Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/_51OP9UOjB10yREdNkjZMaS6JuE.roa
File: _51OP9UOjB10yREdNkjZMaS6JuE.roa (raw, json)
Hash identifier: 6dPS79pJFFv81hxcfbRSsvlRXn8+mrZJfa9CL/bl854=
Subject key identifier: FF:9D:4E:3F:D5:0E:8C:1D:74:C9:11:1D:36:48:D9:31:A4:BA:26:E1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0307
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/_51OP9UOjB10yREdNkjZMaS6JuE.roa
Signing time: Sun 05 May 2024 07:55:03 +0000
ROA not before: Sun 05 May 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 May 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 775 (0x307)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 5 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=FF9D4E3FD50E8C1D74C9111D3648D931A4BA26E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:ec:17:00:89:46:f5:0e:95:b1:f1:18:d8:
86:30:65:5d:c8:64:bf:b0:d2:32:8b:65:50:75:6b:
0e:3c:ae:6b:2a:27:ec:c1:1b:b1:31:42:ad:af:c5:
57:51:e2:f8:41:b4:49:52:ba:89:41:07:54:d5:aa:
a7:25:40:27:96:06:af:f6:e1:65:d9:b6:b1:7b:e2:
87:17:e9:7b:02:60:f6:b4:f5:a0:65:fe:5a:6d:66:
7c:66:80:6b:35:f6:95:65:2a:fa:42:be:8f:57:6a:
01:74:72:00:b6:ef:57:d7:86:80:8f:27:81:82:33:
6e:1e:f8:cf:3a:ec:d3:b1:82:f0:40:16:0a:1e:96:
6c:16:b2:76:cd:03:3d:70:e7:27:3a:0e:68:cc:05:
3f:b0:6a:cc:f5:1f:f7:23:97:ee:d2:10:3b:dd:2c:
c7:98:1a:37:26:80:57:89:9a:a5:34:5c:2f:20:44:
4e:32:16:3c:6d:bd:21:09:ac:74:6f:a4:f1:b4:c9:
fd:a0:e2:14:2a:3a:c1:84:f2:17:2f:4c:26:ae:14:
d1:39:3c:44:25:81:3b:37:a4:68:d3:ad:57:d3:c4:
8b:16:f1:66:63:18:7f:a4:59:13:87:1e:87:90:eb:
5b:37:e8:f0:22:73:90:cf:e7:79:2c:c7:96:f6:7c:
6e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9D:4E:3F:D5:0E:8C:1D:74:C9:11:1D:36:48:D9:31:A4:BA:26:E1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/_51OP9UOjB10yREdNkjZMaS6JuE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:04:33:e0:21:db:99:93:26:64:9d:32:5e:88:37:51:a0:53:
21:02:86:31:da:06:b4:39:e5:60:6d:1f:aa:d9:ff:69:a1:13:
35:39:89:d0:40:05:41:f8:c3:9e:c8:65:79:df:2d:04:0a:c3:
b1:31:a5:45:1f:df:79:53:c1:08:25:6d:30:9b:7f:9e:7f:4f:
38:e4:73:f0:b6:6e:32:f5:0a:3f:d5:d7:f5:22:c0:89:2f:13:
22:e5:ae:ae:34:af:6e:2e:3c:fc:67:00:60:e2:f0:19:f2:7f:
12:43:d6:51:28:54:f5:22:2e:1d:be:38:62:d0:a7:05:a6:d6:
3d:0b:44:38:2d:7e:97:cb:b0:ec:61:44:53:78:aa:2a:d9:6a:
41:11:71:c7:82:75:bf:88:4c:4c:2a:9e:93:77:fe:e6:71:16:
ef:14:e6:0a:b4:5a:27:1c:2a:85:ec:8e:cf:0d:70:45:8b:d2:
a9:68:75:34:a8:7d:1d:ca:39:ab:8c:ab:2d:02:13:14:79:0c:
37:83:5c:31:c1:04:7c:e2:95:f4:f4:ae:cc:0d:7e:a7:fc:0b:
ed:73:4b:f7:de:ee:0a:81:8c:fd:3e:f7:68:08:84:ee:f1:7d:
47:5f:ac:bb:1d:29:72:15:cd:4a:43:c9:f0:89:e7:e6:5d:7b:
30:3c:f8:85
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAwcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDUw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEZGOUQ0RTNGRDUwRThD
MUQ3NEM5MTExRDM2NDhEOTMxQTRCQTI2RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4nOwXAIlG9Q6VsfEY2IYwZV3IZL+w0jKLZVB1aw48rmsqJ+zB
G7ExQq2vxVdR4vhBtElSuolBB1TVqqclQCeWBq/24WXZtrF74ocX6XsCYPa09aBl
/lptZnxmgGs19pVlKvpCvo9XagF0cgC271fXhoCPJ4GCM24e+M867NOxgvBAFgoe
lmwWsnbNAz1w5yc6DmjMBT+wasz1H/cjl+7SEDvdLMeYGjcmgFeJmqU0XC8gRE4y
FjxtvSEJrHRvpPG0yf2g4hQqOsGE8hcvTCauFNE5PEQlgTs3pGjTrVfTxIsW8WZj
GH+kWROHHoeQ61s36PAic5DP53ksx5b2fG5BAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU/51OP9UOjB10yREdNkjZMaS6JuEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL181MU9QOVVPakIxMHlS
RWROa2paTWFTNkp1RS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMwEM+Ah25mTJmSdMl6IN1GgUyEChjHaBrQ5
5WBtH6rZ/2mhEzU5idBABUH4w57IZXnfLQQKw7ExpUUf33lTwQglbTCbf55/Tzjk
c/C2bjL1Cj/V1/UiwIkvEyLlrq40r24uPPxnAGDi8BnyfxJD1lEoVPUiLh2+OGLQ
pwWm1j0LRDgtfpfLsOxhRFN4qirZakERcceCdb+ITEwqnpN3/uZxFu8U5gq0Wicc
KoXsjs8NcEWL0qlodTSofR3KOauMqy0CExR5DDeDXDHBBHzilfT0rswNfqf8C+1z
S/fe7gqBjP0+92gIhO7xfUdfrLsdKXIVzUpDyfCJ5+ZdezA8+IU=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:22 2024 by rpki-client on console-ams.rpki-client.org