Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/W1YD9zCrLH36u5hqIWCOWGZYVmA.roa
File: W1YD9zCrLH36u5hqIWCOWGZYVmA.roa (raw, json)
Hash identifier: fgwom3yBXPMwnLgS18La9rZyWf+emWw3OVZDZoWvjis=
Subject key identifier: 5B:56:03:F7:30:AB:2C:7D:FA:BB:98:6A:21:60:8E:58:66:58:56:60
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 04B4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/W1YD9zCrLH36u5hqIWCOWGZYVmA.roa
Signing time: Fri 21 Jun 2024 23:55:03 +0000
ROA not before: Fri 21 Jun 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1204 (0x4b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 21 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5B5603F730AB2C7DFABB986A21608E5866585660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:13:3a:2b:ef:a8:31:85:f8:97:eb:75:e7:d0:
f8:23:a6:03:1f:aa:43:5e:81:3c:18:9c:0d:54:66:
cd:08:b6:c7:62:43:02:cb:e4:a8:8f:77:a4:4d:84:
6d:b7:ff:5b:29:7d:8d:d0:23:6c:80:fe:c0:ad:3f:
d7:78:92:a8:6c:e0:18:05:8b:91:55:73:9a:91:8f:
6a:2c:e6:61:7e:84:e3:e6:56:d2:7f:26:50:70:4f:
f5:56:6e:de:df:f6:ee:db:e7:73:aa:53:5f:dd:05:
8e:db:7a:f7:07:02:04:5f:06:c8:2f:bd:bf:b9:de:
04:63:92:56:ff:c8:2d:91:36:10:99:38:56:0b:ac:
4e:56:e4:fd:ab:6b:6f:9d:29:24:d8:38:9d:68:95:
9c:f4:c8:0e:93:29:c7:b2:50:1f:b1:16:08:1c:f1:
56:e5:c2:1f:5f:c5:0c:8f:18:2b:b8:13:9e:dc:5d:
20:96:65:41:3a:85:64:d7:66:31:29:ea:5f:de:c3:
69:c4:4a:57:2f:3b:22:12:aa:9b:24:e5:53:78:ba:
eb:70:0a:f1:30:c9:34:50:02:95:f1:b0:99:4a:cb:
92:0c:c7:29:b5:50:d8:57:de:5f:3f:48:95:25:a8:
e9:7c:63:39:a7:fd:25:74:88:bb:9a:c3:61:8e:29:
46:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:56:03:F7:30:AB:2C:7D:FA:BB:98:6A:21:60:8E:58:66:58:56:60
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/W1YD9zCrLH36u5hqIWCOWGZYVmA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:ec:af:5e:1d:26:b7:ed:8e:36:53:c3:6b:34:bd:61:21:d3:
73:11:40:5a:3f:c3:75:a0:03:f9:63:d4:87:b6:6a:da:2f:31:
f4:b9:9e:47:d7:2b:98:63:6f:90:bc:94:19:47:99:f8:fa:c0:
9c:80:b8:67:01:25:06:d3:4e:14:2a:89:41:67:1f:22:81:9c:
ef:01:ea:80:b4:21:17:de:08:34:08:1a:df:ea:4b:c9:b5:0a:
72:84:20:88:b5:ce:6d:d1:8b:a4:05:f3:be:ef:a6:30:6a:4e:
40:7b:0a:34:89:19:c6:95:4e:ff:f4:76:83:21:0f:a6:bf:4a:
6c:6a:d5:6b:25:29:b0:42:0a:9f:6c:b9:69:c2:80:c0:f2:fe:
0a:cc:e8:d1:a6:d9:b2:82:81:64:e0:38:c4:d6:0b:36:96:55:
e6:02:1f:f6:7d:18:28:fd:4e:19:e0:f9:f8:b4:74:57:3d:ac:
fe:9b:36:4f:3d:2f:95:65:9c:c0:f9:72:b0:56:5e:ff:32:3a:
4e:12:b3:30:5a:ab:3b:71:34:29:e7:39:83:6f:07:a4:05:ca:
26:5a:b4:90:89:d9:28:6b:ae:24:58:11:d5:50:cf:03:3d:18:
27:47:ca:70:00:52:f8:7f:09:26:15:ba:25:be:60:b4:46:1a:
53:68:be:1d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MjEy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVCNTYwM0Y3MzBBQjJD
N0RGQUJCOTg2QTIxNjA4RTU4NjY1ODU2NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwEzor76gxhfiX63Xn0PgjpgMfqkNegTwYnA1UZs0ItsdiQwLL
5KiPd6RNhG23/1spfY3QI2yA/sCtP9d4kqhs4BgFi5FVc5qRj2os5mF+hOPmVtJ/
JlBwT/VWbt7f9u7b53OqU1/dBY7bevcHAgRfBsgvvb+53gRjklb/yC2RNhCZOFYL
rE5W5P2ra2+dKSTYOJ1olZz0yA6TKceyUB+xFggc8Vblwh9fxQyPGCu4E57cXSCW
ZUE6hWTXZjEp6l/ew2nESlcvOyISqpsk5VN4uutwCvEwyTRQApXxsJlKy5IMxym1
UNhX3l8/SJUlqOl8Yzmn/SV0iLuaw2GOKUabAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUW1YD9zCrLH36u5hqIWCOWGZYVmAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1cxWUQ5ekNyTEgzNnU1
aHFJV0NPV0daWVZtQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMXsr14dJrftjjZTw2s0vWEh03MRQFo/w3Wg
A/lj1Ie2atovMfS5nkfXK5hjb5C8lBlHmfj6wJyAuGcBJQbTThQqiUFnHyKBnO8B
6oC0IRfeCDQIGt/qS8m1CnKEIIi1zm3Ri6QF877vpjBqTkB7CjSJGcaVTv/0doMh
D6a/Smxq1WslKbBCCp9suWnCgMDy/grM6NGm2bKCgWTgOMTWCzaWVeYCH/Z9GCj9
Thng+fi0dFc9rP6bNk89L5VlnMD5crBWXv8yOk4SszBaqztxNCnnOYNvB6QFyiZa
tJCJ2ShrriRYEdVQzwM9GCdHynAAUvh/CSYVuiW+YLRGGlNovh0=
-----END CERTIFICATE-----
Generated at Sat Jun 22 05:02:49 2024 by rpki-client on console-ams.rpki-client.org