Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/S67X7p13PqfysrxmFra_X4kLtlo.roa
File: S67X7p13PqfysrxmFra_X4kLtlo.roa (raw, json)
Hash identifier: gdoQUjTMBPh3Fg76HUVQba2X8Wvajsh/IHPl6CzAyuM=
Subject key identifier: 4B:AE:D7:EE:9D:77:3E:A7:F2:B2:BC:66:16:B6:BF:5F:89:0B:B6:5A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0667
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/S67X7p13PqfysrxmFra_X4kLtlo.roa
Signing time: Fri 09 Aug 2024 07:55:03 +0000
ROA not before: Fri 09 Aug 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1639 (0x667)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 9 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4BAED7EE9D773EA7F2B2BC6616B6BF5F890BB65A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4a:fb:d4:3c:e4:f5:6b:aa:70:e7:60:85:31:
6a:de:55:eb:99:b0:16:bd:aa:fc:fa:07:a2:dd:49:
cc:1c:07:bd:d0:49:7e:bf:66:dc:7e:10:8d:d0:61:
0d:a2:85:68:26:0e:5d:75:14:16:02:bd:b6:d0:9a:
10:e5:05:e3:45:8b:a3:b4:98:37:b1:aa:68:19:19:
45:a6:16:2c:81:ad:67:0b:75:7b:c5:3a:e1:8c:07:
99:8f:0f:be:24:ef:81:05:4f:1b:20:93:bd:be:57:
58:55:fd:9d:c0:8a:97:12:d4:5d:ff:73:d7:08:ba:
15:b0:96:33:fd:07:ab:c7:ec:35:f6:9b:4c:5e:21:
cf:9a:da:ae:06:9c:67:98:7e:bc:10:28:e2:78:8d:
d8:ce:4b:9f:0d:54:46:0e:44:99:63:3f:26:30:fc:
e3:02:8e:9c:be:3e:5f:9c:2e:a1:07:e2:91:a8:36:
06:df:71:33:3e:ce:54:79:7a:f5:8c:60:3a:34:40:
ce:7b:49:0c:17:34:a5:ab:ed:c1:69:90:89:5d:7a:
d5:9d:74:bc:f3:cc:c4:b1:72:d8:43:21:e9:52:e5:
2f:32:5a:6c:b1:bc:ad:7e:12:f3:56:f7:4d:c2:cd:
36:4c:ea:a1:61:92:26:47:8d:8e:19:2a:06:3d:6c:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AE:D7:EE:9D:77:3E:A7:F2:B2:BC:66:16:B6:BF:5F:89:0B:B6:5A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/S67X7p13PqfysrxmFra_X4kLtlo.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:c6:cc:54:78:63:15:e9:23:5e:02:89:c1:97:a6:fb:d0:fc:
09:16:1a:8c:17:f6:8b:f8:15:a5:32:91:e4:3d:68:26:23:28:
e3:b1:2c:4b:7d:4d:48:6e:df:b9:69:be:f0:4f:7b:5a:5a:43:
dd:e6:f5:94:1f:f8:5e:03:65:eb:35:27:f4:da:2d:ea:45:f3:
57:08:94:a5:91:54:99:a8:bf:01:ae:d4:9c:0f:af:43:ac:0f:
ae:43:fd:6b:2c:57:6d:12:78:92:f3:8e:6c:d9:c6:6b:8e:50:
6d:49:50:ed:4c:44:10:ad:f0:f5:ca:e2:69:81:64:4f:c7:71:
6f:78:e8:98:6a:b3:29:f1:75:cb:37:42:7e:b5:34:ad:f9:40:
42:5e:e9:6d:90:be:2b:d5:ae:dd:09:b6:9c:c5:15:59:2f:af:
83:15:b5:09:ee:00:a8:01:7b:34:2a:f8:af:ab:7c:6d:bf:59:
cf:7f:bd:c9:bd:40:37:dc:8b:ce:9b:13:7e:49:8c:10:47:ab:
a4:89:29:6a:27:e9:2c:61:4e:32:de:2e:47:d7:ee:ce:e7:f9:
0d:b8:a6:e9:79:db:f1:30:1b:f3:61:35:8f:9c:11:9c:3a:26:
14:9a:30:c4:33:72:70:a4:0f:e9:52:dd:c9:c6:de:9c:c6:eb:
11:d0:7c:f2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDkw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRCQUVEN0VFOUQ3NzNF
QTdGMkIyQkM2NjE2QjZCRjVGODkwQkI2NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjSvvUPOT1a6pw52CFMWreVeuZsBa9qvz6B6LdScwcB73QSX6/
Ztx+EI3QYQ2ihWgmDl11FBYCvbbQmhDlBeNFi6O0mDexqmgZGUWmFiyBrWcLdXvF
OuGMB5mPD74k74EFTxsgk72+V1hV/Z3AipcS1F3/c9cIuhWwljP9B6vH7DX2m0xe
Ic+a2q4GnGeYfrwQKOJ4jdjOS58NVEYORJljPyYw/OMCjpy+Pl+cLqEH4pGoNgbf
cTM+zlR5evWMYDo0QM57SQwXNKWr7cFpkIldetWddLzzzMSxcthDIelS5S8yWmyx
vK1+EvNW903CzTZM6qFhkiZHjY4ZKgY9bJknAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUS67X7p13PqfysrxmFra/X4kLtlowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1M2N1g3cDEzUHFmeXNy
eG1GcmFfWDRrTHRsby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKLGzFR4YxXpI14CicGXpvvQ/AkWGowX9ov4
FaUykeQ9aCYjKOOxLEt9TUhu37lpvvBPe1paQ93m9ZQf+F4DZes1J/TaLepF81cI
lKWRVJmovwGu1JwPr0OsD65D/WssV20SeJLzjmzZxmuOUG1JUO1MRBCt8PXK4mmB
ZE/HcW946Jhqsynxdcs3Qn61NK35QEJe6W2QvivVrt0JtpzFFVkvr4MVtQnuAKgB
ezQq+K+rfG2/Wc9/vcm9QDfci86bE35JjBBHq6SJKWon6SxhTjLeLkfX7s7n+Q24
pul52/EwG/NhNY+cEZw6JhSaMMQzcnCkD+lS3cnG3pzG6xHQfPI=
-----END CERTIFICATE-----
Generated at Fri Aug 9 15:43:32 2024 by rpki-client on console-ams.rpki-client.org