Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/cj0yNcEHAYGru6EcbhLCJm8Ss44.roa
File: cj0yNcEHAYGru6EcbhLCJm8Ss44.roa (raw, json)
Hash identifier: t8gsW0B85lKHV1RlFSjX7owAI9LI5h3Hi7hZI2vujuI=
Subject key identifier: 72:3D:32:35:C1:07:01:81:AB:BB:A1:1C:6E:12:C2:26:6F:12:B3:8E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07A5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cj0yNcEHAYGru6EcbhLCJm8Ss44.roa
Signing time: Fri 13 Sep 2024 15:55:04 +0000
ROA not before: Fri 13 Sep 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1957 (0x7a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 13 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=723D3235C1070181ABBBA11C6E12C2266F12B38E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:85:77:89:39:fb:18:ee:9f:7c:95:dc:32:8d:
78:9a:86:35:4d:d2:89:1e:15:b4:c7:08:92:e7:a5:
70:1c:75:1d:db:46:27:17:9b:be:d5:84:5d:ae:68:
20:f7:38:ac:30:90:cb:3d:6f:01:73:5f:f3:fc:63:
8b:f2:df:b4:99:97:57:7b:fc:3c:17:d1:0e:82:58:
ea:51:d0:e1:23:15:32:37:ae:ea:68:6d:39:e6:94:
89:77:fe:96:a4:ad:b5:0f:d3:44:fe:78:dc:53:12:
bb:b8:57:7c:ff:ea:f7:96:ac:32:78:51:36:bc:71:
52:74:5c:1c:39:3a:85:54:a4:de:34:d8:4e:bf:36:
17:ff:3e:7d:f0:08:27:7d:1d:49:44:72:ba:53:a1:
c8:4e:52:7b:4f:91:47:0d:48:41:76:45:18:be:e7:
dc:d1:55:40:60:57:30:5a:87:c9:f4:80:b6:13:82:
9e:7a:29:35:c6:ae:6c:95:4d:c8:43:f3:0e:3c:d8:
bc:16:5c:64:95:af:e9:39:6c:f7:c3:a5:39:77:1e:
b8:b4:3a:c6:b6:8d:a1:f0:22:2c:34:4d:d3:0e:9e:
45:9b:27:6e:35:48:8c:73:fe:cd:d3:54:da:94:f2:
f8:8c:0b:8c:69:8f:7c:cd:24:0c:74:d6:6f:16:55:
b4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3D:32:35:C1:07:01:81:AB:BB:A1:1C:6E:12:C2:26:6F:12:B3:8E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cj0yNcEHAYGru6EcbhLCJm8Ss44.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:46:bd:2c:36:c4:e3:8d:3e:7b:75:f0:a0:bf:d2:c5:9b:69:
90:d1:73:26:74:99:1c:12:26:cf:df:7c:57:89:5f:97:3f:45:
11:75:77:51:44:70:f0:77:ba:9d:fb:d3:fd:80:a9:a2:1c:46:
3f:63:02:fb:5d:2f:b1:79:87:03:66:a4:2b:86:93:12:03:76:
42:2f:5a:c7:d8:6a:48:79:a4:af:71:79:40:d2:01:7b:ab:8c:
ac:73:63:4a:e3:12:5b:a5:54:33:5a:75:f6:77:80:bf:43:35:
f7:b5:36:43:a9:cf:63:a3:8f:6d:84:32:2a:54:6f:d2:7f:e5:
6f:5b:a0:40:0d:bd:5e:e0:47:9d:7e:f0:db:a7:2a:2e:c1:c5:
d0:df:82:21:e9:de:5b:a7:ba:e3:ca:41:96:d5:7f:65:07:35:
5a:6f:ee:f3:16:07:60:61:be:b7:4b:4f:2c:68:65:8b:42:43:
b3:b7:f7:15:f3:23:b7:1d:b5:51:94:97:9e:59:a3:59:5c:4e:
23:47:86:1c:15:64:af:2d:21:7a:4f:d4:70:66:5f:a3:88:38:
aa:56:b6:26:0e:54:bd:69:fe:72:7d:0e:ce:47:cf:fb:cd:fa:
47:35:3f:f1:81:40:71:41:b1:86:42:95:3e:bc:4a:10:a9:8e:
f3:62:18:fb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB6UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTMx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDcyM0QzMjM1QzEwNzAx
ODFBQkJCQTExQzZFMTJDMjI2NkYxMkIzOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDchXeJOfsY7p98ldwyjXiahjVN0okeFbTHCJLnpXAcdR3bRicX
m77VhF2uaCD3OKwwkMs9bwFzX/P8Y4vy37SZl1d7/DwX0Q6CWOpR0OEjFTI3rupo
bTnmlIl3/pakrbUP00T+eNxTEru4V3z/6veWrDJ4UTa8cVJ0XBw5OoVUpN402E6/
Nhf/Pn3wCCd9HUlEcrpTochOUntPkUcNSEF2RRi+59zRVUBgVzBah8n0gLYTgp56
KTXGrmyVTchD8w482LwWXGSVr+k5bPfDpTl3Hri0Osa2jaHwIiw0TdMOnkWbJ241
SIxz/s3TVNqU8viMC4xpj3zNJAx01m8WVbTFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUcj0yNcEHAYGru6EcbhLCJm8Ss44wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2NqMHlOY0VIQVlHcnU2
RWNiaExDSm04U3M0NC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACpGvSw2xOONPnt18KC/0sWbaZDRcyZ0mRwS
Js/ffFeJX5c/RRF1d1FEcPB3up370/2AqaIcRj9jAvtdL7F5hwNmpCuGkxIDdkIv
WsfYakh5pK9xeUDSAXurjKxzY0rjElulVDNadfZ3gL9DNfe1NkOpz2Ojj22EMipU
b9J/5W9boEANvV7gR51+8NunKi7BxdDfgiHp3lunuuPKQZbVf2UHNVpv7vMWB2Bh
vrdLTyxoZYtCQ7O39xXzI7cdtVGUl55Zo1lcTiNHhhwVZK8tIXpP1HBmX6OIOKpW
tiYOVL1p/nJ9Ds5Hz/vN+kc1P/GBQHFBsYZClT68ShCpjvNiGPs=
-----END CERTIFICATE-----
Generated at Fri Sep 13 21:50:29 2024 by rpki-client on console-ams.rpki-client.org