Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/J37nyfszWVQWrmLF00YrjdWerNA.roa
File: J37nyfszWVQWrmLF00YrjdWerNA.roa (raw, json)
Hash identifier: sQ6Kg1+iowecAYy+WOOH5cRtGbWM2l8BCPNl8mcJBgg=
Subject key identifier: 27:7E:E7:C9:FB:33:59:54:16:AE:62:C5:D3:46:2B:8D:D5:9E:AC:D0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: E5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/J37nyfszWVQWrmLF00YrjdWerNA.roa
Signing time: Tue 05 Mar 2024 15:55:03 +0000
ROA not before: Tue 05 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229 (0xe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 5 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=277EE7C9FB33595416AE62C5D3462B8DD59EACD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f8:f5:46:1e:d2:58:9f:5c:d5:db:b9:e7:e8:
e3:94:6a:90:39:14:51:a3:bc:e8:bb:e9:a4:44:b9:
ec:e6:10:6c:f4:e4:8d:56:0d:fe:be:f3:11:fd:37:
cb:1b:20:6a:53:69:8b:5a:42:27:4e:7d:4b:1c:4f:
99:46:3c:14:11:7e:07:64:9b:de:4c:39:30:ef:ab:
38:57:62:06:f6:7d:37:05:91:14:77:61:74:f5:c3:
66:cc:82:4c:00:d5:0e:ce:fc:5c:fa:1e:26:51:03:
90:6d:5e:8c:2d:cd:b3:9a:6a:d2:2c:1f:a2:8c:c7:
24:18:bf:d9:6f:41:5c:da:a2:32:de:24:a8:0c:04:
4f:71:5f:2c:ef:60:70:cd:d0:89:8f:92:0a:b9:4c:
b1:85:33:76:8a:b2:6c:4f:14:ed:91:e2:97:cd:e5:
4b:da:b6:b1:2f:e3:30:f4:02:61:8b:8a:1b:09:e2:
2c:80:5f:d0:dc:27:5a:7c:b0:bd:23:6a:3f:59:38:
a7:ae:80:e6:da:f2:c7:7e:35:59:59:46:df:58:87:
8e:e0:7d:c6:f8:cc:ba:cc:c1:53:4c:d4:2b:9e:99:
75:4d:e5:35:a0:e6:e8:6c:bc:e6:89:fd:10:35:1b:
f8:95:d8:e4:77:5a:97:9e:31:98:78:57:d5:20:96:
21:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:7E:E7:C9:FB:33:59:54:16:AE:62:C5:D3:46:2B:8D:D5:9E:AC:D0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/J37nyfszWVQWrmLF00YrjdWerNA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
71:8f:e6:aa:f4:d1:01:19:1d:a2:c7:88:7e:58:55:73:59:66:
69:f7:04:58:43:04:bf:cb:85:36:3e:bc:23:c8:58:e9:ed:11:
5c:49:e1:b0:9c:6b:50:13:39:6e:b6:e5:e4:e5:94:8c:1a:5f:
00:3c:a7:67:e4:1b:e2:ea:9b:4a:7a:53:4e:0b:89:b7:43:57:
d7:1e:39:67:a1:f9:85:1d:c2:90:d1:ec:18:41:4a:38:5c:5e:
ba:71:b6:e9:b1:c5:19:cb:dc:c8:af:05:a2:3a:7e:a0:c5:44:
b8:e9:27:06:1f:68:b0:1d:8b:e4:2b:a5:8e:fa:93:fd:1d:4e:
4e:c8:42:82:0f:25:f8:ad:93:9f:be:a2:47:e3:ea:77:8e:77:
ec:af:45:37:a8:b1:43:d0:a0:78:f5:0f:f5:b9:a6:ae:04:20:
86:c6:87:68:2e:22:ab:8e:7f:fe:b9:6a:a2:4a:a5:cc:93:ec:
e8:69:a4:ac:89:d8:62:93:4d:28:2d:e8:68:f4:d5:74:01:8d:
f1:f7:d4:b4:22:9c:b2:02:8f:a5:f6:85:d7:e2:14:4e:4e:bd:
8a:89:e7:33:d9:36:ba:0f:dd:7a:f6:3c:9f:ae:77:06:60:ed:
ee:c9:e3:25:3e:f6:17:55:a8:e4:b4:d1:76:4e:65:e9:94:97:
a9:8e:a4:b0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDUx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI3N0VFN0M5RkIzMzU5
NTQxNkFFNjJDNUQzNDYyQjhERDU5RUFDRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK+PVGHtJYn1zV27nn6OOUapA5FFGjvOi76aREuezmEGz05I1W
Df6+8xH9N8sbIGpTaYtaQidOfUscT5lGPBQRfgdkm95MOTDvqzhXYgb2fTcFkRR3
YXT1w2bMgkwA1Q7O/Fz6HiZRA5BtXowtzbOaatIsH6KMxyQYv9lvQVzaojLeJKgM
BE9xXyzvYHDN0ImPkgq5TLGFM3aKsmxPFO2R4pfN5UvatrEv4zD0AmGLihsJ4iyA
X9DcJ1p8sL0jaj9ZOKeugOba8sd+NVlZRt9Yh47gfcb4zLrMwVNM1CuemXVN5TWg
5uhsvOaJ/RA1G/iV2OR3WpeeMZh4V9UgliEJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUJ37nyfszWVQWrmLF00YrjdWerNAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0ozN255ZnN6V1ZRV3Jt
TEYwMFlyamRXZXJOQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHGP5qr00QEZHaLHiH5YVXNZZmn3BFhDBL/L
hTY+vCPIWOntEVxJ4bCca1ATOW625eTllIwaXwA8p2fkG+Lqm0p6U04LibdDV9ce
OWeh+YUdwpDR7BhBSjhcXrpxtumxxRnL3MivBaI6fqDFRLjpJwYfaLAdi+QrpY76
k/0dTk7IQoIPJfitk5++okfj6neOd+yvRTeosUPQoHj1D/W5pq4EIIbGh2guIquO
f/65aqJKpcyT7OhppKyJ2GKTTSgt6Gj01XQBjfH31LQinLICj6X2hdfiFE5OvYqJ
5zPZNroP3Xr2PJ+udwZg7e7J4yU+9hdVqOS00XZOZemUl6mOpLA=
-----END CERTIFICATE-----
Generated at Tue Mar 5 22:47:52 2024 by rpki-client on console-ams.rpki-client.org