Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/XTcBePitMp5vWMu-9DbscnG8mv4.roa
File: XTcBePitMp5vWMu-9DbscnG8mv4.roa (raw, json)
Hash identifier: qRqFpMsntXbrNR8uw4N2l84dsTLbq2+auedI9xzKe4o=
Subject key identifier: 5D:37:01:78:F8:AD:32:9E:6F:58:CB:BE:F4:36:EC:72:71:BC:9A:FE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0995
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XTcBePitMp5vWMu-9DbscnG8mv4.roa
Signing time: Thu 07 Nov 2024 15:55:03 +0000
ROA not before: Thu 07 Nov 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2453 (0x995)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 7 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5D370178F8AD329E6F58CBBEF436EC7271BC9AFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:1e:a1:88:37:1f:0f:3a:f9:5e:f5:ae:ea:
1e:c1:d1:e8:b6:7d:e6:03:d5:85:4d:e9:3c:e4:81:
60:bf:33:5e:ce:4d:4f:1a:84:9e:4f:8d:d8:6c:a4:
dd:4a:c5:8d:a3:56:ff:16:e2:2f:d2:3b:e8:43:d0:
df:9c:3c:b9:02:52:7b:27:36:7e:91:50:aa:da:91:
69:98:a2:26:6f:b1:a6:fd:91:b1:69:96:79:2b:49:
9b:a5:ef:f5:c6:d7:a2:66:3b:9d:53:40:34:e7:10:
28:a5:52:de:80:04:92:c5:bc:a2:ba:ae:02:c6:00:
97:30:70:cb:a4:a2:c8:1b:c7:5e:76:f7:fb:32:cb:
ff:4e:11:df:ab:4d:75:97:33:33:90:b4:0e:a9:03:
cb:3f:07:ac:08:08:c3:3f:b2:72:8d:6b:28:17:4b:
74:99:34:cf:d4:c3:af:aa:a3:54:1c:4c:b4:57:06:
5f:5e:49:df:9c:38:a0:04:81:3f:43:ea:02:20:fa:
35:a3:dd:c9:25:7f:d5:ed:2d:37:0a:e1:f5:7d:ec:
64:5a:18:87:7f:bc:df:84:6a:bb:ad:c4:3d:57:01:
6d:1c:dd:10:ab:a4:e4:5e:c5:18:82:9f:ad:b3:d2:
95:f5:09:9d:80:e6:6b:d7:d2:01:2d:7c:1c:01:e8:
f2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:37:01:78:F8:AD:32:9E:6F:58:CB:BE:F4:36:EC:72:71:BC:9A:FE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XTcBePitMp5vWMu-9DbscnG8mv4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e8:9f:18:5e:30:c5:bf:45:96:49:7d:7b:0a:a2:19:7b:c6:
19:67:e7:7b:31:c1:b6:d9:57:f9:37:86:24:0e:af:9c:78:2e:
d1:df:2b:49:02:d2:75:ed:9e:e0:18:38:8a:5e:da:23:39:4c:
5c:62:ef:88:20:b4:be:f3:b3:55:67:4d:85:e3:c2:ce:d5:72:
08:bf:78:c7:41:97:bc:e8:72:2c:82:4f:fb:95:01:37:a1:07:
af:5b:5e:78:7d:77:3e:46:67:c7:7c:68:e6:95:05:f5:49:de:
7a:4e:33:4b:67:24:f4:af:49:2e:ff:7e:35:28:2a:63:a7:11:
5f:c4:1f:05:af:f9:96:a8:37:60:a1:27:e2:15:15:92:f4:91:
e3:21:8f:7e:1e:ba:f1:34:14:a9:52:6c:6e:b4:45:1e:64:28:
b8:5e:1a:d5:e4:23:68:77:73:9d:30:49:b4:31:cc:29:ed:fd:
44:c4:07:25:97:21:13:a1:36:fb:e4:2f:76:d5:3f:7a:91:f7:
10:fa:8f:e7:8e:a3:a3:61:ea:5b:e9:7e:7a:be:cb:cc:63:0a:
2e:48:00:df:1b:af:bb:95:e4:99:b8:4e:8d:d9:d3:dd:44:9c:
b7:f5:aa:3f:2d:14:d8:73:15:61:1d:34:43:d4:b5:08:d4:24:
95:da:af:cc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDcx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVEMzcwMTc4RjhBRDMy
OUU2RjU4Q0JCRUY0MzZFQzcyNzFCQzlBRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYQh6hiDcfDzr5XvWu6h7B0ei2feYD1YVN6TzkgWC/M17OTU8a
hJ5PjdhspN1KxY2jVv8W4i/SO+hD0N+cPLkCUnsnNn6RUKrakWmYoiZvsab9kbFp
lnkrSZul7/XG16JmO51TQDTnECilUt6ABJLFvKK6rgLGAJcwcMukosgbx1529/sy
y/9OEd+rTXWXMzOQtA6pA8s/B6wICMM/snKNaygXS3SZNM/Uw6+qo1QcTLRXBl9e
Sd+cOKAEgT9D6gIg+jWj3cklf9XtLTcK4fV97GRaGId/vN+EarutxD1XAW0c3RCr
pORexRiCn62z0pX1CZ2A5mvX0gEtfBwB6PKTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUXTcBePitMp5vWMu+9DbscnG8mv4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1hUY0JlUGl0TXA1dldN
dS05RGJzY25HOG12NC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAILonxheMMW/RZZJfXsKohl7xhln53sxwbbZ
V/k3hiQOr5x4LtHfK0kC0nXtnuAYOIpe2iM5TFxi74ggtL7zs1VnTYXjws7Vcgi/
eMdBl7zociyCT/uVATehB69bXnh9dz5GZ8d8aOaVBfVJ3npOM0tnJPSvSS7/fjUo
KmOnEV/EHwWv+ZaoN2ChJ+IVFZL0keMhj34euvE0FKlSbG60RR5kKLheGtXkI2h3
c50wSbQxzCnt/UTEByWXIROhNvvkL3bVP3qR9xD6j+eOo6Nh6lvpfnq+y8xjCi5I
AN8br7uV5Jm4To3Z091EnLf1qj8tFNhzFWEdNEPUtQjUJJXar8w=
-----END CERTIFICATE-----
Generated at Thu Nov 7 21:35:33 2024 by rpki-client on console-fra.rpki-client.org