Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/QlU5TZAE7o51npOMALTG75uQUUQ.roa
File: QlU5TZAE7o51npOMALTG75uQUUQ.roa (raw, json)
Hash identifier: 0DoxJFiDc5204zKBFFFfCbXUIJBw85YpBeNAst3JVNU=
Subject key identifier: 42:55:39:4D:90:04:EE:8E:75:9E:93:8C:00:B4:C6:EF:9B:90:51:44
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 04ED
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QlU5TZAE7o51npOMALTG75uQUUQ.roa
Signing time: Fri 28 Jun 2024 07:55:04 +0000
ROA not before: Fri 28 Jun 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1261 (0x4ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 28 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4255394D9004EE8E759E938C00B4C6EF9B905144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:e7:7b:6d:54:d3:05:2d:0e:48:a5:cb:3b:
90:5f:bf:c1:69:81:ac:2d:95:ea:29:73:d1:f8:52:
86:90:28:8b:ad:e7:88:fd:d2:a4:ca:b8:e6:3f:4e:
73:19:f9:69:60:ad:64:eb:a9:55:51:5c:1a:83:0a:
fa:5b:a0:81:5b:f8:4e:8e:90:3e:67:0e:66:86:d5:
a8:34:ef:16:9a:f9:72:fb:dd:ee:cf:ba:01:d3:18:
5b:98:5e:cc:cf:0e:05:bf:d8:21:bb:72:d5:fe:5e:
fe:88:e5:93:47:7b:65:52:d6:ca:1f:cf:e2:8c:71:
57:9b:3d:bb:4b:a7:c6:2d:ec:82:b6:f4:e6:26:8b:
e3:ad:f6:9d:37:1b:dc:21:bb:91:ab:74:cc:3e:5a:
94:36:8f:54:26:62:d2:05:06:e1:b1:10:64:64:32:
a0:30:d5:35:c7:07:3c:b9:62:6b:e7:6e:fa:6f:d1:
af:48:5b:5e:da:76:52:a3:62:8b:b4:a8:23:3d:5e:
1b:31:4f:d1:3e:1a:c9:5e:f9:7c:ba:d8:14:d8:e1:
ed:b3:35:6d:4f:9c:77:51:0e:cd:a1:e2:fa:df:5e:
3e:ab:de:9b:82:28:45:bc:1f:e7:ea:0a:bd:3a:2b:
71:6e:6c:be:0b:a7:0d:8b:92:5e:11:99:3f:20:a1:
fe:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:55:39:4D:90:04:EE:8E:75:9E:93:8C:00:B4:C6:EF:9B:90:51:44
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QlU5TZAE7o51npOMALTG75uQUUQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:af:dd:e3:2d:d4:b5:e0:1c:48:d3:d9:75:15:27:bb:c3:0e:
f1:ec:54:d4:88:73:8a:83:af:25:1a:f3:75:2b:93:08:76:d5:
77:ef:e1:8e:e9:bc:67:3f:99:41:48:39:ae:00:f3:90:fc:a6:
98:fd:2f:82:96:65:12:6c:15:18:6d:b5:c6:61:34:7a:e8:79:
a1:a8:20:f4:82:7a:80:a8:01:d6:09:ed:18:5f:01:db:ca:4c:
50:78:c9:64:95:f9:45:c2:3f:84:88:02:c0:7a:fd:bd:1d:9e:
f3:89:bd:99:31:4b:f4:08:1d:66:c4:fb:79:db:f9:da:6c:24:
01:8d:3b:c1:b5:bc:4d:2a:18:ed:5a:f5:3b:4b:97:13:4e:0b:
66:cd:4e:39:a7:98:4e:8a:e4:c0:bb:ed:6a:6a:09:f1:54:28:
51:10:32:ab:4f:39:f6:9e:b0:9a:bd:b4:29:c6:e9:78:42:69:
f4:f4:de:65:96:4d:41:74:2c:3c:40:26:d5:fc:88:f7:22:45:
a6:e5:5e:00:53:f5:c8:df:66:89:0a:8f:cc:76:f6:a0:cc:7b:
71:18:6b:fe:22:a4:d7:e8:fe:0d:53:c6:36:17:e5:4f:0a:9e:
ae:26:d9:b1:8d:da:c2:65:0e:2e:27:76:3e:33:71:a9:03:ce:
19:79:d7:0e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2Mjgw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQyNTUzOTREOTAwNEVF
OEU3NTlFOTM4QzAwQjRDNkVGOUI5MDUxNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC01+d7bVTTBS0OSKXLO5Bfv8Fpgawtleopc9H4UoaQKIut54j9
0qTKuOY/TnMZ+WlgrWTrqVVRXBqDCvpboIFb+E6OkD5nDmaG1ag07xaa+XL73e7P
ugHTGFuYXszPDgW/2CG7ctX+Xv6I5ZNHe2VS1sofz+KMcVebPbtLp8Yt7IK29OYm
i+Ot9p03G9whu5GrdMw+WpQ2j1QmYtIFBuGxEGRkMqAw1TXHBzy5Ymvnbvpv0a9I
W17adlKjYou0qCM9XhsxT9E+Gsle+Xy62BTY4e2zNW1PnHdRDs2h4vrfXj6r3puC
KEW8H+fqCr06K3FubL4Lpw2Lkl4RmT8gof73AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQlU5TZAE7o51npOMALTG75uQUUQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1FsVTVUWkFFN281MW5w
T01BTFRHNzV1UVVVUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMev3eMt1LXgHEjT2XUVJ7vDDvHsVNSIc4qD
ryUa83Urkwh21Xfv4Y7pvGc/mUFIOa4A85D8ppj9L4KWZRJsFRhttcZhNHroeaGo
IPSCeoCoAdYJ7RhfAdvKTFB4yWSV+UXCP4SIAsB6/b0dnvOJvZkxS/QIHWbE+3nb
+dpsJAGNO8G1vE0qGO1a9TtLlxNOC2bNTjmnmE6K5MC77WpqCfFUKFEQMqtPOfae
sJq9tCnG6XhCafT03mWWTUF0LDxAJtX8iPciRablXgBT9cjfZokKj8x29qDMe3EY
a/4ipNfo/g1TxjYX5U8Knq4m2bGN2sJlDi4ndj4zcakDzhl51w4=
-----END CERTIFICATE-----
Generated at Fri Jun 28 18:19:04 2024 by rpki-client on console-fra.rpki-client.org