Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/OA5p263Jdggirt09CEYlgqQMkIc.roa
File: OA5p263Jdggirt09CEYlgqQMkIc.roa (raw, json)
Hash identifier: trR1FHakLFFHxI6rftFe+LoQmJGaXdgS1HiHWYr7kCY=
Subject key identifier: 38:0E:69:DB:AD:C9:76:08:22:AE:DD:3D:08:46:25:82:A4:0C:90:87
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0658
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OA5p263Jdggirt09CEYlgqQMkIc.roa
Signing time: Wed 07 Aug 2024 15:55:04 +0000
ROA not before: Wed 07 Aug 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1624 (0x658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 7 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=380E69DBADC9760822AEDD3D08462582A40C9087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:dc:d2:51:05:f7:c6:07:fd:92:12:80:c7:ad:
61:b3:da:59:b7:ae:16:c0:5c:ba:6d:c7:e8:3a:cc:
d3:77:d6:1f:c1:9e:11:42:93:13:9e:0b:bd:63:15:
f1:3a:d2:33:9e:a2:c8:fa:cd:b5:ce:95:7d:81:b7:
ac:4d:1e:2e:52:7e:6e:cb:b3:bd:1d:b3:64:10:4e:
2c:a3:29:c8:bd:4f:99:f0:7f:21:7d:5f:0b:b4:5e:
63:9e:b7:fe:91:33:d8:de:bd:7b:e8:a8:a1:34:46:
77:ba:06:83:6e:f2:71:55:13:fe:d1:3d:e5:83:3b:
16:41:ce:cb:b2:a2:f2:d1:85:fc:c6:7b:75:87:75:
15:21:79:83:e9:92:bf:37:ec:8e:43:86:28:fe:a0:
69:bf:50:72:fe:81:02:d4:37:bf:73:21:e0:a5:d7:
a3:ef:93:d5:8a:07:b9:de:f8:0a:0c:fa:fb:c2:79:
30:75:23:20:90:64:4d:bb:a8:fc:20:36:b4:c8:89:
e1:96:aa:dc:8f:98:c6:d9:c0:52:9b:f2:8f:1b:a7:
19:7d:e4:5a:e2:0e:70:ac:c0:4a:9f:33:1d:36:d0:
75:65:42:86:29:7b:de:48:b9:99:36:89:b1:e6:8f:
f2:90:13:7e:a8:28:66:8b:53:f3:d3:88:f4:dd:2c:
05:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0E:69:DB:AD:C9:76:08:22:AE:DD:3D:08:46:25:82:A4:0C:90:87
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OA5p263Jdggirt09CEYlgqQMkIc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
91:69:78:02:e3:90:5d:be:32:ed:22:0d:6f:62:90:1c:e3:83:
6f:ec:c1:8d:f5:63:bd:3a:1d:8e:a8:c1:4a:fc:de:71:3e:0a:
f4:ea:00:67:27:68:9e:a2:6a:02:71:f1:b9:96:b1:18:c6:99:
14:97:65:61:52:8f:ed:c8:2b:a3:75:95:cc:20:48:47:5c:17:
c0:e5:69:a2:7b:51:e8:81:cb:cc:e9:cd:2a:a2:44:9e:06:62:
41:0d:2e:fe:b0:ac:d0:6f:54:50:9d:7f:e9:39:5a:d6:ec:dd:
8f:64:e9:5d:be:c1:38:34:76:fc:99:4d:db:b6:c4:81:7e:06:
12:4a:72:47:15:ff:61:69:e6:05:21:65:0c:35:9f:b0:52:3b:
1e:b0:89:8b:95:a2:01:86:2e:35:22:fa:cc:04:7c:68:0c:be:
0e:12:ac:a7:fb:7b:c0:a4:e7:11:aa:eb:8a:45:70:7b:bc:79:
8d:2a:fc:0e:1e:58:cb:86:41:01:6d:15:66:34:69:0c:e3:6f:
53:8c:13:15:c3:6f:ce:6e:5e:a0:9a:91:8d:55:e7:cf:cf:52:
cd:a5:a0:b4:54:ee:e7:15:8a:89:b3:bb:cb:e0:38:5d:a7:23:
5e:0c:4a:c0:bd:18:bd:0b:cf:c5:f9:54:bf:65:3c:53:1b:9d:
2a:ad:91:34
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDcx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM4MEU2OURCQURDOTc2
MDgyMkFFREQzRDA4NDYyNTgyQTQwQzkwODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv3NJRBffGB/2SEoDHrWGz2lm3rhbAXLptx+g6zNN31h/BnhFC
kxOeC71jFfE60jOeosj6zbXOlX2Bt6xNHi5Sfm7Ls70ds2QQTiyjKci9T5nwfyF9
Xwu0XmOet/6RM9jevXvoqKE0Rne6BoNu8nFVE/7RPeWDOxZBzsuyovLRhfzGe3WH
dRUheYPpkr837I5Dhij+oGm/UHL+gQLUN79zIeCl16Pvk9WKB7ne+AoM+vvCeTB1
IyCQZE27qPwgNrTIieGWqtyPmMbZwFKb8o8bpxl95FriDnCswEqfMx020HVlQoYp
e95IuZk2ibHmj/KQE36oKGaLU/PTiPTdLAXrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUOA5p263Jdggirt09CEYlgqQMkIcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL09BNXAyNjNKZGdnaXJ0
MDlDRVlsZ3FRTWtJYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJFpeALjkF2+Mu0iDW9ikBzjg2/swY31Y706
HY6owUr83nE+CvTqAGcnaJ6iagJx8bmWsRjGmRSXZWFSj+3IK6N1lcwgSEdcF8Dl
aaJ7UeiBy8zpzSqiRJ4GYkENLv6wrNBvVFCdf+k5Wtbs3Y9k6V2+wTg0dvyZTdu2
xIF+BhJKckcV/2Fp5gUhZQw1n7BSOx6wiYuVogGGLjUi+swEfGgMvg4SrKf7e8Ck
5xGq64pFcHu8eY0q/A4eWMuGQQFtFWY0aQzjb1OMExXDb85uXqCakY1V58/PUs2l
oLRU7ucViomzu8vgOF2nI14MSsC9GL0Lz8X5VL9lPFMbnSqtkTQ=
-----END CERTIFICATE-----
Generated at Wed Aug 7 22:21:32 2024 by rpki-client on console-ams.rpki-client.org