Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/O_qiUyDn20IF0XGDw9YGZ5v0m5U.roa
File: O_qiUyDn20IF0XGDw9YGZ5v0m5U.roa (raw, json)
Hash identifier: X7afyPUBG8t0S4PWlMHrZJRfXxcSFTmCyxeL31WNSpI=
Subject key identifier: 3B:FA:A2:53:20:E7:DB:42:05:D1:71:83:C3:D6:06:67:9B:F4:9B:95
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 085F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/O_qiUyDn20IF0XGDw9YGZ5v0m5U.roa
Signing time: Fri 04 Oct 2024 07:55:03 +0000
ROA not before: Fri 04 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2143 (0x85f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 4 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3BFAA25320E7DB4205D17183C3D606679BF49B95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:89:52:b7:05:e1:79:a2:44:a0:b0:17:b4:c7:
4b:45:e9:58:fe:a2:46:38:6e:d7:38:1c:bd:93:66:
e4:ab:02:77:5a:36:32:38:47:36:65:b7:58:da:a7:
1a:ba:79:61:fe:ea:b8:73:08:9e:b7:2a:a0:37:98:
20:3a:c1:66:2b:34:82:76:a5:24:12:fb:0a:bd:5d:
83:1c:2d:ae:8f:71:46:49:8e:10:22:a9:e3:11:b3:
5e:a3:7e:6e:f7:1f:9e:de:da:4c:3c:a5:a7:bf:72:
5a:48:d1:28:a8:0d:d5:bc:3d:b4:77:4d:b9:d6:af:
5a:fe:03:e8:b7:fc:de:34:e0:23:a1:09:b1:c3:01:
95:f8:28:21:87:de:10:a4:54:36:1f:1d:70:a1:8e:
2f:23:4d:5c:5c:0b:31:a2:e3:c4:ae:3c:dc:81:a0:
e6:30:8c:2c:7f:5a:5a:b3:42:2f:9f:a0:99:ec:ea:
60:8f:32:72:a3:ec:0b:8e:42:8c:2a:33:e9:e4:6f:
6e:5a:a0:12:72:d6:81:1b:bb:58:d4:f8:d6:75:f8:
21:18:f0:db:6a:c2:49:a6:1c:17:dc:d0:33:a1:1f:
e2:3e:03:4d:ae:88:40:ea:02:9c:bf:7a:a8:1b:ed:
21:46:03:86:78:39:7d:df:90:6c:50:93:73:12:5a:
b5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:A2:53:20:E7:DB:42:05:D1:71:83:C3:D6:06:67:9B:F4:9B:95
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/O_qiUyDn20IF0XGDw9YGZ5v0m5U.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
57:ba:8f:a1:58:58:e1:d8:94:5c:e3:7a:f5:a1:39:01:95:b7:
ab:06:0b:c7:ad:39:6c:47:cc:f3:89:5d:b4:54:d7:f7:6d:f2:
fc:7a:d0:19:0e:56:73:58:e3:cf:4e:2b:e2:70:bb:1a:a4:1d:
3c:32:2f:17:71:ec:4b:fb:e1:58:b8:61:fd:d8:28:a6:64:9f:
02:d5:74:f8:57:88:8f:13:af:cd:fc:b6:95:2e:54:d1:7d:80:
63:17:ee:40:55:fb:c4:bc:e4:9a:15:c6:a0:3e:8a:2b:a9:33:
19:4f:ba:47:a8:89:ba:3e:a5:b2:34:16:ca:51:8b:75:0e:47:
d0:97:31:71:aa:1a:f5:39:9b:bc:be:70:1f:ac:d0:da:c0:46:
b3:36:0a:10:11:da:dc:93:26:82:27:3f:dc:63:33:e6:5b:b0:
4e:79:74:11:61:24:31:f6:d8:cf:14:cf:b9:38:22:ca:8d:44:
a4:34:96:ca:bd:4c:72:cd:91:9d:d5:bd:5d:57:ac:15:ec:53:
11:39:da:67:14:b7:b0:28:57:71:b3:42:31:0e:1a:b3:e5:a8:
c7:66:26:94:c4:1e:19:f5:00:15:ae:37:e4:a7:fa:bd:00:a4:
c3:09:21:57:76:6e:e5:40:cf:17:13:97:4a:56:f2:75:aa:e5:
30:cb:79:e1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCF8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDQw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDNCRkFBMjUzMjBFN0RC
NDIwNUQxNzE4M0MzRDYwNjY3OUJGNDlCOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4iVK3BeF5okSgsBe0x0tF6Vj+okY4btc4HL2TZuSrAndaNjI4
RzZlt1japxq6eWH+6rhzCJ63KqA3mCA6wWYrNIJ2pSQS+wq9XYMcLa6PcUZJjhAi
qeMRs16jfm73H57e2kw8pae/clpI0SioDdW8PbR3TbnWr1r+A+i3/N404COhCbHD
AZX4KCGH3hCkVDYfHXChji8jTVxcCzGi48SuPNyBoOYwjCx/WlqzQi+foJns6mCP
MnKj7AuOQowqM+nkb25aoBJy1oEbu1jU+NZ1+CEY8NtqwkmmHBfc0DOhH+I+A02u
iEDqApy/eqgb7SFGA4Z4OX3fkGxQk3MSWrVLAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUO/qiUyDn20IF0XGDw9YGZ5v0m5UwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL09fcWlVeURuMjBJRjBY
R0R3OVlHWjV2MG01VS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFe6j6FYWOHYlFzjevWhOQGVt6sGC8etOWxH
zPOJXbRU1/dt8vx60BkOVnNY489OK+JwuxqkHTwyLxdx7Ev74Vi4Yf3YKKZknwLV
dPhXiI8Tr838tpUuVNF9gGMX7kBV+8S85JoVxqA+iiupMxlPukeoibo+pbI0FspR
i3UOR9CXMXGqGvU5m7y+cB+s0NrARrM2ChAR2tyTJoInP9xjM+ZbsE55dBFhJDH2
2M8Uz7k4IsqNRKQ0lsq9THLNkZ3VvV1XrBXsUxE52mcUt7AoV3GzQjEOGrPlqMdm
JpTEHhn1ABWuN+Sn+r0ApMMJIVd2buVAzxcTl0pW8nWq5TDLeeE=
-----END CERTIFICATE-----
Generated at Fri Oct 4 18:58:28 2024 by rpki-client on console-ams.rpki-client.org