Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/XtFdhWB0Jh_lRjqkZpckmzoHacI.roa
File: XtFdhWB0Jh_lRjqkZpckmzoHacI.roa (raw, json)
Hash identifier: X5dEYqtqTXI2F7U9xeK9W1PWZ2krXIjOP49PiyZOKdQ=
Subject key identifier: 5E:D1:5D:85:60:74:26:1F:E5:46:3A:A4:66:97:24:9B:3A:07:69:C2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03EB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XtFdhWB0Jh_lRjqkZpckmzoHacI.roa
Signing time: Thu 30 May 2024 15:55:03 +0000
ROA not before: Thu 30 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1003 (0x3eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 30 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ED15D856074261FE5463AA46697249B3A0769C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e5:dd:94:61:c0:76:d4:c9:ee:b3:5b:aa:2f:
18:2b:e9:38:7d:de:a3:80:c1:b1:e4:ce:d3:78:a7:
aa:0b:a0:5e:8c:44:75:f7:67:dd:8d:f3:56:c3:9b:
7b:31:cf:48:84:0b:00:05:fd:c2:dd:12:38:ee:50:
9b:71:98:30:d5:4b:83:46:fb:1b:16:34:19:dc:6c:
a7:92:6e:d8:5d:3d:bf:69:12:64:45:01:82:50:a3:
8d:d1:56:59:13:80:35:9a:db:5c:1a:46:43:94:ec:
ee:a6:41:d1:9e:35:9e:5a:a1:17:9f:48:d6:41:cd:
ce:6e:a4:80:17:08:bc:6f:bd:53:21:f2:c4:c6:e6:
ae:50:59:46:5b:99:5c:a6:e1:5c:b3:a7:8e:75:e9:
62:b1:e1:9f:8c:e0:66:2c:28:60:2d:ab:9c:e6:0a:
e7:84:f0:4d:f9:23:01:c9:ae:78:28:03:85:80:68:
a2:ac:13:92:3d:a1:a7:3e:b9:ae:fd:3c:d0:c6:6d:
b5:33:28:66:0f:b9:8a:3b:ca:93:a0:df:ac:8f:6c:
23:8e:28:16:86:8f:0a:8a:53:a0:43:08:22:07:41:
0f:3a:ed:8f:17:d9:98:fd:8b:f7:6d:ea:c7:fb:dc:
ce:10:de:78:0f:65:22:05:48:c4:a2:b0:89:cc:9f:
34:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D1:5D:85:60:74:26:1F:E5:46:3A:A4:66:97:24:9B:3A:07:69:C2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XtFdhWB0Jh_lRjqkZpckmzoHacI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:38:8b:7d:95:73:93:66:c7:97:08:24:34:5a:40:bc:c6:9e:
41:3c:a2:3b:e3:62:b0:12:fb:b1:4c:0f:86:24:f6:74:33:0f:
30:e3:98:e0:a5:df:4b:03:2c:31:5d:52:60:e2:f7:97:0c:3f:
a6:1d:e1:d9:f3:72:f3:7e:7e:2d:92:46:63:30:13:a7:6f:73:
9b:0e:b5:0e:ae:70:cf:c5:e8:ed:43:23:61:da:f2:fb:b3:b1:
d2:dc:7b:8a:00:22:cc:1d:7b:dc:e0:f7:f2:f6:2a:d3:43:b7:
9c:d7:f0:27:35:48:52:2f:80:84:d4:1a:33:22:1a:d8:85:e5:
5b:6b:b1:f0:93:43:3c:85:ca:0a:16:36:fe:6f:a1:1f:03:90:
1f:b1:a9:cb:d3:b6:4c:4e:1b:dc:4e:47:75:82:33:9c:d3:ca:
89:81:ef:ab:b8:f3:e3:28:50:71:f9:70:b6:38:67:08:e4:71:
33:d2:d5:5f:3a:df:8f:67:0e:a3:44:09:79:31:e1:21:cd:5b:
84:5e:5a:57:ab:fc:4b:c9:fb:88:c7:f7:06:5e:33:25:b3:8d:
08:8f:fd:65:4f:a7:65:d4:54:0d:48:7b:1d:20:ba:42:60:39:
c4:65:83:3b:95:79:fc:f1:be:74:d3:40:76:83:6e:3c:54:28:
3f:38:aa:c9
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MzAx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVFRDE1RDg1NjA3NDI2
MUZFNTQ2M0FBNDY2OTcyNDlCM0EwNzY5QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz5d2UYcB21Mnus1uqLxgr6Th93qOAwbHkztN4p6oLoF6MRHX3
Z92N81bDm3sxz0iECwAF/cLdEjjuUJtxmDDVS4NG+xsWNBncbKeSbthdPb9pEmRF
AYJQo43RVlkTgDWa21waRkOU7O6mQdGeNZ5aoRefSNZBzc5upIAXCLxvvVMh8sTG
5q5QWUZbmVym4Vyzp4516WKx4Z+M4GYsKGAtq5zmCueE8E35IwHJrngoA4WAaKKs
E5I9oac+ua79PNDGbbUzKGYPuYo7ypOg36yPbCOOKBaGjwqKU6BDCCIHQQ867Y8X
2Zj9i/dt6sf73M4Q3ngPZSIFSMSisInMnzQ7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUXtFdhWB0Jh/lRjqkZpckmzoHacIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1h0RmRoV0IwSmhfbFJq
cWtacGNrbXpvSGFjSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANk4i32Vc5Nmx5cIJDRaQLzGnkE8ojvjYrAS
+7FMD4Yk9nQzDzDjmOCl30sDLDFdUmDi95cMP6Yd4dnzcvN+fi2SRmMwE6dvc5sO
tQ6ucM/F6O1DI2Ha8vuzsdLce4oAIswde9zg9/L2KtNDt5zX8Cc1SFIvgITUGjMi
GtiF5VtrsfCTQzyFygoWNv5voR8DkB+xqcvTtkxOG9xOR3WCM5zTyomB76u48+Mo
UHH5cLY4ZwjkcTPS1V86349nDqNECXkx4SHNW4ReWler/EvJ+4jH9wZeMyWzjQiP
/WVPp2XUVA1Iex0gukJgOcRlgzuVefzxvnTTQHaDbjxUKD84qsk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org