Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/kiAwduLarC4hkTRUdYz9_WJiepA.roa
File: kiAwduLarC4hkTRUdYz9_WJiepA.roa (raw, json)
Hash identifier: BFsXYw3rQjTzX6bEjMv2UI5VdBFS2NVYt4/pCgTC3b4=
Subject key identifier: 92:20:30:76:E2:DA:AC:2E:21:91:34:54:75:8C:FD:FD:62:62:7A:90
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 059E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kiAwduLarC4hkTRUdYz9_WJiepA.roa
Signing time: Wed 17 Jul 2024 23:55:03 +0000
ROA not before: Wed 17 Jul 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jul 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1438 (0x59e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 17 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92203076E2DAAC2E21913454758CFDFD62627A90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c3:b0:29:2f:5f:94:29:8d:d1:d1:67:a5:1f:
aa:cd:9b:d0:fa:56:53:0d:8b:22:65:e6:4f:f3:77:
09:54:04:3c:73:6e:08:c5:d0:20:13:3d:e0:26:f0:
4b:41:7c:f9:8e:7f:55:df:9f:9a:51:5b:bb:70:5c:
f8:b9:ee:cb:ec:06:4d:05:b8:8b:3b:0e:0b:0c:01:
5c:a4:05:35:62:a8:fd:c4:8d:ee:69:b0:77:39:94:
7d:7c:a8:d6:f8:2c:fd:15:e4:e8:7f:0a:08:bc:58:
a2:17:c8:30:df:61:87:07:40:c5:48:d0:3e:42:3f:
7f:19:45:34:d1:20:e7:ee:22:ff:87:b3:b5:6f:49:
01:7c:dd:7c:bf:f2:92:8b:e0:60:d7:8d:51:14:2f:
54:5d:39:35:d0:c6:6a:00:9a:04:01:bf:6b:d6:a8:
82:66:7e:54:b3:e4:32:84:87:05:48:8e:ee:a2:38:
9d:5e:06:0b:5e:e6:51:25:a1:52:37:ab:04:a1:5b:
5f:7f:07:b0:01:34:68:74:53:d8:fb:92:d2:a6:37:
b2:79:d7:af:43:b2:42:12:00:b0:e1:33:07:f8:73:
57:e5:87:75:9a:40:35:28:b7:52:0e:7b:e8:02:cb:
d9:2f:f0:56:a0:11:37:46:f1:ca:03:a4:53:c3:4b:
71:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:20:30:76:E2:DA:AC:2E:21:91:34:54:75:8C:FD:FD:62:62:7A:90
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kiAwduLarC4hkTRUdYz9_WJiepA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
67:2d:b7:0a:d1:8b:d0:93:66:58:23:1f:92:2b:f7:b9:8a:14:
99:61:6d:e1:b3:da:57:44:96:a0:15:6f:7d:90:2d:55:59:21:
6f:87:be:78:3d:4b:82:50:da:69:fa:70:36:02:9e:0b:19:52:
50:a5:d6:6c:b1:5d:d4:72:25:f2:16:81:b1:f1:5f:40:3c:d4:
e6:10:af:42:7a:da:02:93:97:f8:9e:14:70:98:1c:1b:1c:e2:
31:5f:1c:5d:d8:fe:4e:c6:5c:99:9c:80:71:44:42:8e:01:32:
b8:ec:11:2c:d4:4e:53:ba:b3:0c:49:b9:c9:65:ea:73:94:3e:
dc:ce:bb:d2:af:ee:48:a6:e4:73:fd:a4:11:ea:0a:8a:92:ca:
89:87:70:b4:97:37:d9:45:87:8c:66:ad:5d:09:30:90:a1:ed:
80:2d:cd:97:c5:22:7e:ee:cb:7b:78:58:bc:b5:50:4f:f6:35:
8c:8e:bf:2b:d3:0b:76:fd:f3:5d:03:6e:36:a7:a1:f2:bf:c5:
b2:ae:98:40:0e:0c:73:ab:8f:bd:a4:6c:9f:d4:84:14:f3:2b:
0c:b2:f1:66:b4:b9:aa:0e:79:93:38:3f:bf:18:64:81:2c:12:
d7:a1:db:7f:d6:32:ee:65:9f:81:5f:f9:22:f4:94:6b:bd:de:
de:fd:0b:e9
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MTcy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkyMjAzMDc2RTJEQUFD
MkUyMTkxMzQ1NDc1OENGREZENjI2MjdBOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZw7ApL1+UKY3R0WelH6rNm9D6VlMNiyJl5k/zdwlUBDxzbgjF
0CATPeAm8EtBfPmOf1Xfn5pRW7twXPi57svsBk0FuIs7DgsMAVykBTViqP3Eje5p
sHc5lH18qNb4LP0V5Oh/Cgi8WKIXyDDfYYcHQMVI0D5CP38ZRTTRIOfuIv+Hs7Vv
SQF83Xy/8pKL4GDXjVEUL1RdOTXQxmoAmgQBv2vWqIJmflSz5DKEhwVIju6iOJ1e
Bgte5lEloVI3qwShW19/B7ABNGh0U9j7ktKmN7J5169DskISALDhMwf4c1flh3Wa
QDUot1IOe+gCy9kv8FagETdG8coDpFPDS3G1AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUkiAwduLarC4hkTRUdYz9/WJiepAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2tpQXdkdUxhckM0aGtU
UlVkWXo5X1dKaWVwQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGcttwrRi9CTZlgjH5Ir97mKFJlhbeGz2ldE
lqAVb32QLVVZIW+Hvng9S4JQ2mn6cDYCngsZUlCl1myxXdRyJfIWgbHxX0A81OYQ
r0J62gKTl/ieFHCYHBsc4jFfHF3Y/k7GXJmcgHFEQo4BMrjsESzUTlO6swxJucll
6nOUPtzOu9Kv7kim5HP9pBHqCoqSyomHcLSXN9lFh4xmrV0JMJCh7YAtzZfFIn7u
y3t4WLy1UE/2NYyOvyvTC3b9810DbjanofK/xbKumEAODHOrj72kbJ/UhBTzKwyy
8Wa0uaoOeZM4P78YZIEsEteh23/WMu5ln4Ff+SL0lGu93t79C+k=
-----END CERTIFICATE-----
Generated at Thu Jul 18 05:56:55 2024 by rpki-client on console-fra.rpki-client.org