Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/WZBCrDYN8mvt-qahXCRe1_mR72c.roa
File: WZBCrDYN8mvt-qahXCRe1_mR72c.roa (raw, json)
Hash identifier: P3AyBqkaWzyqln1kkcYgXhXc/JWQwBCxu5LhV2Jf4A4=
Subject key identifier: 59:90:42:AC:36:0D:F2:6B:ED:FA:A6:A1:5C:24:5E:D7:F9:91:EF:67
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07CF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WZBCrDYN8mvt-qahXCRe1_mR72c.roa
Signing time: Wed 18 Sep 2024 07:55:03 +0000
ROA not before: Wed 18 Sep 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1999 (0x7cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 18 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=599042AC360DF26BEDFAA6A15C245ED7F991EF67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7b:7d:d4:10:aa:04:14:92:2c:cf:8f:62:b1:
e8:05:d8:73:b2:27:b0:77:c4:b7:dc:cb:94:c7:c1:
be:af:41:0f:0d:2e:21:82:ad:84:c7:bf:77:3c:0c:
df:bc:b2:07:5f:18:e5:20:30:a2:8c:1a:3c:cf:6e:
e5:ab:08:3a:e4:7c:33:f8:e2:46:2c:35:f3:64:ad:
06:5e:ee:ee:2b:50:63:89:d3:fc:d6:d6:37:59:01:
89:f7:0d:18:cc:bf:30:81:29:28:51:e6:a8:de:3d:
f2:0e:f5:e5:ba:fb:de:94:8a:b6:7f:df:20:66:85:
fb:92:57:e5:23:8d:8b:52:38:65:35:ea:7b:3c:d4:
ee:39:52:49:73:4b:f7:ce:0a:91:59:9a:82:25:f2:
7b:33:bc:66:b9:8a:dc:fd:e3:5f:1c:43:00:60:0c:
6d:76:8f:bc:06:67:e0:f1:29:d6:a5:af:7a:c7:a7:
a8:81:b9:78:08:b4:a6:8d:8f:1d:f5:ea:90:9d:43:
45:2a:aa:a2:61:32:9e:bc:5e:d9:58:f8:19:87:4b:
10:5d:16:c4:42:1b:63:15:4c:62:62:2e:d5:13:a1:
54:e1:75:ad:65:d9:ac:8b:96:df:0d:e1:23:15:f9:
b9:33:59:3a:d4:46:f7:ac:0d:af:f8:07:34:4a:d1:
a5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:90:42:AC:36:0D:F2:6B:ED:FA:A6:A1:5C:24:5E:D7:F9:91:EF:67
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WZBCrDYN8mvt-qahXCRe1_mR72c.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
56:b8:36:b8:51:47:55:d2:4c:dc:1f:ae:28:f3:b6:e5:58:6b:
38:3c:2c:8e:09:5b:1e:cc:c7:e3:ed:60:c5:1e:ca:34:bf:ed:
0e:87:e2:69:28:0e:92:83:6a:47:14:a5:de:a0:59:a2:9e:b5:
e6:90:21:8e:5f:47:b7:1d:f4:10:ef:f7:8c:7e:41:48:93:84:
ca:e3:42:e3:63:b2:83:29:8c:e3:3d:c4:21:92:a4:6a:ca:b3:
7f:ac:42:60:fb:88:a8:43:27:62:8e:5f:c1:da:b1:47:d2:dc:
f8:8c:db:b0:1d:55:b2:8e:6f:c5:aa:38:75:df:96:31:e4:d6:
c9:97:bc:4a:b4:26:d0:cf:34:85:35:ab:e3:8b:95:98:d4:71:
f5:4c:d7:cc:12:39:ac:84:13:0f:ce:0c:37:c9:60:45:22:5a:
e8:9e:6e:70:74:96:9a:dd:cf:0a:a8:8a:53:20:cf:72:81:e5:
95:e0:c0:bc:04:95:b3:2e:36:a2:2f:cd:2c:f2:a3:9a:bd:43:
36:0a:03:e5:81:11:5b:37:2b:01:8a:4c:d2:6f:52:85:fa:14:
14:87:22:b7:88:5e:6c:1b:5d:c1:c3:8f:b5:7b:04:7f:45:96:
e4:d7:0b:11:57:bd:44:54:e2:bb:29:6a:82:55:d8:33:ac:52:
14:33:12:a1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTgw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU5OTA0MkFDMzYwREYy
NkJFREZBQTZBMTVDMjQ1RUQ3Rjk5MUVGNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCe33UEKoEFJIsz49isegF2HOyJ7B3xLfcy5THwb6vQQ8NLiGC
rYTHv3c8DN+8sgdfGOUgMKKMGjzPbuWrCDrkfDP44kYsNfNkrQZe7u4rUGOJ0/zW
1jdZAYn3DRjMvzCBKShR5qjePfIO9eW6+96UirZ/3yBmhfuSV+UjjYtSOGU16ns8
1O45UklzS/fOCpFZmoIl8nszvGa5itz9418cQwBgDG12j7wGZ+DxKdalr3rHp6iB
uXgItKaNjx316pCdQ0UqqqJhMp68XtlY+BmHSxBdFsRCG2MVTGJiLtUToVThda1l
2ayLlt8N4SMV+bkzWTrURvesDa/4BzRK0aVtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUWZBCrDYN8mvt+qahXCRe1/mR72cwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1daQkNyRFlOOG12dC1x
YWhYQ1JlMV9tUjcyYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFa4NrhRR1XSTNwfrijztuVYazg8LI4JWx7M
x+PtYMUeyjS/7Q6H4mkoDpKDakcUpd6gWaKeteaQIY5fR7cd9BDv94x+QUiThMrj
QuNjsoMpjOM9xCGSpGrKs3+sQmD7iKhDJ2KOX8HasUfS3PiM27AdVbKOb8WqOHXf
ljHk1smXvEq0JtDPNIU1q+OLlZjUcfVM18wSOayEEw/ODDfJYEUiWuiebnB0lprd
zwqoilMgz3KB5ZXgwLwElbMuNqIvzSzyo5q9QzYKA+WBEVs3KwGKTNJvUoX6FBSH
IreIXmwbXcHDj7V7BH9FluTXCxFXvURU4rspaoJV2DOsUhQzEqE=
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:07:29 2024 by rpki-client on console-ams.rpki-client.org