Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/CbIqgUZHmAHnkbGWpc5KB5znj78.roa
File: CbIqgUZHmAHnkbGWpc5KB5znj78.roa (raw, json)
Hash identifier: tKu4BOB0++6cRvg/8/x+/+hFAEb2zULznFQ36WNm7HY=
Subject key identifier: 09:B2:2A:81:46:47:98:01:E7:91:B1:96:A5:CE:4A:07:9C:E7:8F:BF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 071E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CbIqgUZHmAHnkbGWpc5KB5znj78.roa
Signing time: Thu 29 Aug 2024 15:55:02 +0000
ROA not before: Thu 29 Aug 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1822 (0x71e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 29 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09B22A8146479801E791B196A5CE4A079CE78FBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ab:fc:35:cd:f0:0e:bc:98:bc:03:8a:20:57:
7d:0d:33:a3:f1:75:e8:56:49:fb:36:69:37:a6:42:
ec:35:c4:fd:08:4c:35:42:50:1e:5a:c8:cc:27:8c:
3f:10:d6:49:16:75:02:98:8f:14:60:cb:78:97:ce:
0f:fd:f1:6a:12:24:8f:a9:12:1c:8b:ba:6f:cb:9b:
8f:a5:54:22:4c:4c:57:d2:e2:04:7d:3b:38:fa:69:
ff:dd:ae:b9:10:c8:2b:cc:0a:09:5f:be:af:45:e8:
78:cc:86:54:46:46:9e:58:39:13:e9:0f:f7:44:1f:
0e:4e:ba:2f:44:3a:63:18:bc:71:81:3b:37:ec:9f:
b2:30:72:11:7f:97:46:41:95:e0:21:cb:18:80:34:
27:9e:34:d8:ce:3d:5e:06:85:85:4b:df:fc:e7:65:
7f:e7:b8:82:47:e5:34:79:e4:c3:1d:4a:57:7e:6b:
aa:57:bf:74:2a:cc:d6:0c:82:ab:1b:22:e9:81:60:
6f:2c:b5:5d:b5:66:bf:6a:45:15:41:d3:22:0d:98:
52:ba:f5:34:02:45:f4:67:f3:8f:29:8b:58:4a:1e:
9b:fe:d0:b0:f1:68:58:46:4e:a6:d0:b3:57:8f:c6:
01:33:17:47:51:d1:14:b4:dd:e8:ab:1a:21:a8:b5:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B2:2A:81:46:47:98:01:E7:91:B1:96:A5:CE:4A:07:9C:E7:8F:BF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CbIqgUZHmAHnkbGWpc5KB5znj78.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:7e:11:47:84:1c:b0:b2:70:15:fb:2b:58:e8:a9:a2:a7:23:
f3:73:ea:d3:32:8f:77:df:d8:33:12:91:78:84:04:fc:86:2b:
02:63:b1:28:8b:1d:f3:72:d5:45:a2:84:ad:fe:73:48:9d:a3:
a0:93:ba:44:e4:b3:df:86:f5:86:19:2b:a7:e3:da:78:5f:a1:
0a:0b:6b:b4:95:36:6b:eb:28:68:d5:40:fb:90:cc:f7:83:b2:
8d:25:1d:7b:5b:d8:f0:30:3b:de:3c:3b:17:6d:2b:a5:e5:d0:
05:df:f1:9a:32:f2:97:15:b1:87:39:40:05:28:d0:e4:00:d2:
eb:8f:19:66:1d:33:2b:87:ac:41:c1:f8:26:d8:71:f8:7a:12:
10:33:f5:8c:69:66:33:8c:d2:70:da:cc:2f:a1:a6:ad:3c:41:
c0:b3:7a:23:dc:a6:0d:b4:a0:03:25:33:3c:4a:67:78:fe:78:
02:1b:aa:21:90:23:34:2f:42:71:00:c4:21:99:3d:db:4b:37:
08:bf:91:14:b8:84:d7:c7:7b:10:04:38:40:83:28:27:bf:23:
2a:f4:78:ad:74:73:da:79:62:c7:63:63:83:08:55:2e:46:4e:
f3:29:98:ce:0a:32:df:74:05:85:fa:40:a4:02:d8:e2:92:9c:
87:30:2c:0d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4Mjkx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA5QjIyQTgxNDY0Nzk4
MDFFNzkxQjE5NkE1Q0U0QTA3OUNFNzhGQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+q/w1zfAOvJi8A4ogV30NM6PxdehWSfs2aTemQuw1xP0ITDVC
UB5ayMwnjD8Q1kkWdQKYjxRgy3iXzg/98WoSJI+pEhyLum/Lm4+lVCJMTFfS4gR9
Ozj6af/drrkQyCvMCglfvq9F6HjMhlRGRp5YORPpD/dEHw5Oui9EOmMYvHGBOzfs
n7IwchF/l0ZBleAhyxiANCeeNNjOPV4GhYVL3/znZX/nuIJH5TR55MMdSld+a6pX
v3QqzNYMgqsbIumBYG8stV21Zr9qRRVB0yINmFK69TQCRfRn848pi1hKHpv+0LDx
aFhGTqbQs1ePxgEzF0dR0RS03eirGiGotQb1AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUCbIqgUZHmAHnkbGWpc5KB5znj78wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0NiSXFnVVpIbUFIbmti
R1dwYzVLQjV6bmo3OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMJ+EUeEHLCycBX7K1joqaKnI/Nz6tMyj3ff
2DMSkXiEBPyGKwJjsSiLHfNy1UWihK3+c0ido6CTukTks9+G9YYZK6fj2nhfoQoL
a7SVNmvrKGjVQPuQzPeDso0lHXtb2PAwO948OxdtK6Xl0AXf8Zoy8pcVsYc5QAUo
0OQA0uuPGWYdMyuHrEHB+CbYcfh6EhAz9YxpZjOM0nDazC+hpq08QcCzeiPcpg20
oAMlMzxKZ3j+eAIbqiGQIzQvQnEAxCGZPdtLNwi/kRS4hNfHexAEOECDKCe/Iyr0
eK10c9p5YsdjY4MIVS5GTvMpmM4KMt90BYX6QKQC2OKSnIcwLA0=
-----END CERTIFICATE-----
Generated at Thu Aug 29 21:56:07 2024 by rpki-client on console-ams.rpki-client.org