Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/JfswKDE9eZltkOR6FRz-gSl37Og.roa
File: JfswKDE9eZltkOR6FRz-gSl37Og.roa (raw, json)
Hash identifier: VA8Wrqfy3RmcC5MB3x3whq8XcgB9C4Xq/S1CD9RvE8I=
Subject key identifier: 25:FB:30:28:31:3D:79:99:6D:90:E4:7A:15:1C:FE:81:29:77:EC:E8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0517
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/JfswKDE9eZltkOR6FRz-gSl37Og.roa
Signing time: Tue 02 Jul 2024 23:55:03 +0000
ROA not before: Tue 02 Jul 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1303 (0x517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 2 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25FB3028313D79996D90E47A151CFE812977ECE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b9:01:d9:33:4c:41:76:77:a9:02:48:cd:98:
f5:5b:c1:88:02:cf:67:ba:bf:98:9c:9b:c3:69:df:
8c:54:82:a8:97:96:b2:73:fc:af:85:26:f2:b4:d7:
0f:64:4c:63:70:a0:1e:d6:c7:69:06:dd:e8:b8:27:
28:29:61:78:43:6c:d3:b3:f4:c3:b5:a2:cb:d8:73:
0e:49:08:2b:24:c5:a1:a9:9d:5d:6a:c3:06:ce:d9:
66:fa:2e:0e:dc:07:5d:a1:58:14:43:56:db:2c:1d:
db:5b:c3:1c:04:ca:96:cc:12:38:2d:25:be:a7:e6:
9b:ff:e3:07:4c:43:d3:80:f7:b0:19:73:ec:f8:2e:
dc:63:d4:09:8f:90:da:21:9e:65:1e:0f:b6:7a:14:
0b:2c:4a:22:dd:cb:0b:70:4e:21:a4:cf:86:e9:55:
e9:b2:3d:85:23:60:11:28:36:27:55:84:c0:28:1c:
59:33:5a:e5:9d:aa:28:00:06:2c:6d:b2:f0:cf:78:
44:cf:bb:5b:b9:9f:45:33:5d:a6:d7:7c:f0:b9:62:
5e:3d:1d:a1:d1:5b:59:15:11:30:ed:e1:aa:88:26:
52:bc:62:a7:e0:5f:26:a3:dd:04:ca:fa:31:5d:c9:
41:37:1f:01:c9:b6:a8:07:b3:7c:0f:82:c7:a1:d1:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FB:30:28:31:3D:79:99:6D:90:E4:7A:15:1C:FE:81:29:77:EC:E8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/JfswKDE9eZltkOR6FRz-gSl37Og.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
36:52:aa:53:17:ad:6d:f8:dc:73:03:df:05:b0:f5:af:0c:e2:
8d:f8:b9:7b:e9:bc:e6:09:1a:10:06:fd:f6:22:db:06:8e:51:
3e:24:4e:c0:57:e6:f9:2e:02:8e:57:96:ca:a6:5e:20:98:ae:
c6:04:e4:23:d0:91:f8:ea:f7:6c:82:ef:62:93:b8:49:84:87:
59:5b:8a:27:6a:37:4f:c5:9d:df:e9:0a:d0:62:25:b1:04:53:
27:68:2f:b1:21:ad:0e:21:1c:0a:2b:fa:80:f9:85:b8:35:e3:
9a:ae:47:8f:83:ce:69:67:9b:8d:28:8c:1e:2a:d7:b6:39:0c:
21:37:1e:ac:4a:aa:d1:c6:42:3f:d7:6b:1d:96:13:8e:c3:79:
af:6e:67:1b:de:d4:c0:ba:03:b3:97:b4:fd:64:e6:d1:74:52:
32:fa:5a:50:c0:4b:f0:c8:60:75:62:06:23:c6:30:19:c5:8a:
b3:33:d3:3d:2c:d4:8e:38:3d:2c:68:ad:9e:b0:e9:ac:c3:f0:
5c:8c:fc:79:ca:c4:17:8b:ac:04:41:e8:7f:b1:72:9a:c2:4b:
29:c0:fa:c2:73:67:3d:4d:3c:93:65:09:ab:b1:c8:e7:28:43:
98:70:f9:09:30:2f:45:c1:1f:d6:82:5d:18:c5:18:53:1a:aa:
15:77:8d:1d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MDIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI1RkIzMDI4MzEzRDc5
OTk2RDkwRTQ3QTE1MUNGRTgxMjk3N0VDRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAuQHZM0xBdnepAkjNmPVbwYgCz2e6v5icm8Np34xUgqiXlrJz
/K+FJvK01w9kTGNwoB7Wx2kG3ei4JygpYXhDbNOz9MO1osvYcw5JCCskxaGpnV1q
wwbO2Wb6Lg7cB12hWBRDVtssHdtbwxwEypbMEjgtJb6n5pv/4wdMQ9OA97AZc+z4
Ltxj1AmPkNohnmUeD7Z6FAssSiLdywtwTiGkz4bpVemyPYUjYBEoNidVhMAoHFkz
WuWdqigABixtsvDPeETPu1u5n0UzXabXfPC5Yl49HaHRW1kVETDt4aqIJlK8Yqfg
Xyaj3QTK+jFdyUE3HwHJtqgHs3wPgseh0fsBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUJfswKDE9eZltkOR6FRz+gSl37OgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0pmc3dLREU5ZVpsdGtP
UjZGUnotZ1NsMzdPZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADZSqlMXrW343HMD3wWw9a8M4o34uXvpvOYJ
GhAG/fYi2waOUT4kTsBX5vkuAo5XlsqmXiCYrsYE5CPQkfjq92yC72KTuEmEh1lb
iidqN0/Fnd/pCtBiJbEEUydoL7EhrQ4hHAor+oD5hbg145quR4+Dzmlnm40ojB4q
17Y5DCE3HqxKqtHGQj/Xax2WE47Dea9uZxve1MC6A7OXtP1k5tF0UjL6WlDAS/DI
YHViBiPGMBnFirMz0z0s1I44PSxorZ6w6azD8FyM/HnKxBeLrARB6H+xcprCSynA
+sJzZz1NPJNlCauxyOcoQ5hw+QkwL0XBH9aCXRjFGFMaqhV3jR0=
-----END CERTIFICATE-----
Generated at Wed Jul 3 05:06:19 2024 by rpki-client on console-ams.rpki-client.org