Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/9abOU-hFw64SmEBzX5YOba40i2w.roa
File: 9abOU-hFw64SmEBzX5YOba40i2w.roa (raw, json)
Hash identifier: wkYnPMos5Yvf0kMoZm2kkEU762oT149gt2LOCkTL5iw=
Subject key identifier: F5:A6:CE:53:E8:45:C3:AE:12:98:40:73:5F:96:0E:6D:AE:34:8B:6C
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01ED
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/9abOU-hFw64SmEBzX5YOba40i2w.roa
Signing time: Wed 03 Apr 2024 23:55:03 +0000
ROA not before: Wed 03 Apr 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 493 (0x1ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 3 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F5A6CE53E845C3AE129840735F960E6DAE348B6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:77:aa:08:a5:b2:95:1d:cf:a2:9d:a7:c6:bb:
2f:be:21:93:48:50:2c:6a:20:83:3f:35:90:d1:69:
12:95:0c:6c:1b:d6:f0:07:2c:f2:44:4f:86:4c:3d:
e5:fc:e6:11:34:b8:4d:d1:ce:57:e1:2a:29:32:67:
e9:81:ff:07:c8:08:6d:df:e6:4d:a6:44:37:90:5b:
ce:be:13:fc:50:96:64:7e:7e:67:89:5d:67:ca:d5:
b1:dc:47:82:97:ac:fe:c2:93:3d:61:ea:3f:b6:9b:
82:7f:63:0c:3a:39:d1:8d:42:9d:df:19:ca:9c:a8:
d5:49:71:77:e9:52:b8:e3:d4:19:5a:9c:a7:64:fd:
b1:6e:f0:fd:2c:0a:52:84:14:68:17:8b:f6:6d:a3:
93:04:b4:e0:58:73:20:a8:6d:26:df:9c:f2:33:59:
41:ae:cd:e2:b4:5a:01:63:aa:a0:04:4f:70:e1:e3:
76:2c:c8:3d:6f:a0:d2:ac:07:db:31:43:9d:08:02:
9f:95:01:d3:a1:6f:f0:a1:2b:49:28:38:87:88:80:
3c:d6:99:93:0a:4b:e1:59:f7:f1:eb:dc:89:8e:7c:
df:4b:59:33:38:41:22:b3:99:ec:1c:d3:f6:63:2f:
ba:a1:a3:1f:fb:c8:50:f5:3a:1c:8f:85:1e:14:a7:
a8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A6:CE:53:E8:45:C3:AE:12:98:40:73:5F:96:0E:6D:AE:34:8B:6C
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/9abOU-hFw64SmEBzX5YOba40i2w.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:21:48:55:83:07:c4:cd:3b:3f:9d:78:df:b3:a2:3a:af:ac:
01:bf:32:b7:d0:a4:d8:49:69:3e:e8:62:4b:5a:8a:e1:18:eb:
09:b9:7f:80:9c:7d:07:21:2d:df:96:4e:15:ab:75:b2:5a:92:
dd:33:f9:72:e7:a7:2d:cd:0a:94:af:03:6a:b2:f8:98:bb:8c:
60:f8:38:ca:e2:7f:8d:df:0a:5e:dd:e5:5a:b8:36:67:56:46:
22:5d:a1:fb:5f:ba:58:e5:62:1c:03:0c:27:75:c2:77:b1:51:
e8:4f:c3:ef:eb:32:7b:da:15:d5:95:da:00:71:3d:bd:32:9b:
58:9d:68:1e:f8:b1:98:ce:4d:f4:11:25:de:a9:5a:45:6a:86:
bb:8a:41:ef:e2:c3:1a:0e:0d:8d:15:fe:4b:68:28:38:64:f6:
e2:63:3e:a7:ea:be:03:98:e1:8c:55:1e:27:b0:7d:6f:ea:00:
34:74:ea:74:a1:43:7d:f3:6c:11:b7:57:10:ca:6a:a2:3d:7b:
cb:bd:32:ba:07:2e:f5:5f:94:31:5a:03:6e:29:77:57:de:48:
3e:56:a5:a8:c4:f3:18:c2:b5:79:b1:bc:63:0a:9d:f7:d1:12:
f3:0b:a1:0b:d3:3e:e8:36:22:e4:87:4d:37:54:00:40:60:7b:
dc:4a:d8:50
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDMy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEY1QTZDRTUzRTg0NUMz
QUUxMjk4NDA3MzVGOTYwRTZEQUUzNDhCNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBd6oIpbKVHc+inafGuy++IZNIUCxqIIM/NZDRaRKVDGwb1vAH
LPJET4ZMPeX85hE0uE3RzlfhKikyZ+mB/wfICG3f5k2mRDeQW86+E/xQlmR+fmeJ
XWfK1bHcR4KXrP7Ckz1h6j+2m4J/Yww6OdGNQp3fGcqcqNVJcXfpUrjj1BlanKdk
/bFu8P0sClKEFGgXi/Zto5MEtOBYcyCobSbfnPIzWUGuzeK0WgFjqqAET3Dh43Ys
yD1voNKsB9sxQ50IAp+VAdOhb/ChK0koOIeIgDzWmZMKS+FZ9/Hr3ImOfN9LWTM4
QSKzmewc0/ZjL7qhox/7yFD1OhyPhR4Up6gvAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU9abOU+hFw64SmEBzX5YOba40i2wwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzlhYk9VLWhGdzY0U21F
QnpYNVlPYmE0MGkydy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALQhSFWDB8TNOz+deN+zojqvrAG/MrfQpNhJ
aT7oYktaiuEY6wm5f4CcfQchLd+WThWrdbJakt0z+XLnpy3NCpSvA2qy+Ji7jGD4
OMrif43fCl7d5Vq4NmdWRiJdoftfuljlYhwDDCd1wnexUehPw+/rMnvaFdWV2gBx
Pb0ym1idaB74sZjOTfQRJd6pWkVqhruKQe/iwxoODY0V/ktoKDhk9uJjPqfqvgOY
4YxVHiewfW/qADR06nShQ33zbBG3VxDKaqI9e8u9MroHLvVflDFaA24pd1feSD5W
pajE8xjCtXmxvGMKnffREvMLoQvTPug2IuSHTTdUAEBge9xK2FA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org