Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/gDEslRxpjUt4MWk1mduwKne9MIs.roa
File: gDEslRxpjUt4MWk1mduwKne9MIs.roa (raw, json)
Hash identifier: pFKG6xqxI9fL0m/G7aQCPJbqHKHGk0WwiA5TuizpWv4=
Subject key identifier: 80:31:2C:95:1C:69:8D:4B:78:31:69:35:99:DB:B0:2A:77:BD:30:8B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03BE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/gDEslRxpjUt4MWk1mduwKne9MIs.roa
Signing time: Sat 25 May 2024 15:55:03 +0000
ROA not before: Sat 25 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 May 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 958 (0x3be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 25 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80312C951C698D4B7831693599DBB02A77BD308B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:52:1c:86:4c:71:d6:f9:f4:8f:65:1f:a1:5e:
e0:33:03:cf:7e:27:7e:3f:73:38:13:3f:ce:e6:8f:
c9:56:07:c2:6e:44:31:2e:86:6c:c7:19:6d:ae:4d:
e9:3f:39:ff:b5:46:df:20:c8:ca:75:6d:ec:00:74:
d2:25:39:d8:dd:ad:7e:a1:98:2f:b3:04:36:89:da:
45:e4:68:eb:c6:21:f3:38:83:c3:46:00:aa:21:48:
4f:b3:01:97:86:70:3a:dc:01:40:09:89:e9:89:56:
f0:7d:6a:f5:1c:2e:5d:e6:83:ae:be:12:50:12:ac:
27:c7:d2:67:d1:d6:b8:aa:1c:fe:da:45:10:18:cc:
bc:8f:0a:d8:10:a3:69:58:e2:c0:6f:a2:c5:40:45:
b2:d9:1f:54:ca:a3:93:e6:da:98:88:56:87:38:dc:
9c:a4:95:1c:91:c5:81:5a:06:9f:39:f6:08:8c:96:
4a:1b:39:91:d9:88:fd:64:8b:b6:68:5a:4b:8e:cd:
06:83:03:36:06:65:fd:b9:1c:be:62:65:e9:73:03:
d4:d9:f4:f7:65:fb:16:97:c1:e0:d1:85:12:6c:86:
cf:fc:d5:71:fa:29:b7:dd:79:6f:d1:97:e5:69:a3:
47:a2:5a:68:52:c6:a1:48:e2:5a:66:35:59:ca:3a:
15:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:31:2C:95:1C:69:8D:4B:78:31:69:35:99:DB:B0:2A:77:BD:30:8B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/gDEslRxpjUt4MWk1mduwKne9MIs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:04:a8:ed:3c:6e:c9:ba:cc:76:74:5f:6b:75:e1:ca:4e:d4:
f3:f0:5e:a8:d5:e7:46:f0:0d:a1:76:60:e7:a0:8e:9a:fe:03:
b1:9c:f9:df:2d:46:0b:1c:1c:cf:0a:55:66:f2:2c:5a:e8:59:
93:78:15:d2:7e:9b:05:40:fd:58:8d:a6:55:8d:65:65:68:81:
d0:b5:8d:0a:6d:ed:65:db:77:6a:72:94:00:af:f3:b3:08:3f:
38:84:a4:da:c2:8e:7f:14:9f:5b:ce:bc:42:82:04:ce:5a:ea:
b5:e0:12:a1:f2:0c:db:7d:82:64:43:30:33:ac:36:4e:55:e7:
a8:c3:14:84:6d:fb:a9:c6:76:a7:3e:40:26:c2:12:e0:7b:7d:
10:7f:c9:45:cd:b9:d3:20:85:3c:d6:aa:c5:f3:3d:10:27:88:
5c:7b:ac:7d:30:25:83:c4:d0:da:f2:3f:6e:e0:2c:e7:60:89:
42:f9:28:af:d8:17:54:38:58:5e:0b:36:90:ed:d5:cc:f5:19:
04:eb:02:99:7a:0b:73:4b:f9:3c:72:7c:42:3e:41:c1:21:5a:
a6:2f:33:07:96:a7:d6:61:f2:36:cf:4a:bc:2c:21:ce:2f:f2:
c7:f8:3b:3b:a1:55:83:d2:9a:4c:0f:89:2b:df:0e:82:42:47:
79:08:ed:31
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MjUx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDgwMzEyQzk1MUM2OThE
NEI3ODMxNjkzNTk5REJCMDJBNzdCRDMwOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfUhyGTHHW+fSPZR+hXuAzA89+J34/czgTP87mj8lWB8JuRDEu
hmzHGW2uTek/Of+1Rt8gyMp1bewAdNIlOdjdrX6hmC+zBDaJ2kXkaOvGIfM4g8NG
AKohSE+zAZeGcDrcAUAJiemJVvB9avUcLl3mg66+ElASrCfH0mfR1riqHP7aRRAY
zLyPCtgQo2lY4sBvosVARbLZH1TKo5Pm2piIVoc43JyklRyRxYFaBp859giMlkob
OZHZiP1ki7ZoWkuOzQaDAzYGZf25HL5iZelzA9TZ9Pdl+xaXweDRhRJshs/81XH6
KbfdeW/Rl+Vpo0eiWmhSxqFI4lpmNVnKOhXXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUgDEslRxpjUt4MWk1mduwKne9MIswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2dERXNsUnhwalV0NE1X
azFtZHV3S25lOU1Jcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACwEqO08bsm6zHZ0X2t14cpO1PPwXqjV50bw
DaF2YOegjpr+A7Gc+d8tRgscHM8KVWbyLFroWZN4FdJ+mwVA/ViNplWNZWVogdC1
jQpt7WXbd2pylACv87MIPziEpNrCjn8Un1vOvEKCBM5a6rXgEqHyDNt9gmRDMDOs
Nk5V56jDFIRt+6nGdqc+QCbCEuB7fRB/yUXNudMghTzWqsXzPRAniFx7rH0wJYPE
0NryP27gLOdgiUL5KK/YF1Q4WF4LNpDt1cz1GQTrApl6C3NL+TxyfEI+QcEhWqYv
MweWp9Zh8jbPSrwsIc4v8sf4OzuhVYPSmkwPiSvfDoJCR3kI7TE=
-----END CERTIFICATE-----
Generated at Sat May 25 23:03:46 2024 by rpki-client on console-ams.rpki-client.org