Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/YP04fmT9gBZzP9yNOvLZj8fCuGM.roa
File: YP04fmT9gBZzP9yNOvLZj8fCuGM.roa (raw, json)
Hash identifier: iULp5B5TWVjW233BcbYnAlufYIcYrLRtcdTbbf8G/+4=
Subject key identifier: 60:FD:38:7E:64:FD:80:16:73:3F:DC:8D:3A:F2:D9:8F:C7:C2:B8:63
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08A7
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/YP04fmT9gBZzP9yNOvLZj8fCuGM.roa
Signing time: Sat 12 Oct 2024 07:55:03 +0000
ROA not before: Sat 12 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2215 (0x8a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 12 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60FD387E64FD8016733FDC8D3AF2D98FC7C2B863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:3e:d3:ac:61:e4:70:02:78:be:09:c5:5f:
0f:92:9e:aa:81:28:89:9e:8f:bb:64:01:b5:b7:f8:
59:4b:22:73:0d:97:1c:76:c8:0b:33:ad:70:f6:bf:
7a:85:2b:19:8f:42:de:4d:2d:db:27:35:64:57:08:
ca:41:39:a1:35:72:16:50:5b:38:0a:08:53:42:07:
0f:e1:1c:42:27:f2:4d:8d:ab:7a:65:de:2c:e5:8f:
66:a8:92:f1:a2:5a:ed:b1:e5:fb:c2:d6:c9:bf:8f:
96:4c:46:80:32:2e:1a:98:ee:52:62:ad:d8:12:4f:
d2:7e:05:43:61:5e:c7:8f:b1:3a:64:70:44:7a:fa:
15:29:8b:14:76:05:35:81:2d:a8:8c:47:15:a5:3e:
3c:dd:0a:ef:3f:1d:37:7b:b9:ce:da:b5:e1:03:e5:
6a:ad:4d:d7:63:d9:c2:43:0a:92:9a:dc:27:66:4a:
f6:e1:d6:8c:d3:8f:51:ae:47:31:0b:47:99:6b:05:
e4:28:d2:b7:14:37:ad:2b:61:d8:44:73:5b:6b:e9:
e9:22:11:a1:7f:40:a8:5e:ee:77:23:0e:d1:05:9c:
1b:e0:55:d4:1d:48:91:f7:f8:2c:d1:2f:8c:f5:ad:
94:c7:15:80:fc:2a:3b:7c:1b:5e:28:19:f1:cc:13:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FD:38:7E:64:FD:80:16:73:3F:DC:8D:3A:F2:D9:8F:C7:C2:B8:63
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/YP04fmT9gBZzP9yNOvLZj8fCuGM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:a5:30:84:7b:6f:89:66:86:24:90:75:d2:49:08:c7:8b:fa:
46:b7:bf:cd:49:33:62:99:3d:40:c6:df:88:aa:34:e9:40:8c:
14:c1:81:f2:a7:33:bf:8c:fd:bf:a6:4a:8f:68:c5:7a:c8:40:
7b:99:4d:ae:9b:8d:da:6b:4a:8f:8e:26:17:d4:af:23:41:b3:
fc:4d:dc:d2:ac:dc:6b:ee:84:43:82:61:57:73:0f:f7:9b:bf:
e9:d3:a7:b2:80:18:a1:9d:2e:5d:16:46:4b:b9:fa:61:f4:e8:
9d:35:bf:f4:5b:a8:24:5c:18:d4:b1:6c:7c:df:09:9b:b7:e3:
04:a6:b7:42:0c:b7:85:3b:70:f8:f1:db:65:79:8c:a7:bb:92:
be:f6:3e:f5:44:36:af:a6:ed:55:d3:54:4b:46:8f:17:00:13:
91:8f:41:17:16:ef:cf:ab:25:eb:d6:05:00:19:58:a0:8b:44:
0a:8c:8a:5c:b3:e8:0d:09:bc:b3:40:93:9e:a4:9d:96:e3:6f:
d0:8b:6d:11:ca:02:1a:89:92:9a:05:11:ed:30:f6:22:d9:e0:
9a:c5:78:78:63:7e:34:5c:99:52:3e:13:9e:d8:34:a0:6b:de:
15:fc:55:8f:a2:d9:1a:ce:66:a2:11:72:b2:52:b6:b9:0e:ad:
71:05:4d:d9
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTIw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYwRkQzODdFNjRGRDgw
MTY3MzNGREM4RDNBRjJEOThGQzdDMkI4NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4az7TrGHkcAJ4vgnFXw+SnqqBKImej7tkAbW3+FlLInMNlxx2
yAszrXD2v3qFKxmPQt5NLdsnNWRXCMpBOaE1chZQWzgKCFNCBw/hHEIn8k2Nq3pl
3izlj2aokvGiWu2x5fvC1sm/j5ZMRoAyLhqY7lJirdgST9J+BUNhXsePsTpkcER6
+hUpixR2BTWBLaiMRxWlPjzdCu8/HTd7uc7ateED5WqtTddj2cJDCpKa3CdmSvbh
1ozTj1GuRzELR5lrBeQo0rcUN60rYdhEc1tr6ekiEaF/QKhe7ncjDtEFnBvgVdQd
SJH3+CzRL4z1rZTHFYD8Kjt8G14oGfHME1NlAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUYP04fmT9gBZzP9yNOvLZj8fCuGMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1lQMDRmbVQ5Z0JaelA5
eU5PdkxaajhmQ3VHTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKmlMIR7b4lmhiSQddJJCMeL+ka3v81JM2KZ
PUDG34iqNOlAjBTBgfKnM7+M/b+mSo9oxXrIQHuZTa6bjdprSo+OJhfUryNBs/xN
3NKs3GvuhEOCYVdzD/ebv+nTp7KAGKGdLl0WRku5+mH06J01v/RbqCRcGNSxbHzf
CZu34wSmt0IMt4U7cPjx22V5jKe7kr72PvVENq+m7VXTVEtGjxcAE5GPQRcW78+r
JevWBQAZWKCLRAqMilyz6A0JvLNAk56knZbjb9CLbRHKAhqJkpoFEe0w9iLZ4JrF
eHhjfjRcmVI+E57YNKBr3hX8VY+i2RrOZqIRcrJStrkOrXEFTdk=
-----END CERTIFICATE-----
Generated at Sat Oct 12 18:31:04 2024 by rpki-client on console-ams.rpki-client.org