Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/MmN9YSyYGatGy1kACHCSONRzWWQ.roa
File: MmN9YSyYGatGy1kACHCSONRzWWQ.roa (raw, json)
Hash identifier: 75n5WcorkOcmg0laa7pct7JNXlQ6ObAQGhM2s+eWNq4=
Subject key identifier: 32:63:7D:61:2C:98:19:AB:46:CB:59:00:08:70:92:38:D4:73:59:64
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 041E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MmN9YSyYGatGy1kACHCSONRzWWQ.roa
Signing time: Wed 05 Jun 2024 07:55:03 +0000
ROA not before: Wed 05 Jun 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1054 (0x41e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 5 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32637D612C9819AB46CB590008709238D4735964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6c:fc:18:2f:fb:db:2a:e8:a3:40:29:35:28:
1b:20:9d:d8:1b:cf:cf:fa:16:e2:14:ef:c7:c8:84:
3d:44:e2:ed:37:cc:91:e9:fa:76:f9:e1:66:d5:3a:
df:30:7e:b7:77:b6:99:2f:a2:f3:0c:d4:7f:dd:63:
07:d1:be:f1:c4:65:d2:28:aa:03:a4:59:da:4c:62:
5a:49:c3:33:53:5e:88:9a:98:d8:19:43:88:35:f1:
fc:24:32:63:a3:ae:c5:f2:75:19:99:43:9a:85:30:
e9:b0:8e:c2:29:86:e3:8b:b2:e8:7c:fa:e0:5c:45:
3b:28:48:ff:34:bc:8c:c8:7b:c5:16:db:dd:35:0e:
f2:f3:80:d6:d0:09:cb:46:a9:73:4b:8e:17:d2:78:
9c:72:74:57:42:46:3d:c0:58:04:02:52:a9:4d:3b:
94:ae:61:f5:11:42:be:c5:ab:77:bc:75:1f:e0:9a:
98:a7:40:fe:ee:92:ba:bf:e6:16:58:af:53:33:c3:
36:ff:d1:48:6f:9f:d0:13:94:98:91:ee:53:da:a6:
41:9c:8b:ce:99:31:de:a1:fe:9f:43:40:51:85:3b:
18:a7:73:98:27:15:44:49:cd:79:cc:12:b9:12:d3:
cc:50:64:82:14:f4:ce:d0:c4:e5:9a:ba:bc:df:22:
4f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:63:7D:61:2C:98:19:AB:46:CB:59:00:08:70:92:38:D4:73:59:64
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MmN9YSyYGatGy1kACHCSONRzWWQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
90:04:33:71:5d:4e:43:b8:5e:fb:0e:90:2e:9d:a4:75:df:a9:
af:b4:f3:2d:71:0f:c5:e4:a6:99:36:7f:79:d3:61:7d:ae:af:
9c:ab:46:ec:c1:98:44:0e:f8:b6:fe:b1:f8:ee:88:28:b8:e2:
92:13:31:b0:b7:73:82:e3:70:1c:6d:6f:80:03:fb:9f:3d:78:
0a:80:49:9c:2d:b4:8b:de:73:06:58:77:eb:2c:15:ce:5a:50:
68:bb:23:21:8c:81:01:37:46:57:0d:6a:f3:86:60:dd:12:b6:
7c:2d:1b:be:63:c1:ef:97:53:1c:c3:08:7d:15:08:54:74:3d:
30:03:e3:9d:da:c5:9c:88:06:31:06:90:bc:a0:b2:17:f2:5c:
db:96:fc:09:b5:05:aa:57:e2:fb:3b:9f:5e:d1:11:71:72:4c:
bc:f0:ba:d2:4e:d1:2f:73:9c:46:aa:30:26:13:e5:6f:88:74:
9a:f5:ab:54:06:02:39:61:41:0a:68:54:6c:29:f9:b5:75:66:
35:5c:50:ca:45:9c:e4:11:85:47:8a:9c:3f:b0:6a:3d:ba:50:
2a:cd:b6:49:e0:a9:9c:23:a4:6b:53:24:45:8b:b5:8b:a9:fa:
f3:b6:36:0a:b8:8b:75:16:e8:de:8f:f5:bb:fe:cb:1c:b0:b6:
cc:ca:cc:9f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBB4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDUw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDMyNjM3RDYxMkM5ODE5
QUI0NkNCNTkwMDA4NzA5MjM4RDQ3MzU5NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClbPwYL/vbKuijQCk1KBsgndgbz8/6FuIU78fIhD1E4u03zJHp
+nb54WbVOt8wfrd3tpkvovMM1H/dYwfRvvHEZdIoqgOkWdpMYlpJwzNTXoiamNgZ
Q4g18fwkMmOjrsXydRmZQ5qFMOmwjsIphuOLsuh8+uBcRTsoSP80vIzIe8UW2901
DvLzgNbQCctGqXNLjhfSeJxydFdCRj3AWAQCUqlNO5SuYfURQr7Fq3e8dR/gmpin
QP7ukrq/5hZYr1Mzwzb/0Uhvn9ATlJiR7lPapkGci86ZMd6h/p9DQFGFOxinc5gn
FURJzXnMErkS08xQZIIU9M7QxOWaurzfIk89AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUMmN9YSyYGatGy1kACHCSONRzWWQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL01tTjlZU3lZR2F0R3kx
a0FDSENTT05SeldXUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJAEM3FdTkO4XvsOkC6dpHXfqa+08y1xD8Xk
ppk2f3nTYX2ur5yrRuzBmEQO+Lb+sfjuiCi44pITMbC3c4LjcBxtb4AD+589eAqA
SZwttIvecwZYd+ssFc5aUGi7IyGMgQE3RlcNavOGYN0StnwtG75jwe+XUxzDCH0V
CFR0PTAD453axZyIBjEGkLygshfyXNuW/Am1BapX4vs7n17REXFyTLzwutJO0S9z
nEaqMCYT5W+IdJr1q1QGAjlhQQpoVGwp+bV1ZjVcUMpFnOQRhUeKnD+waj26UCrN
tkngqZwjpGtTJEWLtYup+vO2Ngq4i3UW6N6P9bv+yxywtszKzJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org