Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/i4I-EJHLg5W-_HCS42PXMObku-o.roa
File: i4I-EJHLg5W-_HCS42PXMObku-o.roa (raw, json)
Hash identifier: zRg52Uh0GWk1a/wIa+Zaor4GUukrgEh+SBdJalMfLzs=
Subject key identifier: 8B:82:3E:10:91:CB:83:95:BE:FC:70:92:E3:63:D7:30:E6:E4:BB:EA
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0565
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/i4I-EJHLg5W-_HCS42PXMObku-o.roa
Signing time: Thu 11 Jul 2024 15:55:03 +0000
ROA not before: Thu 11 Jul 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1381 (0x565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 11 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8B823E1091CB8395BEFC7092E363D730E6E4BBEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7d:4d:7a:d3:e8:70:fe:93:f0:b1:dc:81:45:
b6:1d:8b:2a:12:9e:a4:e0:40:09:fd:c8:99:19:bd:
9d:cd:7b:bf:69:e0:0e:ee:15:2c:e2:0b:be:b9:37:
a2:65:20:cf:4f:1a:72:88:d0:68:2d:12:eb:db:35:
e4:16:6a:ea:22:62:c7:7a:49:04:ed:47:17:f5:cc:
64:06:0e:2e:4f:e3:46:89:26:57:eb:8e:68:b2:de:
83:9e:3d:c8:8d:c0:8b:c3:c1:0f:cf:31:f4:9f:f1:
27:f7:41:a8:b7:87:a2:83:8e:fd:c4:a2:e3:85:1c:
81:f5:95:c2:53:79:3a:7c:0b:a3:4b:44:67:e8:a9:
d9:9b:e9:33:af:04:9d:4c:37:65:ab:c7:bf:86:28:
49:38:59:7f:d6:6f:6c:cf:cf:68:c5:d1:92:ad:37:
b4:45:60:b4:0e:90:00:97:cd:4b:ef:79:1f:b9:75:
03:88:87:71:86:c8:f9:47:4d:c2:91:5f:b7:2a:80:
1b:82:ca:29:f9:28:7b:35:d3:e1:01:a2:40:70:82:
15:89:92:86:d7:0f:37:b9:00:3c:dc:81:e7:c3:19:
7d:22:fc:f3:5a:77:e2:20:f0:65:1f:b3:a4:b0:ca:
04:4f:6d:95:0c:a4:0f:1a:b3:96:35:a0:3b:56:6f:
79:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:82:3E:10:91:CB:83:95:BE:FC:70:92:E3:63:D7:30:E6:E4:BB:EA
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/i4I-EJHLg5W-_HCS42PXMObku-o.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
27:a3:41:a3:c8:8c:d2:06:81:bc:b6:ff:2a:7b:21:19:92:8d:
90:ea:34:be:23:6b:0d:fa:ff:8a:f6:eb:97:40:97:ab:fa:71:
e7:c0:fc:a0:ee:c8:39:26:b5:73:bc:4d:d3:23:ed:e0:f7:47:
e2:c6:0e:57:36:3c:71:57:e1:67:23:6b:50:d8:5a:1f:ea:c6:
94:f9:83:2a:03:7e:b0:1d:80:ad:85:d3:ca:7e:8e:8c:1c:b8:
57:4b:1c:3b:a9:a7:93:a0:db:69:67:45:0f:5f:d9:cb:fd:37:
00:7f:c7:ce:e7:7c:0f:f4:41:00:a8:5e:32:26:81:09:91:41:
b2:7d:0c:6b:a8:43:14:99:62:41:a1:27:55:9b:93:50:79:4d:
78:cb:07:0a:a0:38:c7:cd:b9:8e:72:9e:ba:e5:23:46:7c:3f:
79:c9:69:ec:c2:3a:f6:44:7d:42:4b:39:6b:4c:c5:b4:78:3a:
1f:f3:ab:89:ef:c7:d7:e5:d6:4e:1d:42:d0:77:ce:41:db:55:
5d:f9:fb:5c:ad:49:6a:e4:11:fd:77:fd:e5:76:ce:22:b8:79:
83:8c:14:2d:9c:b5:2a:f8:3c:00:bf:40:62:d9:e8:67:52:94:
d3:d5:e8:b9:f2:0b:e3:11:96:5b:4c:83:d3:4f:3d:a6:d5:e4:
28:3c:29:08
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MTEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDhCODIzRTEwOTFDQjgz
OTVCRUZDNzA5MkUzNjNENzMwRTZFNEJCRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRfU160+hw/pPwsdyBRbYdiyoSnqTgQAn9yJkZvZ3Ne79p4A7u
FSziC765N6JlIM9PGnKI0GgtEuvbNeQWauoiYsd6SQTtRxf1zGQGDi5P40aJJlfr
jmiy3oOePciNwIvDwQ/PMfSf8Sf3Qai3h6KDjv3EouOFHIH1lcJTeTp8C6NLRGfo
qdmb6TOvBJ1MN2Wrx7+GKEk4WX/Wb2zPz2jF0ZKtN7RFYLQOkACXzUvveR+5dQOI
h3GGyPlHTcKRX7cqgBuCyin5KHs10+EBokBwghWJkobXDze5ADzcgefDGX0i/PNa
d+Ig8GUfs6SwygRPbZUMpA8as5Y1oDtWb3l5AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUi4I+EJHLg5W+/HCS42PXMObku+owHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2k0SS1FSkhMZzVXLV9I
Q1M0MlBYTU9ia3Utby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACejQaPIjNIGgby2/yp7IRmSjZDqNL4jaw36
/4r265dAl6v6cefA/KDuyDkmtXO8TdMj7eD3R+LGDlc2PHFX4Wcja1DYWh/qxpT5
gyoDfrAdgK2F08p+jowcuFdLHDupp5Og22lnRQ9f2cv9NwB/x87nfA/0QQCoXjIm
gQmRQbJ9DGuoQxSZYkGhJ1Wbk1B5TXjLBwqgOMfNuY5ynrrlI0Z8P3nJaezCOvZE
fUJLOWtMxbR4Oh/zq4nvx9fl1k4dQtB3zkHbVV35+1ytSWrkEf13/eV2ziK4eYOM
FC2ctSr4PAC/QGLZ6GdSlNPV6LnyC+MRlltMg9NPPabV5Cg8KQg=
-----END CERTIFICATE-----
Generated at Thu Jul 11 22:38:09 2024 by rpki-client on console-ams.rpki-client.org