Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/N7JFkwKdm3clvQY7DtARF22KXpE.roa
File: N7JFkwKdm3clvQY7DtARF22KXpE.roa (raw, json)
Hash identifier: vrCe5EqlTcJqUYo83JoDjJTz7Q1KYnsJK6NrtwU3BRs=
Subject key identifier: 37:B2:45:93:02:9D:9B:77:25:BD:06:3B:0E:D0:11:17:6D:8A:5E:91
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 22
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/N7JFkwKdm3clvQY7DtARF22KXpE.roa
Signing time: Mon 12 Feb 2024 23:55:03 +0000
ROA not before: Mon 12 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 12 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37B24593029D9B7725BD063B0ED011176D8A5E91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:77:51:70:34:be:6a:6d:8c:d7:d0:bc:e3:78:
f5:4b:36:a6:9a:ef:ba:05:91:e4:38:71:0c:57:5b:
a7:cf:fb:6c:ea:58:65:62:c9:dd:7e:a1:b2:c6:07:
2c:48:8b:63:c1:0b:5f:cd:ff:2d:5b:7e:b3:e8:47:
d5:8e:2d:d4:2b:7b:aa:ad:83:19:8d:91:14:00:e2:
7e:8e:08:76:29:8a:dc:1e:aa:6f:be:0b:69:0f:b5:
f1:1b:35:76:03:77:65:9b:d9:c1:a1:b2:4c:5f:3a:
ea:41:05:f2:45:81:59:57:05:7e:fe:6f:ca:62:53:
0c:c5:0b:b0:a9:1b:2a:45:b2:f4:27:82:7a:72:d4:
78:f4:72:a3:ca:53:ba:e5:b7:9b:9d:c5:71:80:63:
4a:fa:ae:44:d9:54:9a:60:ac:27:17:f6:47:68:37:
cb:a3:98:2b:c0:c6:c9:3f:fc:96:6e:3c:7a:89:17:
d1:74:09:4f:fd:c1:0d:e8:99:8a:49:b3:1e:ce:0b:
a4:70:06:d3:d2:ea:e5:39:b1:42:5c:bc:24:a5:cc:
ae:f0:8d:3c:a3:de:60:a7:d9:12:69:bd:d1:a7:5c:
23:dc:82:50:7d:e9:61:21:e5:7e:0d:bf:86:01:b4:
c6:d3:58:92:56:09:8c:ca:a3:82:aa:0f:6e:5a:0b:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B2:45:93:02:9D:9B:77:25:BD:06:3B:0E:D0:11:17:6D:8A:5E:91
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/N7JFkwKdm3clvQY7DtARF22KXpE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
56:19:a8:88:9a:9d:7c:72:0d:9d:f3:48:39:11:44:a4:5c:13:
b0:74:bc:b8:d5:44:c9:7e:5a:97:dd:4d:8c:7b:6f:08:41:60:
f2:a0:84:df:67:db:0e:f0:e5:88:d1:6c:7f:b0:de:62:30:4e:
d4:56:b3:61:9d:aa:8a:d2:36:fc:11:ec:87:0c:51:b2:6b:f4:
e8:09:b0:6c:46:14:98:0a:9c:8f:2e:27:df:44:a0:fd:6c:a7:
b0:25:06:d2:a3:78:bf:a9:05:27:fc:6d:21:8e:b6:2d:81:8a:
7f:28:a1:09:c1:69:cb:1d:d6:1b:eb:d6:b3:a5:cc:3a:8e:11:
67:7d:b1:13:80:91:c1:dd:70:a0:55:5c:0c:5d:ee:91:b3:e7:
b5:fe:25:4a:1a:74:52:6b:93:ad:27:80:79:b1:c0:38:1d:99:
7d:44:19:ab:09:74:6e:2f:49:66:7e:e4:02:90:f8:65:de:ec:
b4:f4:09:41:6f:30:a5:7f:d0:7f:0b:52:54:16:ba:d3:dc:92:
f9:e1:3e:fc:db:8f:41:88:8f:7b:74:6e:4a:76:e5:90:e6:c9:
c7:64:f6:4d:92:cd:67:34:76:04:3f:65:38:23:38:78:43:e7:
fd:59:65:af:be:38:3d:79:7d:0f:58:84:a8:bc:e7:8c:3d:68:
8a:d3:c7:94
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMjIz
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdCMjQ1OTMwMjlEOUI3
NzI1QkQwNjNCMEVEMDExMTc2RDhBNUU5MTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN93UXA0vmptjNfQvON49Us2pprvugWR5DhxDFdbp8/7bOpYZWLJ
3X6hssYHLEiLY8ELX83/LVt+s+hH1Y4t1Ct7qq2DGY2RFADifo4IdimK3B6qb74L
aQ+18Rs1dgN3ZZvZwaGyTF866kEF8kWBWVcFfv5vymJTDMULsKkbKkWy9CeCenLU
ePRyo8pTuuW3m53FcYBjSvquRNlUmmCsJxf2R2g3y6OYK8DGyT/8lm48eokX0XQJ
T/3BDeiZikmzHs4LpHAG09Lq5TmxQly8JKXMrvCNPKPeYKfZEmm90adcI9yCUH3p
YSHlfg2/hgG0xtNYklYJjMqjgqoPbloLM6sCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBQ3skWTAp2bdyW9BjsO0BEXbYpekTAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvTjdKRmt3S2RtM2NsdlFZ
N0R0QVJGMjJLWHBFLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAVhmoiJqdfHINnfNIORFEpFwTsHS8uNVEyX5a
l91NjHtvCEFg8qCE32fbDvDliNFsf7DeYjBO1FazYZ2qitI2/BHshwxRsmv06Amw
bEYUmAqcjy4n30Sg/WynsCUG0qN4v6kFJ/xtIY62LYGKfyihCcFpyx3WG+vWs6XM
Oo4RZ32xE4CRwd1woFVcDF3ukbPntf4lShp0UmuTrSeAebHAOB2ZfUQZqwl0bi9J
Zn7kApD4Zd7stPQJQW8wpX/QfwtSVBa609yS+eE+/NuPQYiPe3RuSnblkObJx2T2
TZLNZzR2BD9lOCM4eEPn/Vllr744PXl9D1iEqLznjD1oitPHlA==
-----END CERTIFICATE-----
Generated at Tue Feb 13 05:37:51 2024 by rpki-client on console-ams.rpki-client.org