Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/EZhF5vGJZJ8x-2ldoVBAoemfZko.roa
File: EZhF5vGJZJ8x-2ldoVBAoemfZko.roa (raw, json)
Hash identifier: bxjYG+nSghRoQI0hgz783XMqE08T0ygq04XFxFez0oY=
Subject key identifier: 11:98:45:E6:F1:89:64:9F:31:FB:69:5D:A1:50:40:A1:E9:9F:66:4A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0538
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/EZhF5vGJZJ8x-2ldoVBAoemfZko.roa
Signing time: Sat 06 Jul 2024 15:55:04 +0000
ROA not before: Sat 06 Jul 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jul 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1336 (0x538)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 6 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=119845E6F189649F31FB695DA15040A1E99F664A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:b3:7b:2b:97:8e:01:3c:f7:83:0f:78:6b:
41:48:76:b9:05:ff:2e:a5:67:58:e5:f8:43:f4:03:
27:1c:32:95:35:dd:2c:be:14:c9:14:df:67:4d:79:
61:f4:8b:4c:ca:d6:04:37:38:23:b2:f6:d5:25:b7:
5f:29:9e:83:ec:03:22:fa:f7:c8:d3:ed:c5:03:38:
cf:60:31:ab:8d:8e:9b:0d:41:c6:df:53:8b:17:a5:
b4:9f:5a:ae:88:9f:a3:2e:79:bc:1a:9c:ad:ab:8f:
71:24:a6:d1:00:8b:aa:39:69:42:ac:9c:d4:53:68:
41:11:6c:21:e1:6a:4d:2b:8e:3b:39:70:84:d1:63:
a2:e2:ca:e0:d4:e0:09:ea:a1:cf:54:a5:22:d1:e1:
66:78:fa:3f:ee:5e:89:ff:6a:54:28:ae:14:a8:4c:
f3:6e:5d:08:f6:fb:03:fa:f3:f8:e7:15:d5:3f:cf:
b4:59:46:a8:3a:f6:a6:45:13:2f:60:76:99:c9:38:
56:1e:bd:6e:24:5f:09:48:e9:33:ec:99:0e:d2:51:
07:8a:06:28:45:7e:c3:3d:6e:94:3f:4e:ef:04:04:
42:99:03:e0:59:9f:ef:f7:7a:23:fe:84:a6:a6:61:
f3:41:8d:61:f3:0c:6e:82:64:64:72:80:59:39:4c:
3c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:98:45:E6:F1:89:64:9F:31:FB:69:5D:A1:50:40:A1:E9:9F:66:4A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/EZhF5vGJZJ8x-2ldoVBAoemfZko.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:d3:01:41:01:05:64:b5:48:fd:47:ac:48:7d:72:54:4b:9b:
10:99:92:d9:fd:06:a2:59:1d:a6:11:cf:2f:aa:f1:a2:50:79:
97:c4:71:22:d9:f6:0d:b7:3b:b3:bb:90:2c:16:68:8b:ac:95:
5d:0d:76:f2:c8:f2:f4:f4:ab:73:2a:2a:f1:67:e3:ac:18:f9:
d9:e7:b9:36:3f:18:be:5c:78:16:86:3c:61:c5:51:42:c4:4d:
bf:ed:e1:2d:aa:f1:c4:65:e7:bc:ce:e4:39:ae:19:21:94:ac:
77:2b:03:87:90:d1:eb:9b:14:4b:97:10:76:76:98:80:71:0c:
4c:5a:0a:4a:95:0c:1f:a7:1b:f1:bf:10:bc:00:91:93:f2:91:
2a:e5:ad:4c:7d:9c:f5:85:9d:71:a0:93:38:0a:e0:15:a2:63:
32:72:d6:fa:e6:d3:8e:f4:0e:fd:c7:8a:f8:04:3b:5f:5b:bb:
31:43:21:fb:4a:ac:3a:b3:30:02:be:fb:40:1b:de:fb:02:99:
f0:fe:05:3d:52:11:eb:4f:52:6a:40:e0:2f:d2:6e:36:f0:75:
3f:21:b9:c9:2d:c8:82:73:94:18:91:47:72:96:df:ea:63:66:
41:84:e4:44:a2:e9:2f:2d:c8:68:8b:a2:f1:d2:8d:d5:8e:fd:
db:51:6d:fc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MDYx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDExOTg0NUU2RjE4OTY0
OUYzMUZCNjk1REExNTA0MEExRTk5RjY2NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2xLN7K5eOATz3gw94a0FIdrkF/y6lZ1jl+EP0AyccMpU13Sy+
FMkU32dNeWH0i0zK1gQ3OCOy9tUlt18pnoPsAyL698jT7cUDOM9gMauNjpsNQcbf
U4sXpbSfWq6In6MuebwanK2rj3EkptEAi6o5aUKsnNRTaEERbCHhak0rjjs5cITR
Y6LiyuDU4Anqoc9UpSLR4WZ4+j/uXon/alQorhSoTPNuXQj2+wP68/jnFdU/z7RZ
Rqg69qZFEy9gdpnJOFYevW4kXwlI6TPsmQ7SUQeKBihFfsM9bpQ/Tu8EBEKZA+BZ
n+/3eiP+hKamYfNBjWHzDG6CZGRygFk5TDwJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUEZhF5vGJZJ8x+2ldoVBAoemfZkowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0VaaEY1dkdKWko4eC0y
bGRvVkJBb2VtZlprby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJ/TAUEBBWS1SP1HrEh9clRLmxCZktn9BqJZ
HaYRzy+q8aJQeZfEcSLZ9g23O7O7kCwWaIuslV0NdvLI8vT0q3MqKvFn46wY+dnn
uTY/GL5ceBaGPGHFUULETb/t4S2q8cRl57zO5DmuGSGUrHcrA4eQ0eubFEuXEHZ2
mIBxDExaCkqVDB+nG/G/ELwAkZPykSrlrUx9nPWFnXGgkzgK4BWiYzJy1vrm0470
Dv3HivgEO19buzFDIftKrDqzMAK++0Ab3vsCmfD+BT1SEetPUmpA4C/SbjbwdT8h
ucktyIJzlBiRR3KW3+pjZkGE5ESi6S8tyGiLovHSjdWO/dtRbfw=
-----END CERTIFICATE-----
Generated at Sat Jul 6 20:58:14 2024 by rpki-client on console-ams.rpki-client.org