Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Uz5SLhcva2Jmt62OhimolbZFBs0.roa
File: Uz5SLhcva2Jmt62OhimolbZFBs0.roa (raw, json)
Hash identifier: gMZbr6YwTmkSMh2vaAaLF1DbGrAGhR3b0sZjp7APh5o=
Subject key identifier: 53:3E:52:2E:17:2F:6B:62:66:B7:AD:8E:86:29:A8:95:B6:45:06:CD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0649
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Uz5SLhcva2Jmt62OhimolbZFBs0.roa
Signing time: Mon 05 Aug 2024 23:55:03 +0000
ROA not before: Mon 05 Aug 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1609 (0x649)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 5 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=533E522E172F6B6266B7AD8E8629A895B64506CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:64:b3:fa:eb:28:a0:fe:75:7c:63:b1:65:25:
51:4e:72:c9:fe:4e:7c:ad:e7:70:de:ae:0f:89:e0:
35:7d:1f:05:1f:c5:02:87:a7:4a:3d:96:56:c9:12:
55:37:46:f5:99:29:4e:26:25:53:ca:dd:fc:4c:d6:
91:a8:d2:78:df:95:b0:c3:4f:64:66:8b:fd:0d:75:
ee:69:55:81:d2:bd:71:68:d6:30:aa:21:3f:42:bc:
83:36:8b:29:4b:5e:63:45:6a:1d:ad:c1:3b:3e:a8:
cc:dd:6b:07:e2:8f:c6:ec:32:10:f5:99:01:d5:a8:
15:62:92:05:14:09:fe:cb:f8:c4:dd:4e:b7:f3:42:
19:dc:f3:ac:02:7b:b2:42:b8:ee:69:db:75:06:62:
ae:3a:c5:a9:91:d3:d5:df:2f:92:d8:95:a0:8f:25:
1e:49:0c:bf:86:4d:f9:23:87:a6:e3:f7:ec:1f:08:
14:2d:fb:35:18:e1:00:98:41:af:d7:34:0c:58:ff:
25:a5:b4:fc:32:43:8a:bf:38:01:d9:81:66:86:9b:
20:18:96:a0:39:87:ea:68:49:0a:c4:f2:cc:51:78:
0d:17:d2:bb:e5:1c:16:57:0e:ab:05:4e:4c:5e:e3:
c9:6d:33:a3:64:6d:b8:ff:f3:cb:6a:1c:b1:1f:5c:
fb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3E:52:2E:17:2F:6B:62:66:B7:AD:8E:86:29:A8:95:B6:45:06:CD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Uz5SLhcva2Jmt62OhimolbZFBs0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d2:de:6e:0f:51:ec:6d:45:11:03:6f:5e:13:04:e3:e0:41:
f9:32:ed:db:e3:50:2b:c5:76:c2:0e:95:4b:e0:2a:b1:ab:d5:
97:79:9f:9d:1b:67:60:07:7b:bc:bc:2e:0a:6d:82:b0:79:94:
b1:3d:77:af:3b:b0:fd:25:8c:c4:3d:eb:29:c7:2c:4c:00:54:
55:84:c1:5b:d5:7c:46:91:86:93:1a:2d:af:c7:4d:2c:f4:0c:
67:8f:ac:de:be:82:29:2d:3d:41:82:9d:1d:2d:d2:3a:a2:4a:
ba:ac:16:b7:fd:b6:33:d0:51:8f:64:99:c1:50:38:e3:7e:d7:
85:17:e0:09:bd:ce:a6:e6:08:89:41:5e:d0:8b:71:41:8e:1f:
a0:0e:24:88:e7:c0:17:5f:53:14:5e:09:6b:6a:55:d2:78:38:
59:af:91:d0:a6:34:19:6b:a6:41:a5:3a:23:0d:fd:27:1f:ee:
64:bf:d0:e7:a6:1b:df:40:44:0e:dc:45:c8:fc:ca:76:d2:ea:
b8:8b:f8:72:75:8d:81:f4:89:f9:38:80:c8:b5:aa:58:61:d2:
16:06:6b:61:4b:71:5a:1a:2c:ee:a9:eb:51:84:db:67:56:2f:
f3:60:10:39:8e:1a:5e:dd:4f:a1:c5:57:e0:a6:92:63:69:31:
0e:88:ea:3f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDUy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUzM0U1MjJFMTcyRjZC
NjI2NkI3QUQ4RTg2MjlBODk1QjY0NTA2Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFZLP66yig/nV8Y7FlJVFOcsn+Tnyt53Derg+J4DV9HwUfxQKH
p0o9llbJElU3RvWZKU4mJVPK3fxM1pGo0njflbDDT2Rmi/0Nde5pVYHSvXFo1jCq
IT9CvIM2iylLXmNFah2twTs+qMzdawfij8bsMhD1mQHVqBVikgUUCf7L+MTdTrfz
Qhnc86wCe7JCuO5p23UGYq46xamR09XfL5LYlaCPJR5JDL+GTfkjh6bj9+wfCBQt
+zUY4QCYQa/XNAxY/yWltPwyQ4q/OAHZgWaGmyAYlqA5h+poSQrE8sxReA0X0rvl
HBZXDqsFTkxe48ltM6Nkbbj/88tqHLEfXPvFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUUz5SLhcva2Jmt62OhimolbZFBs0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1V6NVNMaGN2YTJKbXQ2
Mk9oaW1vbGJaRkJzMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAF/S3m4PUextRREDb14TBOPgQfky7dvjUCvF
dsIOlUvgKrGr1Zd5n50bZ2AHe7y8LgptgrB5lLE9d687sP0ljMQ96ynHLEwAVFWE
wVvVfEaRhpMaLa/HTSz0DGePrN6+giktPUGCnR0t0jqiSrqsFrf9tjPQUY9kmcFQ
OON+14UX4Am9zqbmCIlBXtCLcUGOH6AOJIjnwBdfUxReCWtqVdJ4OFmvkdCmNBlr
pkGlOiMN/Scf7mS/0OemG99ARA7cRcj8ynbS6riL+HJ1jYH0ifk4gMi1qlhh0hYG
a2FLcVoaLO6p61GE22dWL/NgEDmOGl7dT6HFV+CmkmNpMQ6I6j8=
-----END CERTIFICATE-----
Generated at Tue Aug 6 05:26:03 2024 by rpki-client on console-ams.rpki-client.org