Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/nQwPh2u74izRbId4zrZFE80P53E.roa
File: nQwPh2u74izRbId4zrZFE80P53E.roa (raw, json)
Hash identifier: sd/Zu1+cLwrgCfKKDjs/pwrzbguDGLkJJr9Hnawkc7I=
Subject key identifier: 9D:0C:0F:87:6B:BB:E2:2C:D1:6C:87:78:CE:B6:45:13:CD:0F:E7:71
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0433
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nQwPh2u74izRbId4zrZFE80P53E.roa
Signing time: Fri 07 Jun 2024 15:55:04 +0000
ROA not before: Fri 07 Jun 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1075 (0x433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 7 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9D0C0F876BBBE22CD16C8778CEB64513CD0FE771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2d:68:79:21:dc:31:9e:50:b3:6d:e0:6f:9d:
8a:21:6b:72:a0:bc:20:ac:a5:84:16:c3:c6:a2:13:
07:c0:69:d6:ef:14:18:a3:f4:aa:50:be:1e:ce:22:
47:05:31:e8:ad:61:fa:89:11:59:e3:09:f7:66:de:
97:0c:26:0f:bc:35:f9:74:e1:77:42:ed:d3:ae:83:
be:92:c6:ec:b8:57:df:14:27:43:d7:65:e1:5d:b9:
8a:19:b7:39:74:30:f5:f6:61:aa:a1:d2:3c:9b:45:
9b:26:94:08:93:92:1f:7d:f9:a0:43:7a:b7:08:be:
5a:78:ef:26:6c:ba:08:30:4f:26:ad:e0:da:5f:6c:
16:e5:14:ae:e4:85:af:ee:85:0b:48:ad:c1:e7:0a:
72:5c:2f:6c:78:64:7d:75:af:50:d4:30:9a:68:84:
08:e1:68:5b:fd:6b:33:a0:af:e0:b2:ea:36:e6:ac:
f1:07:eb:3a:13:7b:31:3e:90:9e:71:f8:1f:a2:c2:
f3:65:52:61:1d:5c:b5:40:b9:e9:d3:2e:48:12:68:
95:48:4d:34:5f:ec:da:2a:7f:50:7d:b3:01:57:17:
6a:8f:b3:ce:27:74:24:22:6a:a5:2b:0c:6f:63:4e:
5a:aa:8a:fa:f5:2a:74:ea:59:96:a4:cb:f0:58:55:
a5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:0C:0F:87:6B:BB:E2:2C:D1:6C:87:78:CE:B6:45:13:CD:0F:E7:71
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nQwPh2u74izRbId4zrZFE80P53E.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
25:23:af:a5:09:e4:24:d5:24:81:78:a7:41:e0:24:c3:e4:21:
08:ad:b4:7f:d2:ad:ff:f5:ab:ac:ec:26:af:98:b4:0a:86:7f:
08:3b:5d:74:31:50:bb:41:b2:c1:70:61:64:35:b4:32:e9:9c:
e3:74:64:dd:51:86:cb:dd:4e:4d:97:10:b5:e2:4b:84:9f:f0:
21:4e:ed:ae:7c:2a:b2:62:6e:53:12:61:fe:52:fe:9e:34:3c:
17:44:fc:d4:e0:ce:b6:df:1e:30:50:78:7b:ee:c4:60:1b:cd:
7a:f6:9e:af:b4:14:d3:cb:85:6e:f0:a3:f9:08:1f:fa:93:4a:
40:33:8c:34:63:44:42:1f:c8:08:ee:33:fa:41:16:84:d7:32:
1d:c3:f8:b3:63:43:7f:62:ec:d4:21:1a:4d:9e:66:73:8d:e4:
06:43:d0:36:03:f8:e1:c5:74:70:c8:06:38:be:d8:9d:7a:09:
12:39:65:ca:e6:04:20:81:6a:7b:68:3e:7b:d3:c3:f9:b8:67:
69:46:16:49:cb:18:b3:8a:9a:c4:26:83:b8:7c:3e:1a:55:ad:
28:7a:6a:f7:f1:7f:63:e2:07:e0:b9:52:37:f5:82:6c:f4:52:
df:b5:17:af:8f:c9:c0:0d:0f:5f:11:64:15:e0:7c:61:19:26:
d2:98:55:ff
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDcx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlEMEMwRjg3NkJCQkUy
MkNEMTZDODc3OENFQjY0NTEzQ0QwRkU3NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDALWh5IdwxnlCzbeBvnYoha3KgvCCspYQWw8aiEwfAadbvFBij
9KpQvh7OIkcFMeitYfqJEVnjCfdm3pcMJg+8Nfl04XdC7dOug76Sxuy4V98UJ0PX
ZeFduYoZtzl0MPX2Yaqh0jybRZsmlAiTkh99+aBDercIvlp47yZsuggwTyat4Npf
bBblFK7kha/uhQtIrcHnCnJcL2x4ZH11r1DUMJpohAjhaFv9azOgr+Cy6jbmrPEH
6zoTezE+kJ5x+B+iwvNlUmEdXLVAuenTLkgSaJVITTRf7Noqf1B9swFXF2qPs84n
dCQiaqUrDG9jTlqqivr1KnTqWZaky/BYVaVxAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUnQwPh2u74izRbId4zrZFE80P53EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25Rd1BoMnU3NGl6UmJJ
ZDR6clpGRTgwUDUzRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACUjr6UJ5CTVJIF4p0HgJMPkIQittH/Srf/1
q6zsJq+YtAqGfwg7XXQxULtBssFwYWQ1tDLpnON0ZN1RhsvdTk2XELXiS4Sf8CFO
7a58KrJiblMSYf5S/p40PBdE/NTgzrbfHjBQeHvuxGAbzXr2nq+0FNPLhW7wo/kI
H/qTSkAzjDRjREIfyAjuM/pBFoTXMh3D+LNjQ39i7NQhGk2eZnON5AZD0DYD+OHF
dHDIBji+2J16CRI5ZcrmBCCBantoPnvTw/m4Z2lGFknLGLOKmsQmg7h8PhpVrSh6
avfxf2PiB+C5Ujf1gmz0Ut+1F6+PycAND18RZBXgfGEZJtKYVf8=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:02:50 2024 by rpki-client on console-fra.rpki-client.org