Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/fUKuANelXnp45DoofbQSCdoEfio.roa
File: fUKuANelXnp45DoofbQSCdoEfio.roa (raw, json)
Hash identifier: LHrdBCjAyr3NvDmA7bJqtn5EyeIhF3hYOS8AxKlNtm0=
Subject key identifier: 7D:42:AE:00:D7:A5:5E:7A:78:E4:3A:28:7D:B4:12:09:DA:04:7E:2A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0682
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/fUKuANelXnp45DoofbQSCdoEfio.roa
Signing time: Mon 12 Aug 2024 07:55:04 +0000
ROA not before: Mon 12 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 11:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1666 (0x682)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 12 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7D42AE00D7A55E7A78E43A287DB41209DA047E2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:e4:36:ad:af:ea:95:30:78:14:5c:15:1d:
78:0e:86:41:e2:4d:94:6a:de:3f:db:c0:b5:f7:91:
b5:23:ca:0a:d2:85:29:93:cc:de:ee:e2:88:02:c0:
86:74:6f:05:2f:f7:af:c4:a2:30:d1:db:1f:a7:f7:
67:e9:f7:52:71:5c:6f:db:5c:4e:f7:8a:76:65:ea:
c8:84:d1:8e:9e:cb:35:c3:6d:91:b3:91:6a:b2:3d:
0a:06:da:5e:d4:ac:12:c5:90:4d:fe:d9:57:81:0d:
ad:df:75:a9:fe:15:01:85:be:53:cd:d9:07:79:28:
1e:31:e4:b7:de:32:eb:58:ed:62:d5:5b:c3:a6:37:
1c:c4:ba:a6:03:34:c3:49:4a:f6:57:e0:20:9e:83:
e4:8c:20:e9:64:6b:a6:e6:0d:f5:5f:c8:48:26:a3:
b3:bc:db:1a:b9:ca:03:81:57:25:94:58:73:3c:c8:
14:a9:64:bf:e2:a7:04:6d:1e:3c:5a:ac:1c:ce:f6:
86:0a:a5:33:01:55:15:d2:a2:d2:78:48:9c:5f:78:
e6:c4:99:7d:82:d4:39:b0:04:21:6d:b8:0b:c2:b5:
82:ec:38:93:b7:b0:19:8e:c9:30:07:b4:e0:c4:85:
e7:9a:aa:fb:80:16:e1:5e:b3:9c:7f:6e:e3:1b:92:
fc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:42:AE:00:D7:A5:5E:7A:78:E4:3A:28:7D:B4:12:09:DA:04:7E:2A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/fUKuANelXnp45DoofbQSCdoEfio.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:12:32:91:eb:a5:0d:2f:e2:1c:43:1e:66:c7:f0:6b:70:b4:
bd:fc:03:71:16:c9:fe:a0:2c:55:c9:98:2e:cc:1d:79:6c:cc:
4d:71:7f:26:52:ff:2f:ce:86:19:bc:c4:92:fa:cc:10:0f:7f:
df:a1:26:f2:1a:e1:93:a6:14:c0:8d:5e:11:37:49:7e:21:ba:
58:fb:d3:08:70:63:e7:74:1a:98:3d:d5:4b:c5:38:68:47:e3:
f3:24:2d:e0:ea:2b:7a:9d:93:25:ec:fc:2a:79:fe:50:6b:30:
70:32:a7:88:f5:0d:2a:60:83:fa:04:13:83:04:7f:63:50:dc:
0a:38:1c:b7:2f:c2:dd:8c:19:a4:32:a3:4a:4d:74:26:4b:a9:
f1:44:0a:69:5b:e2:73:25:d6:e4:27:7c:e5:94:cd:3e:34:da:
d2:c3:a7:31:2b:f6:6d:2c:d5:61:bc:fd:0e:65:04:34:6f:af:
0c:40:38:64:31:b3:76:9c:27:8c:f2:b6:55:5c:03:84:cc:55:
35:2c:d4:1d:71:c3:ef:fe:be:7d:76:f0:87:e4:b1:39:c9:12:
75:55:e9:ec:ef:32:5d:1e:fe:7d:b2:80:ff:af:f7:ce:0f:8e:
7a:8d:07:c8:3f:c5:96:94:45:24:19:c4:da:80:33:be:cb:68:
f6:75:0f:4b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTIw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDdENDJBRTAwRDdBNTVF
N0E3OEU0M0EyODdEQjQxMjA5REEwNDdFMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDuOQ2ra/qlTB4FFwVHXgOhkHiTZRq3j/bwLX3kbUjygrShSmT
zN7u4ogCwIZ0bwUv96/EojDR2x+n92fp91JxXG/bXE73inZl6siE0Y6eyzXDbZGz
kWqyPQoG2l7UrBLFkE3+2VeBDa3fdan+FQGFvlPN2Qd5KB4x5LfeMutY7WLVW8Om
NxzEuqYDNMNJSvZX4CCeg+SMIOlka6bmDfVfyEgmo7O82xq5ygOBVyWUWHM8yBSp
ZL/ipwRtHjxarBzO9oYKpTMBVRXSotJ4SJxfeObEmX2C1DmwBCFtuAvCtYLsOJO3
sBmOyTAHtODEheeaqvuAFuFes5x/buMbkvzfAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUfUKuANelXnp45DoofbQSCdoEfiowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2ZVS3VBTmVsWG5wNDVE
b29mYlFTQ2RvRWZpby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHsSMpHrpQ0v4hxDHmbH8GtwtL38A3EWyf6g
LFXJmC7MHXlszE1xfyZS/y/Ohhm8xJL6zBAPf9+hJvIa4ZOmFMCNXhE3SX4hulj7
0whwY+d0Gpg91UvFOGhH4/MkLeDqK3qdkyXs/Cp5/lBrMHAyp4j1DSpgg/oEE4ME
f2NQ3Ao4HLcvwt2MGaQyo0pNdCZLqfFECmlb4nMl1uQnfOWUzT402tLDpzEr9m0s
1WG8/Q5lBDRvrwxAOGQxs3acJ4zytlVcA4TMVTUs1B1xw+/+vn128IfksTnJEnVV
6ezvMl0e/n2ygP+v984PjnqNB8g/xZaURSQZxNqAM77LaPZ1D0s=
-----END CERTIFICATE-----
Generated at Mon Aug 12 14:38:24 2024 by rpki-client on console-ams.rpki-client.org