Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/aPUDKSQXnbG1PsrYTsvGsdkuFHE.roa
File: aPUDKSQXnbG1PsrYTsvGsdkuFHE.roa (raw, json)
Hash identifier: Xs6bv7iyBE30smDZ/B7Md06fu6xlk5E0LZoNHNyf8tw=
Subject key identifier: 68:F5:03:29:24:17:9D:B1:B5:3E:CA:D8:4E:CB:C6:B1:D9:2E:14:71
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0643
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/aPUDKSQXnbG1PsrYTsvGsdkuFHE.roa
Signing time: Mon 05 Aug 2024 07:55:04 +0000
ROA not before: Mon 05 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1603 (0x643)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 5 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68F5032924179DB1B53ECAD84ECBC6B1D92E1471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0e:69:2a:0d:35:42:50:c7:40:a1:42:27:3c:
a8:4a:35:52:21:c5:d0:16:3f:3e:b7:36:2a:70:3b:
d6:74:e2:ea:d1:0c:cd:aa:1d:22:e4:bf:8e:1b:8f:
90:c3:46:8b:c1:8c:ad:1b:91:95:ee:4f:cb:f6:18:
eb:86:11:39:a5:e3:fe:5d:ce:14:5f:9a:57:dd:2d:
3a:0f:bd:e7:5c:cb:a9:21:55:4a:c5:a3:e8:76:0d:
44:78:18:da:aa:fc:e8:2f:92:36:16:15:0a:75:de:
86:92:f1:ee:cf:6a:de:49:98:02:47:49:33:28:23:
dc:96:d9:25:92:cf:9f:be:49:3e:28:13:a7:ec:1e:
29:30:9c:54:2e:56:ea:0a:bc:3c:89:5d:24:fd:38:
53:f8:c4:31:02:f6:74:73:2a:c7:41:8a:ca:c5:7e:
3e:b9:6f:3f:39:73:9e:ab:52:6a:0c:61:bc:99:3c:
91:ee:1c:3b:2e:81:e0:80:3a:08:26:40:ee:cc:d8:
c5:23:40:a3:2d:6d:d6:bd:47:1f:b1:07:20:03:ac:
86:0a:8c:39:05:6c:5c:08:9f:5f:4c:9a:30:48:cc:
3a:35:d1:be:be:80:ef:aa:84:c2:27:d4:5b:46:34:
d5:1d:9d:ed:f2:b8:77:99:a8:7d:27:30:50:cd:46:
b1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F5:03:29:24:17:9D:B1:B5:3E:CA:D8:4E:CB:C6:B1:D9:2E:14:71
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/aPUDKSQXnbG1PsrYTsvGsdkuFHE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d2:5c:b4:73:ed:1c:a7:4a:3e:77:ad:3a:bf:99:6c:18:52:
fa:a6:ae:5d:03:ab:a0:d9:a3:5f:7b:75:5c:d0:7f:5c:1e:ba:
b2:b8:11:22:1f:ae:f6:c7:7f:4f:2d:9a:cd:bd:94:cd:ff:9e:
32:a5:1e:d3:13:ed:f6:a0:d2:18:3c:e5:0a:ff:28:f5:e2:0a:
fb:fd:38:3b:cf:cf:3a:57:ee:7c:69:08:53:8c:f3:ee:7d:22:
f8:3e:d0:93:70:15:ad:94:b1:1a:4d:c5:d8:08:07:26:cb:34:
0f:a1:38:c0:24:8f:1a:ef:36:5f:19:0d:e3:d9:f6:fc:e1:1b:
58:1c:1b:0a:aa:3d:4c:ed:ea:3e:0a:38:26:15:44:e3:d2:84:
09:a0:fe:f8:6c:d3:a1:0c:57:56:80:3d:f6:a0:4e:4a:66:2a:
a2:6b:00:cc:16:0c:e5:cc:ef:4b:ad:9a:3f:2d:41:94:15:32:
21:15:72:0a:d2:c8:7d:58:9f:21:ef:19:44:f8:1e:ec:d2:25:
bb:f0:89:78:84:f2:ea:8c:f3:63:db:73:c8:9c:2d:94:1c:03:
7a:14:2e:91:7b:9f:f3:19:1e:74:62:2a:1b:cd:29:7b:36:1a:
e3:4c:02:0f:e6:7c:18:c0:54:45:7d:d6:e0:28:cf:32:53:64:
82:70:95:2d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDUw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY4RjUwMzI5MjQxNzlE
QjFCNTNFQ0FEODRFQ0JDNkIxRDkyRTE0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJDmkqDTVCUMdAoUInPKhKNVIhxdAWPz63NipwO9Z04urRDM2q
HSLkv44bj5DDRovBjK0bkZXuT8v2GOuGETml4/5dzhRfmlfdLToPvedcy6khVUrF
o+h2DUR4GNqq/OgvkjYWFQp13oaS8e7Pat5JmAJHSTMoI9yW2SWSz5++ST4oE6fs
HikwnFQuVuoKvDyJXST9OFP4xDEC9nRzKsdBisrFfj65bz85c56rUmoMYbyZPJHu
HDsugeCAOggmQO7M2MUjQKMtbda9Rx+xByADrIYKjDkFbFwIn19MmjBIzDo10b6+
gO+qhMIn1FtGNNUdne3yuHeZqH0nMFDNRrGjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUaPUDKSQXnbG1PsrYTsvGsdkuFHEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2FQVURLU1FYbmJHMVBz
cllUc3ZHc2RrdUZIRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAC3SXLRz7RynSj53rTq/mWwYUvqmrl0Dq6DZ
o197dVzQf1weurK4ESIfrvbHf08tms29lM3/njKlHtMT7fag0hg85Qr/KPXiCvv9
ODvPzzpX7nxpCFOM8+59Ivg+0JNwFa2UsRpNxdgIBybLNA+hOMAkjxrvNl8ZDePZ
9vzhG1gcGwqqPUzt6j4KOCYVROPShAmg/vhs06EMV1aAPfagTkpmKqJrAMwWDOXM
70utmj8tQZQVMiEVcgrSyH1YnyHvGUT4HuzSJbvwiXiE8uqM82Pbc8icLZQcA3oU
LpF7n/MZHnRiKhvNKXs2GuNMAg/mfBjAVEV91uAozzJTZIJwlS0=
-----END CERTIFICATE-----
Generated at Mon Aug 5 15:20:45 2024 by rpki-client on console-ams.rpki-client.org