Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/OE3e2khNKLRs902gSF0UpTeHwTA.roa
File: OE3e2khNKLRs902gSF0UpTeHwTA.roa (raw, json)
Hash identifier: jZyBh/3p3ii5PdxaHV51GDG7sa+GvJVyew6rLULEOrE=
Subject key identifier: 38:4D:DE:DA:48:4D:28:B4:6C:F7:4D:A0:48:5D:14:A5:37:87:C1:30
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0718
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OE3e2khNKLRs902gSF0UpTeHwTA.roa
Signing time: Wed 28 Aug 2024 23:55:03 +0000
ROA not before: Wed 28 Aug 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1816 (0x718)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 28 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=384DDEDA484D28B46CF74DA0485D14A53787C130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:56:81:1c:a3:8d:72:dd:cb:8f:92:c1:55:24:
6c:42:44:ff:2a:83:6f:c6:aa:1a:21:ee:a5:a4:5f:
a6:20:f1:df:dd:4f:74:ab:75:6a:27:5e:9b:45:8c:
59:72:87:46:a8:f4:52:82:49:f9:bd:b8:ef:cb:4c:
53:d7:8d:35:d8:cd:e2:b1:d8:1b:5c:4c:79:92:36:
7b:11:37:be:33:81:d0:77:80:b2:1e:db:2c:ba:e8:
4f:8e:09:93:76:a9:95:bc:28:18:41:aa:bb:d0:a0:
ee:54:34:f2:69:68:0b:9a:eb:8d:68:fb:88:b3:72:
c8:f8:3d:ef:be:7b:51:b2:94:18:ff:23:f7:44:fe:
9f:c6:09:01:33:2c:2c:25:c0:d0:70:db:9c:2f:29:
0c:93:2e:33:8c:11:dc:9c:a0:ec:6c:be:04:98:38:
c4:ca:c6:ac:39:b5:ce:41:48:27:dc:e6:94:99:3b:
14:ed:34:ab:82:a9:4e:32:61:ac:a5:6b:99:52:0d:
25:2a:02:b9:70:87:ac:56:f7:0a:26:fe:a4:e1:76:
12:72:31:a5:cb:ed:3a:6a:69:8d:5d:af:ab:0c:3b:
f4:75:5a:fc:7f:3a:41:18:58:20:a7:2e:31:14:bf:
9f:86:ef:19:ea:d6:7a:af:b1:09:49:6d:17:43:30:
09:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4D:DE:DA:48:4D:28:B4:6C:F7:4D:A0:48:5D:14:A5:37:87:C1:30
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OE3e2khNKLRs902gSF0UpTeHwTA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
38:be:ff:4d:c4:44:a0:b4:cf:69:de:76:8e:c6:cb:2f:65:34:
99:3e:48:e5:b9:6f:c4:ec:79:e7:81:99:78:0c:e2:84:fd:e0:
0d:a7:07:e6:50:1e:c5:99:e4:20:dc:09:a6:11:d8:21:8f:9d:
b3:c5:5c:10:d6:b7:bc:5a:8c:0b:fe:7a:ff:c7:3c:4b:92:cb:
d0:48:de:28:5b:ad:da:4e:eb:83:ef:d2:f9:22:c5:58:fa:b3:
b0:9b:4e:b1:3b:54:11:05:a6:1c:ec:29:bc:d3:46:d6:92:36:
ef:d8:b0:40:46:bb:57:32:df:72:bd:7c:b7:68:d0:6e:06:74:
67:0c:ca:12:f5:79:ed:7b:92:c0:f4:3c:2c:5d:2f:ee:50:1e:
ac:25:e0:0a:39:bc:22:2c:7a:b7:7e:80:79:68:21:03:0e:7e:
48:71:38:3d:1a:da:b8:8a:85:1f:2f:4d:83:c2:9b:f9:88:29:
07:45:72:45:71:a1:74:bf:44:8a:23:33:e5:29:08:34:fd:e9:
5b:06:0a:48:09:2d:e6:1c:5a:ad:ee:e7:9d:88:7d:65:14:49:
37:7a:fc:a4:6f:35:d8:ca:d6:63:84:41:fd:bc:e8:fd:be:e9:
bd:58:4f:a8:e0:20:35:c8:7e:5e:db:5b:6e:3a:c2:4a:bb:cf:
22:99:85:93
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4Mjgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM4NERERURBNDg0RDI4
QjQ2Q0Y3NERBMDQ4NUQxNEE1Mzc4N0MxMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFVoEco41y3cuPksFVJGxCRP8qg2/Gqhoh7qWkX6Yg8d/dT3Sr
dWonXptFjFlyh0ao9FKCSfm9uO/LTFPXjTXYzeKx2BtcTHmSNnsRN74zgdB3gLIe
2yy66E+OCZN2qZW8KBhBqrvQoO5UNPJpaAua641o+4izcsj4Pe++e1GylBj/I/dE
/p/GCQEzLCwlwNBw25wvKQyTLjOMEdycoOxsvgSYOMTKxqw5tc5BSCfc5pSZOxTt
NKuCqU4yYayla5lSDSUqArlwh6xW9wom/qThdhJyMaXL7TpqaY1dr6sMO/R1Wvx/
OkEYWCCnLjEUv5+G7xnq1nqvsQlJbRdDMAm5AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUOE3e2khNKLRs902gSF0UpTeHwTAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL09FM2Uya2hOS0xSczkw
MmdTRjBVcFRlSHdUQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADi+/03ERKC0z2nedo7Gyy9lNJk+SOW5b8Ts
eeeBmXgM4oT94A2nB+ZQHsWZ5CDcCaYR2CGPnbPFXBDWt7xajAv+ev/HPEuSy9BI
3ihbrdpO64Pv0vkixVj6s7CbTrE7VBEFphzsKbzTRtaSNu/YsEBGu1cy33K9fLdo
0G4GdGcMyhL1ee17ksD0PCxdL+5QHqwl4Ao5vCIserd+gHloIQMOfkhxOD0a2riK
hR8vTYPCm/mIKQdFckVxoXS/RIojM+UpCDT96VsGCkgJLeYcWq3u552IfWUUSTd6
/KRvNdjK1mOEQf286P2+6b1YT6jgIDXIfl7bW246wkq7zyKZhZM=
-----END CERTIFICATE-----
Generated at Thu Aug 29 05:24:55 2024 by rpki-client on console-fra.rpki-client.org