Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/7F0S3JMk9s86USLxZoJ6mr-29kk.roa
File: 7F0S3JMk9s86USLxZoJ6mr-29kk.roa (raw, json)
Hash identifier: LB7Q5koLMaUNh4r3sxwUy95j+UfvQgQ6lulquni2PsU=
Subject key identifier: EC:5D:12:DC:93:24:F6:CF:3A:51:22:F1:66:82:7A:9A:BF:B6:F6:49
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0685
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/7F0S3JMk9s86USLxZoJ6mr-29kk.roa
Signing time: Mon 12 Aug 2024 15:55:03 +0000
ROA not before: Mon 12 Aug 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1669 (0x685)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 12 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=EC5D12DC9324F6CF3A5122F166827A9ABFB6F649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f8:a3:55:40:e1:13:ea:41:50:c0:55:f5:32:
ad:22:2f:d5:01:e2:69:a1:29:aa:51:7f:ed:b2:97:
6b:87:fe:eb:0a:ae:89:b0:83:44:e6:b2:21:1f:9d:
9b:2f:af:9d:10:75:c6:3c:81:95:0e:b4:e8:e3:29:
2a:d6:16:32:76:0d:2f:ea:7e:5c:6c:46:52:e2:2b:
35:af:b0:14:3d:c3:85:55:94:60:63:51:38:8c:25:
69:b4:04:bf:0c:a9:72:94:8e:71:79:0e:fd:e3:24:
bd:bd:e3:3d:a7:63:6c:9b:b1:4e:cb:0e:73:b9:7c:
65:16:38:ad:ba:94:cc:26:9b:9b:1e:2e:b2:ca:be:
fe:31:09:ff:0a:73:ad:95:8d:09:ec:c6:c7:ad:97:
2a:d9:70:90:c1:c0:a7:be:94:b1:1f:2b:c2:e1:e6:
2a:fc:56:2e:62:a9:f0:ef:1c:e4:a6:66:f7:59:93:
97:46:95:c2:06:86:f8:79:cf:db:b4:41:6c:5b:bc:
45:a1:de:41:6a:1e:4e:02:0b:0f:fe:4e:38:40:33:
13:ea:08:61:a6:a7:bb:81:9c:fc:26:3f:7c:e3:87:
ed:d8:38:fe:14:f8:91:d5:13:ae:6f:da:ea:7a:a0:
57:8c:14:05:1e:34:db:dc:93:86:68:6d:6c:45:b2:
7f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5D:12:DC:93:24:F6:CF:3A:51:22:F1:66:82:7A:9A:BF:B6:F6:49
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/7F0S3JMk9s86USLxZoJ6mr-29kk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:e2:c1:17:63:62:1b:a8:a3:72:56:90:09:7c:e5:f3:03:9a:
0f:45:9e:33:c2:7b:9e:ea:14:df:00:2c:1e:4f:37:1c:8b:af:
75:a3:ff:f2:11:7b:2f:c0:b6:9d:70:b3:66:e1:ab:6b:22:30:
b9:66:28:2a:86:14:3d:50:e5:63:54:eb:6a:92:6c:71:ef:ef:
30:e4:9b:36:c2:9e:c0:85:41:30:31:63:30:30:b7:0b:58:b8:
62:7b:97:cc:eb:02:f2:5a:a2:b0:8d:42:61:a6:d5:12:75:a3:
fe:dc:9c:e9:60:77:62:f2:46:06:39:d7:ca:d4:f8:68:4a:94:
fb:a0:88:d0:fb:4c:f2:42:c3:db:62:15:77:33:a8:7c:72:f7:
95:8f:ae:64:3f:4f:75:16:20:3f:13:f5:38:f5:a9:4d:03:e0:
7a:09:26:69:02:73:54:49:8e:98:65:5b:59:97:54:09:9f:b2:
51:ca:d6:27:13:fb:0e:aa:c0:f5:e8:ad:2d:66:34:82:1a:c5:
25:0d:8f:05:41:d9:df:22:40:5b:29:aa:8e:7a:b5:b4:de:3f:
d2:d4:1d:d6:bf:68:15:9b:42:b3:43:91:1b:c9:f4:55:d2:b1:
d4:26:ce:20:d4:f9:7b:30:ba:9f:5b:04:30:7b:73:28:e0:80:
d3:27:9b:2b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEVDNUQxMkRDOTMyNEY2
Q0YzQTUxMjJGMTY2ODI3QTlBQkZCNkY2NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv+KNVQOET6kFQwFX1Mq0iL9UB4mmhKapRf+2yl2uH/usKromw
g0TmsiEfnZsvr50QdcY8gZUOtOjjKSrWFjJ2DS/qflxsRlLiKzWvsBQ9w4VVlGBj
UTiMJWm0BL8MqXKUjnF5Dv3jJL294z2nY2ybsU7LDnO5fGUWOK26lMwmm5seLrLK
vv4xCf8Kc62VjQnsxsetlyrZcJDBwKe+lLEfK8Lh5ir8Vi5iqfDvHOSmZvdZk5dG
lcIGhvh5z9u0QWxbvEWh3kFqHk4CCw/+TjhAMxPqCGGmp7uBnPwmP3zjh+3YOP4U
+JHVE65v2up6oFeMFAUeNNvck4ZobWxFsn+dAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU7F0S3JMk9s86USLxZoJ6mr+29kkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzdGMFMzSk1rOXM4NlVT
THhab0o2bXItMjlray5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKfiwRdjYhuoo3JWkAl85fMDmg9FnjPCe57q
FN8ALB5PNxyLr3Wj//IRey/Atp1ws2bhq2siMLlmKCqGFD1Q5WNU62qSbHHv7zDk
mzbCnsCFQTAxYzAwtwtYuGJ7l8zrAvJaorCNQmGm1RJ1o/7cnOlgd2LyRgY518rU
+GhKlPugiND7TPJCw9tiFXczqHxy95WPrmQ/T3UWID8T9Tj1qU0D4HoJJmkCc1RJ
jphlW1mXVAmfslHK1icT+w6qwPXorS1mNIIaxSUNjwVB2d8iQFspqo56tbTeP9LU
Hda/aBWbQrNDkRvJ9FXSsdQmziDU+Xswup9bBDB7cyjggNMnmys=
-----END CERTIFICATE-----
Generated at Mon Aug 12 22:20:44 2024 by rpki-client on console-ams.rpki-client.org