Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/WaAVpBJ1rJYSgDCGdZWw9pPrnwI.roa
File: WaAVpBJ1rJYSgDCGdZWw9pPrnwI.roa (raw, json)
Hash identifier: oK6J3c96C48bLpApPLms+BTwqUYF2YQWH3mrUJKaPDw=
Subject key identifier: 59:A0:15:A4:12:75:AC:96:12:80:30:86:75:95:B0:F6:93:EB:9F:02
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 05A7
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WaAVpBJ1rJYSgDCGdZWw9pPrnwI.roa
Signing time: Thu 18 Jul 2024 23:55:03 +0000
ROA not before: Thu 18 Jul 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1447 (0x5a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 18 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59A015A41275AC96128030867595B0F693EB9F02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:34:08:8d:f4:9c:22:23:0d:c3:bc:0e:38:2c:
0c:85:ce:19:e5:24:8d:ea:b0:53:b0:7b:03:0c:00:
86:80:04:83:e3:63:7e:68:e3:29:c4:07:a8:fa:6b:
97:d9:3b:1a:bd:6d:86:b8:4b:51:74:ab:2e:e5:7b:
06:61:aa:4e:4a:f5:47:6f:13:2b:59:d1:12:69:3b:
d6:d0:59:aa:f9:bf:7a:44:02:d5:94:b9:52:58:ce:
45:38:eb:01:7b:96:90:63:52:ad:d0:ef:98:36:20:
94:67:92:79:1d:8a:55:15:ac:c2:6e:30:32:32:37:
a2:b4:28:43:e5:56:37:dc:72:28:08:3d:6d:84:c2:
5c:19:42:35:a8:c8:85:39:4b:dc:44:7e:55:c0:fc:
3a:9d:7e:d1:db:c5:55:01:e4:fb:04:27:3e:88:97:
55:73:d5:c8:51:fd:a7:fd:02:57:de:60:ab:c7:dc:
6a:6e:f0:ba:88:2e:28:02:af:91:48:d1:3e:b1:d7:
75:d0:c7:08:61:1d:04:51:f9:d2:9c:6d:80:bd:6d:
22:2b:bc:4a:b5:8c:af:15:93:dd:50:8e:cc:10:59:
e0:b8:b7:99:b1:70:48:4c:bb:be:d2:fa:54:c8:e0:
e4:01:b0:f2:2e:40:ac:5d:0b:5d:8f:84:27:e6:6d:
3d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A0:15:A4:12:75:AC:96:12:80:30:86:75:95:B0:F6:93:EB:9F:02
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WaAVpBJ1rJYSgDCGdZWw9pPrnwI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ae:3a:55:17:0a:76:cd:f7:53:b9:1c:0c:ef:c1:4c:39:c7:
9d:99:fb:56:4b:66:fb:6c:75:31:90:e3:15:b3:ba:28:50:73:
09:1d:ef:24:c8:a6:b0:35:65:c3:fe:9e:af:cf:b3:aa:07:4c:
df:fc:c0:10:02:fa:43:88:f3:5e:e3:c9:40:80:6f:45:6e:8e:
ef:8b:25:a4:34:18:f6:6f:ef:c1:fe:c2:07:a0:49:fa:93:a9:
a0:b2:d1:ba:c6:9c:2d:6f:38:87:3b:37:a8:c8:df:9c:1c:fb:
fc:c8:e1:e7:68:c8:fc:70:e2:76:4d:59:ac:45:63:42:9b:23:
a4:56:88:95:c1:79:4c:c5:a4:1c:cc:16:95:b5:77:53:31:ba:
06:cf:43:cc:e3:1f:84:f6:6b:c4:87:44:92:0b:3c:61:5c:bb:
74:d4:7e:5e:db:16:87:42:15:a4:31:c7:b9:4b:39:3c:3c:38:
6f:7d:71:40:7f:5f:a4:c4:ae:dc:46:d3:5b:af:49:40:7f:9c:
fe:d2:23:2f:68:0c:4c:77:0f:4f:4a:bb:b2:96:0e:54:13:ab:
e2:e8:6f:c6:45:91:d8:4f:46:a0:00:59:e5:95:75:85:5a:5e:
d5:5d:a6:77:ef:90:62:28:6b:54:8c:eb:a5:38:2c:bd:b4:55:
00:f3:21:90
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MTgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU5QTAxNUE0MTI3NUFD
OTYxMjgwMzA4Njc1OTVCMEY2OTNFQjlGMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyNAiN9JwiIw3DvA44LAyFzhnlJI3qsFOwewMMAIaABIPjY35o
4ynEB6j6a5fZOxq9bYa4S1F0qy7lewZhqk5K9UdvEytZ0RJpO9bQWar5v3pEAtWU
uVJYzkU46wF7lpBjUq3Q75g2IJRnknkdilUVrMJuMDIyN6K0KEPlVjfccigIPW2E
wlwZQjWoyIU5S9xEflXA/DqdftHbxVUB5PsEJz6Il1Vz1chR/af9AlfeYKvH3Gpu
8LqILigCr5FI0T6x13XQxwhhHQRR+dKcbYC9bSIrvEq1jK8Vk91QjswQWeC4t5mx
cEhMu77S+lTI4OQBsPIuQKxdC12PhCfmbT2lAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUWaAVpBJ1rJYSgDCGdZWw9pPrnwIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1dhQVZwQkoxckpZU2dE
Q0dkWld3OXBQcm53SS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJeuOlUXCnbN91O5HAzvwUw5x52Z+1ZLZvts
dTGQ4xWzuihQcwkd7yTIprA1ZcP+nq/Ps6oHTN/8wBAC+kOI817jyUCAb0Vuju+L
JaQ0GPZv78H+wgegSfqTqaCy0brGnC1vOIc7N6jI35wc+/zI4edoyPxw4nZNWaxF
Y0KbI6RWiJXBeUzFpBzMFpW1d1MxugbPQ8zjH4T2a8SHRJILPGFcu3TUfl7bFodC
FaQxx7lLOTw8OG99cUB/X6TErtxG01uvSUB/nP7SIy9oDEx3D09Ku7KWDlQTq+Lo
b8ZFkdhPRqAAWeWVdYVaXtVdpnfvkGIoa1SM66U4LL20VQDzIZA=
-----END CERTIFICATE-----
Generated at Fri Jul 19 06:10:43 2024 by rpki-client on console-fra.rpki-client.org