Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/c0DkEcRCNt0z4OawBZYhONIdMKI.roa
File: c0DkEcRCNt0z4OawBZYhONIdMKI.roa (raw, json)
Hash identifier: N0MEd4s432lvwqZP7PkunbmmVRQU5+QQtPPLY0XHO1s=
Subject key identifier: 73:40:E4:11:C4:42:36:DD:33:E0:E6:B0:05:96:21:38:D2:1D:30:A2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 045A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/c0DkEcRCNt0z4OawBZYhONIdMKI.roa
Signing time: Tue 11 Jun 2024 23:55:03 +0000
ROA not before: Tue 11 Jun 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jun 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114 (0x45a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 11 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7340E411C44236DD33E0E6B005962138D21D30A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:04:5f:9b:4d:0d:b0:d6:73:c1:ea:04:77:36:
71:79:22:8d:e7:a7:4d:df:97:cf:38:f3:3b:3b:ee:
a7:38:15:9e:aa:10:cf:5f:73:d2:4d:72:fc:de:e9:
4d:ba:44:ff:6e:37:19:ac:cb:58:40:b1:cf:81:77:
fb:d2:af:cd:4e:68:9b:06:4c:f1:3a:98:09:25:34:
ce:88:a3:e3:54:6b:bd:9c:f5:09:c3:ed:99:94:36:
13:4f:72:ce:55:c0:9b:7b:72:43:11:6f:e6:4c:9a:
a1:05:36:62:97:27:72:0c:a9:78:b6:9c:df:c7:e1:
4e:95:b2:e8:b6:7b:7e:61:4a:01:ad:55:26:38:8d:
d3:7b:b2:85:84:74:3f:35:d8:f4:1c:70:86:4e:23:
55:c7:b8:1c:38:1b:5a:74:f0:ae:fc:2a:00:a9:1c:
b7:7e:3f:44:0c:7d:12:f8:25:c4:53:e8:97:65:0d:
9d:d9:18:18:a6:f2:5f:77:f1:94:d7:66:1b:71:ce:
a0:fa:2a:11:e3:b6:cd:03:cf:ef:30:be:5d:4b:28:
2b:ca:a1:c3:52:bd:2f:cb:4a:e6:2d:20:71:bb:78:
13:40:14:97:0c:6a:90:c8:55:d9:d5:33:9b:34:77:
68:bb:b8:25:35:e9:15:76:1d:0d:8f:f2:94:8e:66:
b4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:40:E4:11:C4:42:36:DD:33:E0:E6:B0:05:96:21:38:D2:1D:30:A2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/c0DkEcRCNt0z4OawBZYhONIdMKI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d6:21:aa:05:4b:1d:11:07:f1:4f:30:70:82:e2:b1:30:f6:
f1:ad:e1:99:37:bf:7c:19:69:d2:60:d1:08:88:1a:dc:12:95:
43:a8:71:b2:a2:c9:f4:d6:f5:70:3c:4e:3e:32:b0:72:1d:59:
9b:79:cf:de:d7:b1:18:30:9a:14:fa:17:06:4d:43:a5:32:16:
64:eb:63:30:41:7c:16:f5:28:3c:26:e6:99:fb:d1:26:7f:7f:
26:c2:0e:b7:fc:58:34:cf:12:e8:05:d1:85:7c:cc:80:86:94:
03:3e:ea:ae:bb:6e:e3:3f:10:29:5d:40:ef:c3:38:a9:3f:27:
1e:b0:00:30:d2:05:b2:ba:0d:9f:2e:63:91:7b:c5:2d:37:e1:
49:1c:53:f0:a1:8b:f1:f3:1b:89:6e:1f:ea:c9:c0:19:54:80:
ab:d3:f6:f2:ba:89:e8:dd:10:5f:55:ff:8c:c4:cf:8b:f6:5f:
51:58:90:48:61:67:91:79:7d:08:59:80:ae:8c:e2:33:49:2a:
c3:c1:6b:15:75:cd:15:a6:c2:ba:93:30:78:23:1c:ce:e2:b0:
f9:39:12:29:db:34:8a:81:b3:45:53:d7:be:0d:32:13:b4:26:
27:44:db:9c:f3:39:37:6b:df:6d:22:69:6e:b2:1f:0c:ed:98:
be:9b:85:2b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MTEy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDczNDBFNDExQzQ0MjM2
REQzM0UwRTZCMDA1OTYyMTM4RDIxRDMwQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTBF+bTQ2w1nPB6gR3NnF5Io3np03fl8848zs77qc4FZ6qEM9f
c9JNcvze6U26RP9uNxmsy1hAsc+Bd/vSr81OaJsGTPE6mAklNM6Io+NUa72c9QnD
7ZmUNhNPcs5VwJt7ckMRb+ZMmqEFNmKXJ3IMqXi2nN/H4U6Vsui2e35hSgGtVSY4
jdN7soWEdD812PQccIZOI1XHuBw4G1p08K78KgCpHLd+P0QMfRL4JcRT6JdlDZ3Z
GBim8l938ZTXZhtxzqD6KhHjts0Dz+8wvl1LKCvKocNSvS/LSuYtIHG7eBNAFJcM
apDIVdnVM5s0d2i7uCU16RV2HQ2P8pSOZrTTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUc0DkEcRCNt0z4OawBZYhONIdMKIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2MwRGtFY1JDTnQwejRP
YXdCWlloT05JZE1LSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAC3WIaoFSx0RB/FPMHCC4rEw9vGt4Zk3v3wZ
adJg0QiIGtwSlUOocbKiyfTW9XA8Tj4ysHIdWZt5z97XsRgwmhT6FwZNQ6UyFmTr
YzBBfBb1KDwm5pn70SZ/fybCDrf8WDTPEugF0YV8zICGlAM+6q67buM/ECldQO/D
OKk/Jx6wADDSBbK6DZ8uY5F7xS034UkcU/Chi/HzG4luH+rJwBlUgKvT9vK6iejd
EF9V/4zEz4v2X1FYkEhhZ5F5fQhZgK6M4jNJKsPBaxV1zRWmwrqTMHgjHM7isPk5
EinbNIqBs0VT174NMhO0JidE25zzOTdr320iaW6yHwztmL6bhSs=
-----END CERTIFICATE-----
Generated at Wed Jun 12 07:40:59 2024 by rpki-client on console-ams.rpki-client.org