VahqcRw5yNWTHCO6HM
EVhDVPl+kg7yAqNSE95eUKNzPu87YmNEhviq8JQwjUyAWitd005/On5q5quDEM6Z
S348spZ3z4K83BCypWsoPdMsJ56uwMKR0WmkIIN9u97a4dvvHJkk9Jx1HKbsnWuq
gRofkwMc1GS6gCSTfXDeaNBaatMoJdx1PLj5BgR+nICvsyNhigUfkRo7KEsQl6it
OPkV2XfYNAIue8pUSEsY68HoW1PLlsf8FxljZTJrC7LEvOeaQc8=
-----END CERTIFICATE-----
Generated at Fri Sep 27 14:05:17 2024 by rpki-client on console-ams.rpki-client.org