Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/X1qf5Wibw3GimJohtbYCGiOmKbg.roa
File: X1qf5Wibw3GimJohtbYCGiOmKbg.roa (raw, json)
Hash identifier: 2NE1YCinmkFekNdnghjhGrBCxRhXDlsDEqrPyLklnXI=
Subject key identifier: 5F:5A:9F:E5:68:9B:C3:71:A2:98:9A:21:B5:B6:02:1A:23:A6:29:B8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 042D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/X1qf5Wibw3GimJohtbYCGiOmKbg.roa
Signing time: Thu 06 Jun 2024 23:55:02 +0000
ROA not before: Thu 06 Jun 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1069 (0x42d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 6 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5F5A9FE5689BC371A2989A21B5B6021A23A629B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5e:85:ce:e0:eb:78:9b:7b:75:98:35:ab:42:
84:fa:d3:c1:d1:90:73:41:5d:fa:da:d7:62:b3:33:
6f:80:5b:4e:7d:ec:55:63:76:dd:94:d6:f4:a7:58:
6c:60:b3:42:f8:84:ca:48:87:0a:1c:cc:08:ae:17:
15:ac:5a:fb:8c:4f:74:89:62:9d:0e:dc:19:2e:b4:
3a:be:42:40:81:8b:20:4b:35:1d:1d:9b:6b:26:b7:
9a:81:83:46:33:c9:05:af:71:6e:6d:40:9f:d0:68:
99:4c:93:29:86:4a:29:32:b6:a2:8a:f8:fa:ae:ce:
82:5b:eb:62:9a:6b:1f:ef:3f:48:e1:26:cc:d4:38:
10:ac:39:09:60:bb:2f:e6:a6:f1:a7:fa:70:34:67:
42:54:a3:59:78:c0:01:e4:d8:7a:be:bc:1d:ba:c4:
18:68:4d:92:69:35:e3:ac:0e:1a:53:7f:c1:8d:f6:
f0:17:ac:a5:f1:9f:c9:ba:2a:cb:32:7d:9a:eb:37:
9b:cd:c1:ea:d7:f5:63:26:e7:fc:03:9b:03:57:00:
d4:ad:58:30:9a:c6:58:c0:71:86:54:0f:48:b2:08:
73:30:f6:f7:a3:db:a3:c5:0a:a2:6b:c5:c1:9f:67:
00:98:90:e0:ad:62:75:b3:fd:42:1d:5f:f5:04:e2:
c1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5A:9F:E5:68:9B:C3:71:A2:98:9A:21:B5:B6:02:1A:23:A6:29:B8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/X1qf5Wibw3GimJohtbYCGiOmKbg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
24:76:d7:3b:2b:fb:cf:02:93:59:dc:f2:96:17:52:63:68:bc:
e8:0b:f2:e9:f9:b8:77:5d:3f:6f:96:c8:44:ea:67:0f:ec:f5:
5d:2c:ad:67:ef:70:06:b4:76:c3:fc:21:d7:2a:74:58:e1:9f:
97:14:ec:46:17:f4:79:18:16:67:26:73:11:2c:85:c7:d3:d2:
d9:e2:aa:65:97:b5:73:95:6f:17:ac:08:95:70:f6:7a:b7:9f:
37:85:71:cc:e6:db:5c:81:c9:03:24:ce:c1:06:68:87:d7:ae:
d1:16:80:49:1f:1c:f1:7e:1a:58:87:7d:58:f5:ff:97:7f:61:
8d:19:4a:f6:ca:8a:39:b4:fd:6f:f1:6b:e7:dd:cf:51:6c:06:
03:ea:56:b9:7e:61:a6:bc:6c:ce:d2:e9:38:a5:a3:4e:c1:ae:
4e:2a:cc:3a:d3:b4:8c:78:8a:00:03:f2:f4:d7:c9:d2:26:e9:
79:ea:07:85:5a:b8:4e:00:85:a1:95:13:ab:3b:a1:ee:8d:80:
c8:2b:8a:ed:1a:6d:8f:1a:8a:60:ef:9f:f8:0e:bf:ae:eb:d9:
65:21:51:43:cc:1f:68:4b:0a:b6:31:8a:ee:4a:89:52:31:4d:
b8:e0:60:f7:67:df:3f:59:d4:a1:a3:25:fa:a7:90:ac:f5:6e:
fa:80:57:b0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDYy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVGNUE5RkU1Njg5QkMz
NzFBMjk4OUEyMUI1QjYwMjFBMjNBNjI5QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzXoXO4Ot4m3t1mDWrQoT608HRkHNBXfra12KzM2+AW0597FVj
dt2U1vSnWGxgs0L4hMpIhwoczAiuFxWsWvuMT3SJYp0O3BkutDq+QkCBiyBLNR0d
m2smt5qBg0YzyQWvcW5tQJ/QaJlMkymGSikytqKK+PquzoJb62Kaax/vP0jhJszU
OBCsOQlguy/mpvGn+nA0Z0JUo1l4wAHk2Hq+vB26xBhoTZJpNeOsDhpTf8GN9vAX
rKXxn8m6KssyfZrrN5vNwerX9WMm5/wDmwNXANStWDCaxljAcYZUD0iyCHMw9vej
26PFCqJrxcGfZwCYkOCtYnWz/UIdX/UE4sGZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUX1qf5Wibw3GimJohtbYCGiOmKbgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1gxcWY1V2lidzNHaW1K
b2h0YllDR2lPbUtiZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACR21zsr+88Ck1nc8pYXUmNovOgL8un5uHdd
P2+WyETqZw/s9V0srWfvcAa0dsP8IdcqdFjhn5cU7EYX9HkYFmcmcxEshcfT0tni
qmWXtXOVbxesCJVw9nq3nzeFcczm21yByQMkzsEGaIfXrtEWgEkfHPF+GliHfVj1
/5d/YY0ZSvbKijm0/W/xa+fdz1FsBgPqVrl+Yaa8bM7S6Tilo07Brk4qzDrTtIx4
igAD8vTXydIm6XnqB4VauE4AhaGVE6s7oe6NgMgriu0abY8aimDvn/gOv67r2WUh
UUPMH2hLCrYxiu5KiVIxTbjgYPdn3z9Z1KGjJfqnkKz1bvqAV7A=
-----END CERTIFICATE-----
Generated at Fri Jun 7 05:22:04 2024 by rpki-client on console-ams.rpki-client.org