Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/EhWQdtso707goFRzsSwwW92bPNc.roa
File: EhWQdtso707goFRzsSwwW92bPNc.roa (raw, json)
Hash identifier: NDH0iMwN8hL079/fRtC8xNsVdUiBvCEP6MDgbFa7bw8=
Subject key identifier: 12:15:90:76:DB:28:EF:4E:E0:A0:54:73:B1:2C:30:5B:DD:9B:3C:D7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 030D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/EhWQdtso707goFRzsSwwW92bPNc.roa
Signing time: Sun 05 May 2024 23:55:03 +0000
ROA not before: Sun 05 May 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 03:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 781 (0x30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 5 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12159076DB28EF4EE0A05473B12C305BDD9B3CD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a6:e5:86:b7:59:a2:d4:ed:5e:0b:07:6d:9d:
b6:1f:99:72:95:a5:47:32:9a:82:76:13:e2:c7:69:
09:12:3d:38:86:7c:47:fe:25:ad:d2:90:d3:fc:9d:
21:ac:17:27:b4:d5:f1:dd:8b:e8:e1:d8:f4:9e:23:
64:38:ff:7b:d4:00:ec:8d:9c:6a:c5:fb:bb:4c:e4:
3f:c8:36:b7:a6:15:d5:d2:19:fd:0f:cc:b7:2a:7a:
26:8c:43:f2:85:cd:10:68:6a:44:4c:5f:13:6f:87:
66:a9:fc:5d:44:56:48:ca:64:e6:b3:30:a2:e4:f9:
db:36:f4:51:c4:cd:88:25:e2:ac:4c:80:dc:18:c1:
4c:de:e7:40:dc:2c:a3:95:bb:2c:f5:2d:e7:7b:cf:
c8:3f:26:df:a4:6d:51:1f:8b:b8:43:b8:fc:89:35:
b9:ff:da:d9:7f:fa:3e:a6:5c:4b:e1:7e:4d:ab:05:
56:50:90:46:32:9b:44:14:54:fd:7a:c5:73:90:fa:
d2:a0:d3:7f:27:22:ee:e3:ff:52:47:9a:f5:52:ff:
b5:33:9e:bb:f2:7a:35:a7:ca:c2:99:7c:b3:54:ed:
d9:47:2f:f3:48:c6:49:f8:d3:fe:53:f8:37:34:27:
07:e0:06:82:b7:f0:c2:d5:c4:f3:1e:2a:24:d1:aa:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:15:90:76:DB:28:EF:4E:E0:A0:54:73:B1:2C:30:5B:DD:9B:3C:D7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/EhWQdtso707goFRzsSwwW92bPNc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:a9:ba:97:c2:77:41:47:19:14:34:29:a6:4b:78:b8:8b:2c:
47:69:90:dd:d7:12:2a:5e:05:27:34:85:5b:5a:9c:86:f1:7f:
96:11:00:fc:50:6a:79:fe:d9:ff:f0:3d:ac:8f:60:aa:90:10:
a2:c4:de:26:e9:12:58:9c:0e:41:40:c8:df:f4:44:41:1a:c0:
d3:b6:31:d5:c9:f3:fd:85:bb:8b:e0:3c:15:b2:9b:cd:53:fa:
f0:5a:5a:43:85:97:70:7e:9b:13:df:a2:c9:62:2c:fc:13:96:
eb:73:7a:b5:7f:f9:65:44:c4:f1:1a:79:7a:03:90:48:29:0c:
d5:6d:c4:57:7d:ba:aa:11:bf:98:ea:21:54:a7:15:d8:90:b7:
98:ec:7e:1e:d6:18:c9:64:c3:71:1a:ec:dc:90:de:25:d9:5f:
fc:82:57:07:d5:b6:69:5a:3d:fb:90:bc:4a:8d:35:a2:55:3d:
16:31:c3:9b:c2:62:b2:7f:0b:d2:f3:e9:0d:32:c8:41:d1:21:
09:7f:d1:8f:c7:5c:c5:24:10:62:3a:69:f3:98:df:73:21:f7:
4a:68:12:21:c9:26:b9:e0:f7:b9:e1:13:89:e7:0d:a1:14:78:
4e:41:69:ba:51:33:20:9a:52:24:4c:80:9d:8d:91:e3:61:5a:
7e:09:ab:4f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDUy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDEyMTU5MDc2REIyOEVG
NEVFMEEwNTQ3M0IxMkMzMDVCREQ5QjNDRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6puWGt1mi1O1eCwdtnbYfmXKVpUcymoJ2E+LHaQkSPTiGfEf+
Ja3SkNP8nSGsFye01fHdi+jh2PSeI2Q4/3vUAOyNnGrF+7tM5D/INremFdXSGf0P
zLcqeiaMQ/KFzRBoakRMXxNvh2ap/F1EVkjKZOazMKLk+ds29FHEzYgl4qxMgNwY
wUze50DcLKOVuyz1Led7z8g/Jt+kbVEfi7hDuPyJNbn/2tl/+j6mXEvhfk2rBVZQ
kEYym0QUVP16xXOQ+tKg038nIu7j/1JHmvVS/7UznrvyejWnysKZfLNU7dlHL/NI
xkn40/5T+Dc0JwfgBoK38MLVxPMeKiTRqgUjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUEhWQdtso707goFRzsSwwW92bPNcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0VoV1FkdHNvNzA3Z29G
UnpzU3d3VzkyYlBOYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANSpupfCd0FHGRQ0KaZLeLiLLEdpkN3XEipe
BSc0hVtanIbxf5YRAPxQann+2f/wPayPYKqQEKLE3ibpElicDkFAyN/0REEawNO2
MdXJ8/2Fu4vgPBWym81T+vBaWkOFl3B+mxPfosliLPwTlutzerV/+WVExPEaeXoD
kEgpDNVtxFd9uqoRv5jqIVSnFdiQt5jsfh7WGMlkw3Ea7NyQ3iXZX/yCVwfVtmla
PfuQvEqNNaJVPRYxw5vCYrJ/C9Lz6Q0yyEHRIQl/0Y/HXMUkEGI6afOY33Mh90po
EiHJJrng97nhE4nnDaEUeE5BabpRMyCaUiRMgJ2NkeNhWn4Jq08=
-----END CERTIFICATE-----
Generated at Mon May 6 07:18:12 2024 by rpki-client on console-ams.rpki-client.org