Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/X4aC4IPEyfvC2JJdWBDlpf7PbfQ.roa
File: X4aC4IPEyfvC2JJdWBDlpf7PbfQ.roa (raw, json)
Hash identifier: R7V7q15f0SoEBmpan4J/Iny3bN1EnOSbVdz+6u+1wn0=
Subject key identifier: 5F:86:82:E0:83:C4:C9:FB:C2:D8:92:5D:58:10:E5:A5:FE:CF:6D:F4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0610
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/X4aC4IPEyfvC2JJdWBDlpf7PbfQ.roa
Signing time: Tue 30 Jul 2024 15:55:04 +0000
ROA not before: Tue 30 Jul 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1552 (0x610)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 30 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5F8682E083C4C9FBC2D8925D5810E5A5FECF6DF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:4f:1e:c4:e8:20:38:c0:79:b3:d4:54:f5:
bd:59:2c:22:88:ab:1e:92:f5:a2:8e:aa:40:2c:0c:
f9:91:8d:7e:38:5c:a5:34:a4:7e:d9:ec:da:96:8d:
00:a2:d4:93:1a:24:09:00:65:84:35:43:04:a4:48:
e0:48:ba:d9:12:6d:43:b9:80:84:97:a8:14:19:1b:
3e:e5:03:10:8d:b1:11:4a:01:12:25:35:ca:28:22:
66:41:01:b1:3c:b0:da:f4:be:52:0a:a6:ec:bc:27:
ac:ba:29:a9:51:fc:f5:e3:e2:2b:cb:16:a0:37:31:
1b:ec:60:df:e0:fb:a1:f3:b9:62:0d:ee:7c:13:c7:
97:4d:da:d4:fd:8c:53:37:fa:a2:32:95:49:8e:80:
7a:60:3d:18:06:67:f9:7b:39:53:48:c6:53:95:bc:
28:3b:b4:97:fc:64:db:fa:97:2f:f4:65:69:6e:9e:
a2:0d:07:62:42:f8:29:c5:51:5c:95:c8:63:be:da:
f0:55:1c:da:8e:b8:96:f6:7f:c0:79:77:8c:da:27:
e4:42:a2:56:08:6a:e8:27:3f:0d:42:33:05:ad:d4:
0e:bc:d5:29:4a:77:18:c0:78:70:4b:8c:c8:60:90:
34:f1:e2:8b:1b:22:7e:cd:0f:35:17:82:b8:da:fa:
aa:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:86:82:E0:83:C4:C9:FB:C2:D8:92:5D:58:10:E5:A5:FE:CF:6D:F4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/X4aC4IPEyfvC2JJdWBDlpf7PbfQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b6:f7:0d:bc:ad:09:a0:f5:27:f7:91:e6:43:6b:4b:f7:c3:
b0:69:3a:ef:05:db:42:44:ac:7b:03:ff:01:4e:3e:97:ef:67:
92:e9:a0:18:23:78:b7:85:70:12:84:77:73:0f:4e:12:a6:7d:
dd:2e:51:3c:b2:fb:82:31:d0:c0:cc:0c:62:59:3b:e9:98:57:
94:58:99:53:6c:1d:68:7d:a7:5a:ca:b3:c0:17:de:8e:4e:77:
de:49:9d:3c:5b:f6:9a:40:14:58:7f:57:24:67:98:d5:a2:40:
11:c4:4c:58:12:11:5a:10:9c:20:91:a8:09:1e:dd:06:2c:3a:
72:8e:1a:51:9b:b2:aa:b7:4c:83:5c:4a:30:2b:5f:fe:eb:20:
61:8f:c9:d2:bc:cc:d9:ce:76:a1:90:ee:f1:ae:c8:07:5b:c9:
58:19:bb:75:8b:ad:13:fe:44:9b:ad:01:41:c5:8b:97:35:89:
7e:6a:0d:85:25:10:17:a5:28:d2:86:d6:d7:f7:3e:ba:16:ab:
a0:79:d1:77:b9:14:10:e3:fb:a0:36:0d:63:ba:3b:6e:d6:98:
96:81:5c:c9:2f:78:a3:fc:02:32:27:96:56:6c:ca:8b:8a:72:
14:28:df:dc:31:1e:03:79:f6:5a:35:3f:e6:10:f6:fd:92:21:
14:44:a2:74
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBhAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MzAx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVGODY4MkUwODNDNEM5
RkJDMkQ4OTI1RDU4MTBFNUE1RkVDRjZERjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8rE8exOggOMB5s9RU9b1ZLCKIqx6S9aKOqkAsDPmRjX44XKU0
pH7Z7NqWjQCi1JMaJAkAZYQ1QwSkSOBIutkSbUO5gISXqBQZGz7lAxCNsRFKARIl
NcooImZBAbE8sNr0vlIKpuy8J6y6KalR/PXj4ivLFqA3MRvsYN/g+6HzuWIN7nwT
x5dN2tT9jFM3+qIylUmOgHpgPRgGZ/l7OVNIxlOVvCg7tJf8ZNv6ly/0ZWlunqIN
B2JC+CnFUVyVyGO+2vBVHNqOuJb2f8B5d4zaJ+RColYIaugnPw1CMwWt1A681SlK
dxjAeHBLjMhgkDTx4osbIn7NDzUXgrja+qqFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUX4aC4IPEyfvC2JJdWBDlpf7PbfQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1g0YUM0SVBFeWZ2QzJK
SmRXQkRscGY3UGJmUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACK29w28rQmg9Sf3keZDa0v3w7BpOu8F20JE
rHsD/wFOPpfvZ5LpoBgjeLeFcBKEd3MPThKmfd0uUTyy+4Ix0MDMDGJZO+mYV5RY
mVNsHWh9p1rKs8AX3o5Od95JnTxb9ppAFFh/VyRnmNWiQBHETFgSEVoQnCCRqAke
3QYsOnKOGlGbsqq3TINcSjArX/7rIGGPydK8zNnOdqGQ7vGuyAdbyVgZu3WLrRP+
RJutAUHFi5c1iX5qDYUlEBelKNKG1tf3ProWq6B50Xe5FBDj+6A2DWO6O27WmJaB
XMkveKP8AjInllZsyouKchQo39wxHgN59lo1P+YQ9v2SIRREonQ=
-----END CERTIFICATE-----
Generated at Tue Jul 30 20:52:59 2024 by rpki-client on console-fra.rpki-client.org