Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/MDI2ueynfIN0h1ehExKS8Hf6fss.roa
File: MDI2ueynfIN0h1ehExKS8Hf6fss.roa (raw, json)
Hash identifier: k8rwq46Rxe5AUk2Cr2FJBPdvX20UyU/nv7MAj6kgp9Q=
Subject key identifier: 30:32:36:B9:EC:A7:7C:83:74:87:57:A1:13:12:92:F0:77:FA:7E:CB
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 05FE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MDI2ueynfIN0h1ehExKS8Hf6fss.roa
Signing time: Sun 28 Jul 2024 15:55:03 +0000
ROA not before: Sun 28 Jul 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1534 (0x5fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 28 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=303236B9ECA77C83748757A1131292F077FA7ECB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:0b:3f:8b:56:5b:a7:94:8c:15:cc:25:75:
c4:23:f7:25:b3:d0:2f:cd:a4:47:d3:5f:15:79:ab:
9e:81:2a:e4:ad:f8:ad:76:57:e4:d7:26:f2:5e:8f:
5e:94:08:1f:55:b1:2e:0f:f5:26:84:20:f9:6c:86:
da:0a:ab:56:a8:12:63:bb:a3:24:45:8a:a4:84:88:
6d:af:d9:1c:4b:82:64:48:da:0d:47:a3:67:b1:46:
7f:b1:48:a6:6a:8e:f6:89:74:e3:2f:b4:9c:d0:ef:
5d:51:76:65:69:93:23:24:f3:25:9f:3f:35:6e:d6:
98:4e:dc:f2:b5:e3:e9:aa:37:84:25:82:c9:c9:94:
46:e6:46:52:1c:69:1a:13:42:cd:b7:e4:f2:b6:4a:
db:23:63:b4:ce:4f:22:cf:8c:ee:07:2c:42:3c:29:
df:c5:a2:3c:2f:86:ff:cd:80:04:c1:2e:41:2e:9e:
d2:b3:fe:ce:7d:10:b2:74:17:e1:c8:bb:65:66:c8:
b7:71:a9:1d:93:e3:ca:44:c7:9e:e2:c1:d3:78:a1:
0d:41:21:09:af:9e:01:60:09:8c:29:eb:18:bc:ce:
72:3a:09:c5:ed:93:11:8c:ba:25:39:85:da:52:6f:
41:0e:4b:79:b7:14:b1:0a:70:09:ae:71:0a:9f:5d:
27:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:32:36:B9:EC:A7:7C:83:74:87:57:A1:13:12:92:F0:77:FA:7E:CB
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MDI2ueynfIN0h1ehExKS8Hf6fss.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:1c:90:5b:e5:a7:be:84:af:12:9a:0e:5b:a6:bb:9b:e0:71:
67:c2:71:eb:29:f1:87:b7:21:35:1a:1e:d1:e9:62:22:88:7a:
89:42:6b:8e:6a:69:0a:ca:2c:dc:b5:4c:ad:f7:2f:25:a6:e8:
54:ee:04:4c:eb:c6:a9:2b:13:9f:6d:6b:ee:be:f0:c0:3d:66:
ba:db:32:6a:83:1d:7f:94:72:16:b3:b3:01:1d:d6:30:93:17:
8b:6f:3d:27:03:90:1d:4d:ba:e0:02:ac:3f:eb:b8:ea:1c:0f:
67:64:c0:ac:98:11:14:20:d7:11:2f:3a:57:d3:7d:55:15:49:
a0:c1:06:75:06:91:4d:ce:26:c3:35:55:73:39:ec:d2:5e:a0:
07:e1:91:96:f0:18:28:2c:9c:8e:5d:e7:48:15:1d:5e:32:09:
17:2d:4e:47:f8:a0:fc:4c:11:a6:a4:65:28:2c:f0:81:43:7a:
5d:d5:b9:a2:e0:e4:9a:7f:39:e1:93:9a:21:a7:b6:74:d7:0f:
cc:2e:f6:ee:cd:62:db:48:68:5b:e9:f8:5e:e2:82:ae:8e:64:
d8:c7:76:88:20:d8:24:39:5e:f2:a5:90:73:27:57:01:75:ae:
37:fa:d2:25:7a:cd:07:9a:14:42:b5:7f:86:fa:9e:fa:1e:fe:
2c:25:da:1a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3Mjgx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDMwMzIzNkI5RUNBNzdD
ODM3NDg3NTdBMTEzMTI5MkYwNzdGQTdFQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/cAs/i1Zbp5SMFcwldcQj9yWz0C/NpEfTXxV5q56BKuSt+K12
V+TXJvJej16UCB9VsS4P9SaEIPlshtoKq1aoEmO7oyRFiqSEiG2v2RxLgmRI2g1H
o2exRn+xSKZqjvaJdOMvtJzQ711RdmVpkyMk8yWfPzVu1phO3PK14+mqN4QlgsnJ
lEbmRlIcaRoTQs235PK2StsjY7TOTyLPjO4HLEI8Kd/Fojwvhv/NgATBLkEuntKz
/s59ELJ0F+HIu2VmyLdxqR2T48pEx57iwdN4oQ1BIQmvngFgCYwp6xi8znI6CcXt
kxGMuiU5hdpSb0EOS3m3FLEKcAmucQqfXSdHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUMDI2ueynfIN0h1ehExKS8Hf6fsswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL01ESTJ1ZXluZklOMGgx
ZWhFeEtTOEhmNmZzcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALMckFvlp76ErxKaDlumu5vgcWfCcesp8Ye3
ITUaHtHpYiKIeolCa45qaQrKLNy1TK33LyWm6FTuBEzrxqkrE59ta+6+8MA9Zrrb
MmqDHX+UchazswEd1jCTF4tvPScDkB1NuuACrD/ruOocD2dkwKyYERQg1xEvOlfT
fVUVSaDBBnUGkU3OJsM1VXM57NJeoAfhkZbwGCgsnI5d50gVHV4yCRctTkf4oPxM
EaakZSgs8IFDel3VuaLg5Jp/OeGTmiGntnTXD8wu9u7NYttIaFvp+F7igq6OZNjH
dogg2CQ5XvKlkHMnVwF1rjf60iV6zQeaFEK1f4b6nvoe/iwl2ho=
-----END CERTIFICATE-----
Generated at Sun Jul 28 21:46:16 2024 by rpki-client on console-ams.rpki-client.org