Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/DNxQgT5gMJTpwSm7MT-k346D0_A.roa
File: DNxQgT5gMJTpwSm7MT-k346D0_A.roa (raw, json)
Hash identifier: dAyjM35n1ngTinMHLIKskLARss4an1obHx/+GaG9lOQ=
Subject key identifier: 0C:DC:50:81:3E:60:30:94:E9:C1:29:BB:31:3F:A4:DF:8E:83:D3:F0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08D1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/DNxQgT5gMJTpwSm7MT-k346D0_A.roa
Signing time: Wed 16 Oct 2024 23:55:03 +0000
ROA not before: Wed 16 Oct 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2257 (0x8d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 16 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0CDC50813E603094E9C129BB313FA4DF8E83D3F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4a:d4:7f:58:db:4a:8b:b1:47:4c:3a:e5:df:
bc:db:76:bb:07:17:04:2e:80:cd:a5:7d:62:50:ba:
2a:39:a3:72:7c:c3:85:d5:72:13:7e:02:09:cb:70:
81:0c:87:e8:89:fc:58:54:d6:f7:41:08:9e:ba:74:
9e:6d:e0:0a:ca:29:44:b9:05:b6:27:cc:ca:94:e5:
7f:05:1b:2a:f1:c2:74:a3:4a:34:6f:32:b0:c2:56:
7e:0c:39:97:fa:1e:8e:ac:36:f8:85:53:fb:f4:e9:
2b:58:5e:06:43:61:e7:64:89:d6:96:06:73:98:c2:
86:9e:71:fd:a8:a5:20:b1:2e:f4:53:f6:b9:57:6d:
18:52:29:41:04:c0:7a:02:20:96:24:fa:fa:33:fb:
71:47:1f:af:10:8c:66:6d:28:e8:6d:13:00:e6:cd:
89:74:82:c8:2d:2a:a6:c1:f3:2b:c7:b8:0a:54:10:
82:80:8e:da:dc:de:e4:69:be:12:5b:f8:1d:fd:70:
4e:18:f6:af:ae:42:6c:70:ec:bb:f3:32:5f:50:af:
10:1b:18:67:f8:fa:88:39:19:ed:c0:e5:da:ea:63:
b5:90:5f:57:5c:9c:77:5b:82:19:a3:a9:55:ce:53:
1c:c4:61:87:33:82:57:e3:a4:21:b5:eb:78:d8:1e:
91:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DC:50:81:3E:60:30:94:E9:C1:29:BB:31:3F:A4:DF:8E:83:D3:F0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/DNxQgT5gMJTpwSm7MT-k346D0_A.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
83:d8:13:da:d7:2b:97:a4:61:d4:ac:b3:3c:25:96:45:6c:2b:
dc:c0:b5:4d:c4:b3:e4:fd:e4:68:df:cb:51:7a:b2:00:8c:18:
c6:b3:d6:b7:81:fc:37:30:6a:17:e5:c0:0e:26:9b:45:7b:cf:
b6:46:57:cc:9c:0d:9f:54:e8:9a:58:c2:69:c8:fb:12:47:13:
c4:bd:b0:d6:65:23:81:c7:51:f5:f9:c5:bc:e0:f7:41:c2:24:
83:90:c4:90:e3:ff:3e:e4:d8:12:8c:fb:ed:3a:56:52:42:bb:
c7:4e:76:d7:e8:7c:c7:0d:cc:b2:91:c3:99:d1:b9:b1:10:ed:
d5:12:1a:c8:7d:fc:0f:6a:8f:9e:37:a0:83:db:3a:58:7e:b7:
4b:6d:ca:d8:89:d2:14:3a:d9:b9:a4:15:db:a3:a0:3a:39:82:
cd:aa:6b:58:de:36:6e:b3:19:ab:48:ed:34:56:85:3b:4d:ab:
4e:77:4c:07:27:76:06:22:d2:25:b8:da:5c:17:5d:44:3d:d7:
0b:5c:e5:fc:22:a5:d1:27:1c:79:31:1c:41:77:af:85:20:19:
ed:87:5c:46:63:03:35:6e:6a:9b:4e:a2:30:d1:2f:f2:fa:50:
2b:ca:7a:0d:98:cb:02:81:8f:1c:42:6e:da:41:08:81:97:89:
be:6b:7e:5c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTYy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBDREM1MDgxM0U2MDMw
OTRFOUMxMjlCQjMxM0ZBNERGOEU4M0QzRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiStR/WNtKi7FHTDrl37zbdrsHFwQugM2lfWJQuio5o3J8w4XV
chN+AgnLcIEMh+iJ/FhU1vdBCJ66dJ5t4ArKKUS5BbYnzMqU5X8FGyrxwnSjSjRv
MrDCVn4MOZf6Ho6sNviFU/v06StYXgZDYedkidaWBnOYwoaecf2opSCxLvRT9rlX
bRhSKUEEwHoCIJYk+voz+3FHH68QjGZtKOhtEwDmzYl0gsgtKqbB8yvHuApUEIKA
jtrc3uRpvhJb+B39cE4Y9q+uQmxw7LvzMl9QrxAbGGf4+og5Ge3A5drqY7WQX1dc
nHdbghmjqVXOUxzEYYczglfjpCG163jYHpFtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUDNxQgT5gMJTpwSm7MT+k346D0/AwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0ROeFFnVDVnTUpUcHdT
bTdNVC1rMzQ2RDBfQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIPYE9rXK5ekYdSsszwllkVsK9zAtU3Es+T9
5Gjfy1F6sgCMGMaz1reB/DcwahflwA4mm0V7z7ZGV8ycDZ9U6JpYwmnI+xJHE8S9
sNZlI4HHUfX5xbzg90HCJIOQxJDj/z7k2BKM++06VlJCu8dOdtfofMcNzLKRw5nR
ubEQ7dUSGsh9/A9qj543oIPbOlh+t0ttytiJ0hQ62bmkFdujoDo5gs2qa1jeNm6z
GatI7TRWhTtNq053TAcndgYi0iW42lwXXUQ91wtc5fwipdEnHHkxHEF3r4UgGe2H
XEZjAzVuaptOojDRL/L6UCvKeg2YywKBjxxCbtpBCIGXib5rflw=
-----END CERTIFICATE-----
Generated at Thu Oct 17 05:40:57 2024 by rpki-client on console-fra.rpki-client.org