Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/RbOVGVYJQgqKClr0YQjK-gQXcHY.roa
File: RbOVGVYJQgqKClr0YQjK-gQXcHY.roa (raw, json)
Hash identifier: niHfqRptLwitxShDRUDcN8gZzvV1zkkigsp8SoYelNw=
Subject key identifier: 45:B3:95:19:56:09:42:0A:8A:0A:5A:F4:61:08:CA:FA:04:17:70:76
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 020B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/RbOVGVYJQgqKClr0YQjK-gQXcHY.roa
Signing time: Sun 07 Apr 2024 07:55:03 +0000
ROA not before: Sun 07 Apr 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Apr 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 523 (0x20b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 7 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45B395195609420A8A0A5AF46108CAFA04177076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:86:30:0a:2d:6f:d9:ff:e2:d8:ca:ee:5e:86:
77:5a:88:98:9e:95:33:ee:e9:76:eb:86:ea:f7:24:
be:99:81:9a:92:5e:f1:73:16:b3:6a:cc:f2:0c:54:
c8:01:54:01:af:09:a2:67:86:f0:81:fb:0f:46:d9:
b7:70:09:2f:24:c5:0e:71:a7:62:10:3a:46:a4:e9:
6a:6e:00:a6:ad:5e:b3:1a:eb:f5:ca:c0:1e:8e:70:
ee:10:03:67:63:77:d3:c9:33:f9:f3:2b:33:50:ed:
94:7d:b4:02:58:d5:38:a1:6c:d7:02:df:e6:23:ee:
6f:0b:4a:fb:15:35:08:50:1c:1d:c4:8b:5a:5e:cb:
15:9b:16:6b:0e:57:a5:0c:93:fe:bc:66:c2:8f:19:
ba:50:e3:f8:a6:5a:83:1f:30:40:b7:1e:66:ca:b2:
42:27:6a:a3:9a:f9:11:fd:91:f1:0c:cb:f4:6b:09:
ef:47:1b:53:db:ae:6e:0a:4b:0c:bb:34:79:09:13:
5e:0b:b5:19:51:26:03:00:1a:bd:3d:20:99:ab:9f:
f8:a4:6d:4c:52:75:7d:c1:53:47:d8:f0:20:2f:8b:
13:9c:93:c6:02:59:cb:c8:64:a3:ff:4b:34:3b:1f:
42:81:60:59:f8:da:3e:16:48:50:80:9d:2f:52:8a:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B3:95:19:56:09:42:0A:8A:0A:5A:F4:61:08:CA:FA:04:17:70:76
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/RbOVGVYJQgqKClr0YQjK-gQXcHY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:18:5c:4f:02:ba:02:78:d8:6e:32:7d:a7:e0:3c:b1:26:ee:
62:c4:46:9f:67:2d:25:09:b0:3f:dd:d3:5e:60:92:82:98:49:
c3:37:1a:90:3c:44:5e:b8:1a:7b:b3:f7:09:e0:95:06:31:60:
d4:fe:b6:97:08:f0:20:ec:de:39:0f:3f:91:9d:6f:31:fc:0e:
8c:d3:29:58:2f:1c:5a:eb:2b:b1:04:6f:d7:50:f9:95:66:a6:
63:47:59:f0:5e:cf:e7:4a:aa:b4:1a:a0:cf:9a:6d:e4:fc:42:
a0:4f:6f:e1:40:05:87:cc:16:97:2f:3e:3d:83:53:4c:88:3f:
aa:81:d1:c9:d6:96:94:7e:bc:e4:a9:99:8c:85:3b:49:d2:ad:
13:8c:00:20:36:16:f2:88:18:ef:f7:e9:25:ef:c4:07:bb:3d:
86:7a:ef:0b:cb:f1:1a:7b:de:f5:a2:35:ab:c4:15:ad:ba:85:
e4:a7:dc:f5:7b:73:a8:26:75:85:d3:b1:97:f4:23:73:eb:65:
99:09:56:cf:a5:c5:d1:2b:03:77:e2:1c:bf:7c:8b:7c:da:4a:
fa:07:33:1e:46:cb:54:d3:64:1c:93:5e:c6:88:cf:cd:5f:ff:
39:2a:5b:fe:83:b8:37:5e:18:68:0c:b9:b2:2e:3a:ba:bf:d8:
1c:95:31:e7
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ1QjM5NTE5NTYwOTQy
MEE4QTBBNUFGNDYxMDhDQUZBMDQxNzcwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDhjAKLW/Z/+LYyu5ehndaiJielTPu6Xbrhur3JL6ZgZqSXvFz
FrNqzPIMVMgBVAGvCaJnhvCB+w9G2bdwCS8kxQ5xp2IQOkak6WpuAKatXrMa6/XK
wB6OcO4QA2djd9PJM/nzKzNQ7ZR9tAJY1TihbNcC3+Yj7m8LSvsVNQhQHB3Ei1pe
yxWbFmsOV6UMk/68ZsKPGbpQ4/imWoMfMEC3HmbKskInaqOa+RH9kfEMy/RrCe9H
G1Pbrm4KSwy7NHkJE14LtRlRJgMAGr09IJmrn/ikbUxSdX3BU0fY8CAvixOck8YC
WcvIZKP/SzQ7H0KBYFn42j4WSFCAnS9SihJLAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQURbOVGVYJQgqKClr0YQjK+gQXcHYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1JiT1ZHVllKUWdxS0Ns
cjBZUWpLLWdRWGNIWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANQYXE8CugJ42G4yfafgPLEm7mLERp9nLSUJ
sD/d015gkoKYScM3GpA8RF64Gnuz9wnglQYxYNT+tpcI8CDs3jkPP5GdbzH8DozT
KVgvHFrrK7EEb9dQ+ZVmpmNHWfBez+dKqrQaoM+abeT8QqBPb+FABYfMFpcvPj2D
U0yIP6qB0cnWlpR+vOSpmYyFO0nSrROMACA2FvKIGO/36SXvxAe7PYZ67wvL8Rp7
3vWiNavEFa26heSn3PV7c6gmdYXTsZf0I3PrZZkJVs+lxdErA3fiHL98i3zaSvoH
Mx5Gy1TTZByTXsaIz81f/zkqW/6DuDdeGGgMubIuOrq/2ByVMec=
-----END CERTIFICATE-----
Generated at Sun Apr 7 14:14:23 2024 by rpki-client on console-ams.rpki-client.org