Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/OmIwXUUDXwKYXhD230a8wE8YvH8.roa
File: OmIwXUUDXwKYXhD230a8wE8YvH8.roa (raw, json)
Hash identifier: tkjrgm7l444x1/JIjqRJ5DuxI6JnJnRdT27n6kVbAJE=
Subject key identifier: 3A:62:30:5D:45:03:5F:02:98:5E:10:F6:DF:46:BC:C0:4F:18:BC:7F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0793
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OmIwXUUDXwKYXhD230a8wE8YvH8.roa
Signing time: Wed 11 Sep 2024 15:55:03 +0000
ROA not before: Wed 11 Sep 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1939 (0x793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 11 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3A62305D45035F02985E10F6DF46BCC04F18BC7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:ef:86:12:75:fc:7f:06:f3:88:89:f9:f5:
ad:3c:51:b3:f8:d9:b8:28:9a:6f:5c:4a:4b:24:1b:
8f:1e:4e:93:96:95:b0:bb:ee:c8:0f:2c:45:c8:b0:
68:da:31:3f:c9:f3:9f:11:a9:56:68:ed:4a:e1:5c:
e3:e9:ff:cd:29:c1:b7:7f:6f:45:67:d5:53:71:0a:
95:51:8c:22:24:19:32:d6:92:42:26:a8:b4:4d:7c:
ae:8a:70:0b:1f:d2:fa:9b:68:c5:ba:6e:d6:38:76:
eb:af:d8:6f:f5:b1:fc:92:6d:17:28:45:c7:b0:ab:
2a:3c:4f:58:9d:cd:63:41:b0:e2:53:5f:81:66:1d:
2a:45:7f:91:88:12:df:f7:54:ac:ea:3d:f5:ef:41:
d2:3b:6e:ce:2d:f4:ae:81:86:8e:b0:9d:d0:d6:06:
bb:12:1c:7e:f4:0e:29:81:7d:5f:a2:82:63:db:87:
4c:8c:f8:b5:9e:3f:dc:6f:0b:20:fe:72:48:82:88:
86:2c:fe:6a:8d:55:8e:78:49:0d:db:23:fb:b1:76:
af:23:ea:52:90:11:51:96:6f:76:62:9d:5a:30:93:
30:d9:65:ec:a6:42:b7:5e:37:47:eb:f9:e5:79:3e:
07:e7:46:1b:62:8e:99:d6:f3:63:b8:d2:a5:cb:90:
e9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:62:30:5D:45:03:5F:02:98:5E:10:F6:DF:46:BC:C0:4F:18:BC:7F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OmIwXUUDXwKYXhD230a8wE8YvH8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a0:a9:3b:78:80:80:33:73:2e:2b:45:41:09:ce:f2:84:4c:
c9:5e:23:61:5f:b9:c0:b4:de:c9:dd:7a:57:da:53:21:62:43:
19:55:f9:87:ef:6f:59:9d:04:96:c2:92:de:23:df:32:75:86:
d2:3b:9f:2e:f4:39:42:5b:64:1f:de:68:11:87:0e:69:ad:03:
1f:1d:bc:2a:ea:a0:54:5d:9c:9e:8e:df:70:2a:34:3b:8b:1b:
14:c2:08:6c:09:23:ec:6a:67:93:01:43:87:bb:2e:76:73:82:
46:9e:33:f4:bc:03:b4:ad:45:9e:5b:d7:51:70:fa:17:7e:33:
52:9c:7a:e1:cf:63:b2:99:52:1e:5f:a2:ad:9e:c2:39:a4:51:
c1:ab:28:51:10:e7:3a:ba:d3:2b:57:0a:e0:a8:2c:42:09:4d:
76:06:2e:ad:b5:75:6e:65:fd:7a:a7:d3:f8:63:33:63:f6:ee:
cb:1e:13:c4:e7:71:a9:ca:32:54:cd:a5:b8:cf:ee:47:0b:1f:
f7:c1:e1:bd:8b:55:d3:e9:67:f8:2d:74:f0:ca:70:c4:20:60:
59:e7:8b:ed:a2:de:32:28:d9:79:c2:fc:a0:f3:a4:7f:f5:45:
6c:fe:8f:f5:7d:74:5b:72:36:c8:47:cf:df:ae:8c:79:8f:c9:
32:26:5c:05
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB5MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDNBNjIzMDVENDUwMzVG
MDI5ODVFMTBGNkRGNDZCQ0MwNEYxOEJDN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX8e+GEnX8fwbziIn59a08UbP42bgomm9cSkskG48eTpOWlbC7
7sgPLEXIsGjaMT/J858RqVZo7UrhXOPp/80pwbd/b0Vn1VNxCpVRjCIkGTLWkkIm
qLRNfK6KcAsf0vqbaMW6btY4duuv2G/1sfySbRcoRcewqyo8T1idzWNBsOJTX4Fm
HSpFf5GIEt/3VKzqPfXvQdI7bs4t9K6Bho6wndDWBrsSHH70DimBfV+igmPbh0yM
+LWeP9xvCyD+ckiCiIYs/mqNVY54SQ3bI/uxdq8j6lKQEVGWb3ZinVowkzDZZeym
QrdeN0fr+eV5PgfnRhtijpnW82O40qXLkOlLAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUOmIwXUUDXwKYXhD230a8wE8YvH8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL09tSXdYVVVEWHdLWVho
RDIzMGE4d0U4WXZIOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABigqTt4gIAzcy4rRUEJzvKETMleI2FfucC0
3sndelfaUyFiQxlV+Yfvb1mdBJbCkt4j3zJ1htI7ny70OUJbZB/eaBGHDmmtAx8d
vCrqoFRdnJ6O33AqNDuLGxTCCGwJI+xqZ5MBQ4e7LnZzgkaeM/S8A7StRZ5b11Fw
+hd+M1KceuHPY7KZUh5foq2ewjmkUcGrKFEQ5zq60ytXCuCoLEIJTXYGLq21dW5l
/Xqn0/hjM2P27sseE8TncanKMlTNpbjP7kcLH/fB4b2LVdPpZ/gtdPDKcMQgYFnn
i+2i3jIo2XnC/KDzpH/1RWz+j/V9dFtyNshHz9+ujHmPyTImXAU=
-----END CERTIFICATE-----
Generated at Wed Sep 11 21:46:36 2024 by rpki-client on console-fra.rpki-client.org