Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/RQmBB3e5cZlDd1pzYVv93mJb2II.roa
File: RQmBB3e5cZlDd1pzYVv93mJb2II.roa (raw, json)
Hash identifier: j51pxII1J3dwtCIUowhPthFkVKLDPZH6ezCPCziAFjo=
Subject key identifier: 45:09:81:07:77:B9:71:99:43:77:5A:73:61:5B:FD:DE:62:5B:D8:82
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0301
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/RQmBB3e5cZlDd1pzYVv93mJb2II.roa
Signing time: Sat 04 May 2024 15:55:03 +0000
ROA not before: Sat 04 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 May 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 769 (0x301)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 4 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4509810777B9719943775A73615BFDDE625BD882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d6:68:e6:e0:1f:a1:0d:86:e8:95:a7:f3:38:
87:85:c3:9a:d1:33:f1:a8:c5:dc:d5:ce:09:0b:4c:
47:a0:cd:32:06:12:d7:98:7f:03:8f:05:e9:de:cc:
da:99:82:81:b6:7c:f3:45:57:db:0e:7c:ca:c8:3f:
17:7e:a8:db:4d:88:0e:fc:e6:20:07:ce:a0:85:6a:
59:f8:1c:be:09:0a:57:a5:8e:b7:55:9b:11:6c:10:
34:1b:63:be:0d:24:70:d8:a4:9c:cd:c2:1b:68:da:
d1:d6:88:06:78:11:0b:28:c5:c1:35:76:b2:bc:06:
21:2b:8b:a1:c2:15:87:7c:a0:1c:e5:36:ae:53:cb:
15:9b:5f:a8:8c:24:28:0f:96:fa:a1:30:41:cf:44:
77:24:18:ac:8d:9f:71:bb:81:de:24:4e:b7:36:69:
62:de:b7:4c:dc:00:61:3b:ce:10:6e:e5:5a:77:a5:
31:27:6f:03:47:56:c2:71:73:e4:17:90:34:7b:d5:
1a:e9:40:ca:09:17:1c:27:11:87:6a:78:11:aa:ee:
77:ab:be:d8:51:db:b6:f1:de:95:18:be:58:6d:85:
3a:5a:44:fe:db:9b:8c:fb:47:a0:27:1a:d5:f7:07:
f3:66:d9:02:28:a7:85:5e:a2:8e:86:d8:20:58:bc:
71:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:09:81:07:77:B9:71:99:43:77:5A:73:61:5B:FD:DE:62:5B:D8:82
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/RQmBB3e5cZlDd1pzYVv93mJb2II.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
db:0d:9a:c9:6e:d7:e7:44:04:f7:20:04:9d:8a:44:3d:58:2f:
56:37:af:59:c1:92:e2:18:65:a9:17:2f:3c:50:15:83:3c:19:
a2:21:10:53:86:5a:67:99:39:00:14:89:0c:9b:7d:e0:25:1f:
2d:a4:3f:49:50:38:0d:6e:88:b4:12:57:2c:af:e4:5b:8b:03:
03:7e:c6:a8:de:a8:bf:70:f7:a8:3d:51:70:8c:ba:02:de:40:
3b:6f:a7:b4:9a:c3:5a:fe:78:b1:d8:02:dc:fe:8c:16:a9:55:
1b:83:3b:5b:b5:7f:9a:64:f1:08:07:0c:b1:1a:42:85:01:9a:
73:5f:91:55:9b:39:26:d1:41:a3:33:8e:da:10:06:3f:1a:56:
92:3e:31:ce:a9:75:59:0c:85:ed:6d:53:a8:f6:67:30:75:5a:
27:fd:fb:ac:9c:f0:04:25:a4:e0:fa:81:a2:11:63:ca:a5:a5:
28:76:2b:21:3f:9a:fa:9b:c3:38:60:67:32:eb:67:2a:dc:f7:
a8:98:82:3b:95:a6:3b:45:2d:ee:88:86:48:0e:c5:4e:1a:2e:
77:e3:24:f8:0b:ca:39:eb:29:fe:eb:85:1d:6e:37:7c:ea:d9:
fd:cb:64:45:55:fe:8f:db:56:7b:e9:51:a1:b5:e2:b3:26:0e:
6a:11:dc:58
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDQx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ1MDk4MTA3NzdCOTcx
OTk0Mzc3NUE3MzYxNUJGRERFNjI1QkQ4ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS1mjm4B+hDYbolafzOIeFw5rRM/GoxdzVzgkLTEegzTIGEteY
fwOPBenezNqZgoG2fPNFV9sOfMrIPxd+qNtNiA785iAHzqCFaln4HL4JCleljrdV
mxFsEDQbY74NJHDYpJzNwhto2tHWiAZ4EQsoxcE1drK8BiEri6HCFYd8oBzlNq5T
yxWbX6iMJCgPlvqhMEHPRHckGKyNn3G7gd4kTrc2aWLet0zcAGE7zhBu5Vp3pTEn
bwNHVsJxc+QXkDR71RrpQMoJFxwnEYdqeBGq7nervthR27bx3pUYvlhthTpaRP7b
m4z7R6AnGtX3B/Nm2QIop4Veoo6G2CBYvHFHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQURQmBB3e5cZlDd1pzYVv93mJb2IIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1JRbUJCM2U1Y1psRGQx
cHpZVnY5M21KYjJJSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANsNmslu1+dEBPcgBJ2KRD1YL1Y3r1nBkuIY
ZakXLzxQFYM8GaIhEFOGWmeZOQAUiQybfeAlHy2kP0lQOA1uiLQSVyyv5FuLAwN+
xqjeqL9w96g9UXCMugLeQDtvp7Saw1r+eLHYAtz+jBapVRuDO1u1f5pk8QgHDLEa
QoUBmnNfkVWbOSbRQaMzjtoQBj8aVpI+Mc6pdVkMhe1tU6j2ZzB1Wif9+6yc8AQl
pOD6gaIRY8qlpSh2KyE/mvqbwzhgZzLrZyrc96iYgjuVpjtFLe6IhkgOxU4aLnfj
JPgLyjnrKf7rhR1uN3zq2f3LZEVV/o/bVnvpUaG14rMmDmoR3Fg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org