Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/S-XXJpJGC3HL-nk0JggGqAROSmQ.roa
File: S-XXJpJGC3HL-nk0JggGqAROSmQ.roa (raw, json)
Hash identifier: Ij6DCQVbTQmw8P4/HQDBGdlR42iVC8ZitFme4dlO/o4=
Subject key identifier: 4B:E5:D7:26:92:46:0B:71:CB:FA:79:34:26:08:06:A8:04:4E:4A:64
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0409
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/S-XXJpJGC3HL-nk0JggGqAROSmQ.roa
Signing time: Sun 02 Jun 2024 23:55:03 +0000
ROA not before: Sun 02 Jun 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1033 (0x409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 2 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4BE5D72692460B71CBFA7934260806A8044E4A64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f4:76:67:69:39:2b:8e:9f:5e:f2:16:53:a0:
00:b5:b1:01:f5:fe:8f:d6:c6:12:02:6d:c5:df:23:
4f:b7:03:dc:47:d7:4f:b0:6d:13:e0:ec:f6:af:d2:
50:44:49:16:95:9f:61:da:ab:f1:9a:79:3c:72:c0:
90:80:c3:06:41:02:88:09:95:0e:17:74:c5:23:c6:
6f:bd:93:36:6c:07:35:1b:45:db:b3:31:26:35:37:
3b:bd:49:23:f3:37:ed:0e:8e:e0:79:d6:c5:4f:1f:
b9:0c:52:f1:e5:f8:2d:86:81:cc:2f:7d:d0:e9:70:
bd:89:10:93:1c:ec:4c:e4:73:39:48:88:4d:ab:bb:
52:2d:55:72:5d:c6:fb:f7:c5:17:12:7f:55:d9:17:
31:2d:47:08:6c:33:4a:31:bf:4b:9d:cb:6c:26:dc:
62:73:dd:07:8f:76:b6:84:fa:01:2e:39:1e:e7:79:
63:da:65:9f:43:51:af:af:40:03:63:25:fa:1f:cd:
be:bd:ce:8a:9c:50:9c:4b:22:b3:8c:1a:e7:b9:94:
bb:af:0b:29:97:d8:cc:7a:41:7d:5c:69:d3:cf:b4:
4a:1e:0d:81:51:c0:b7:df:e5:af:c2:94:9d:52:18:
ba:c3:79:6c:3e:11:06:30:9f:91:68:d2:3a:0b:b2:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E5:D7:26:92:46:0B:71:CB:FA:79:34:26:08:06:A8:04:4E:4A:64
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/S-XXJpJGC3HL-nk0JggGqAROSmQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:8c:09:76:68:2c:f7:88:62:04:9b:e3:20:0c:b6:e6:ac:ce:
78:35:9c:ff:de:de:dc:1f:a2:39:45:2f:c0:ee:b2:c8:1d:1e:
22:09:4c:64:d1:d8:fa:1c:62:3a:85:7d:d7:f7:75:eb:2f:ce:
b1:98:db:19:ab:fc:77:fb:f5:69:ea:59:9e:20:ad:9a:2f:d0:
d2:bc:ad:d2:d5:1f:8c:73:85:fc:d6:a4:31:5c:8f:60:18:fa:
7e:31:b8:20:c9:d5:2c:45:82:6e:81:4f:cf:40:cb:e6:11:d1:
d3:23:e2:71:cb:5d:eb:cf:cd:bb:59:ca:b3:26:46:13:bd:2e:
75:1d:e7:ab:fb:6e:6d:67:20:42:ee:4b:07:e9:ef:65:bd:ad:
bb:bc:ae:7a:3a:15:22:a6:76:ce:24:f4:cb:0d:c1:e5:09:79:
40:71:f2:27:f4:04:47:69:aa:9c:b3:8d:99:55:5c:8c:49:a4:
fc:fd:64:04:af:d4:9e:2e:88:28:00:09:87:c1:e2:a6:9d:10:
7d:79:dc:17:4f:fb:1f:ba:79:6c:fa:a9:73:41:db:80:d7:21:
b5:9f:36:33:dd:12:e2:f8:94:80:ae:49:b5:a6:d6:2b:fd:07:
0d:f3:88:90:df:61:b9:6c:b2:66:e5:14:89:e8:a5:82:59:a7:
e0:3b:d8:e9
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRCRTVENzI2OTI0NjBC
NzFDQkZBNzkzNDI2MDgwNkE4MDQ0RTRBNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp9HZnaTkrjp9e8hZToAC1sQH1/o/WxhICbcXfI0+3A9xH10+w
bRPg7Pav0lBESRaVn2Haq/GaeTxywJCAwwZBAogJlQ4XdMUjxm+9kzZsBzUbRduz
MSY1Nzu9SSPzN+0OjuB51sVPH7kMUvHl+C2GgcwvfdDpcL2JEJMc7EzkczlIiE2r
u1ItVXJdxvv3xRcSf1XZFzEtRwhsM0oxv0udy2wm3GJz3QePdraE+gEuOR7neWPa
ZZ9DUa+vQANjJfofzb69zoqcUJxLIrOMGue5lLuvCymX2Mx6QX1cadPPtEoeDYFR
wLff5a/ClJ1SGLrDeWw+EQYwn5Fo0joLsovRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUS+XXJpJGC3HL+nk0JggGqAROSmQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1MtWFhKcEpHQzNITC1u
azBKZ2dHcUFST1NtUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKCMCXZoLPeIYgSb4yAMtuaszng1nP/e3twf
ojlFL8DussgdHiIJTGTR2PocYjqFfdf3desvzrGY2xmr/Hf79WnqWZ4grZov0NK8
rdLVH4xzhfzWpDFcj2AY+n4xuCDJ1SxFgm6BT89Ay+YR0dMj4nHLXevPzbtZyrMm
RhO9LnUd56v7bm1nIELuSwfp72W9rbu8rno6FSKmds4k9MsNweUJeUBx8if0BEdp
qpyzjZlVXIxJpPz9ZASv1J4uiCgACYfB4qadEH153BdP+x+6eWz6qXNB24DXIbWf
NjPdEuL4lICuSbWm1iv9Bw3ziJDfYblssmblFInopYJZp+A72Ok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org