Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oF1I_b2uXGkl0evYq14cblesa2I.roa
File: oF1I_b2uXGkl0evYq14cblesa2I.roa (raw, json)
Hash identifier: hs9mFhFpHrKUp66mi/ZNVDaM83w0KOMkb/K4dYPThg4=
Subject key identifier: A0:5D:48:FD:BD:AE:5C:69:25:D1:EB:D8:AB:5E:1C:6E:57:AC:6B:62
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 07C6
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oF1I_b2uXGkl0evYq14cblesa2I.roa
Signing time: Tue 17 Sep 2024 07:55:02 +0000
ROA not before: Tue 17 Sep 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1990 (0x7c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 17 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A05D48FDBDAE5C6925D1EBD8AB5E1C6E57AC6B62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:75:6b:68:b0:b2:3e:72:69:65:3c:16:8c:
f1:82:ff:85:82:01:29:b8:0d:bd:30:b5:c0:69:66:
40:2a:1f:ba:f5:55:05:c2:ff:03:b5:cc:f0:34:41:
f0:6f:4c:9c:ac:fb:b1:0c:6d:06:68:97:c1:8d:10:
3f:ab:c7:39:fc:78:4a:e7:26:a3:d4:01:cc:3a:50:
38:53:4f:88:8b:57:3e:1e:33:f1:e7:aa:f6:e3:8f:
af:9f:fb:13:48:26:92:bf:fd:07:9b:ca:57:6a:cf:
0f:50:36:a6:8e:20:8b:95:e5:66:17:7f:1b:f8:69:
74:da:58:ef:0a:05:03:db:c8:ab:be:19:a2:bb:69:
7b:af:f9:35:9b:2c:c4:ca:d2:7b:3d:5f:8c:76:ec:
a8:f4:47:b6:5b:60:10:3d:e6:36:24:b9:d3:0e:55:
39:4e:4e:2e:1f:ab:c2:08:47:1f:a2:1d:97:b4:7d:
27:34:f3:1e:9f:bd:0e:cc:a6:f3:91:81:5c:be:e5:
af:2a:55:cb:68:8e:7d:45:e0:b7:af:18:9f:e5:d2:
13:ed:ba:7c:67:de:2a:81:ca:71:d9:92:4b:2e:a4:
a9:57:2b:9a:00:76:b8:85:6a:81:49:f3:0e:86:e4:
0a:9e:2c:24:6b:ec:eb:bf:d8:3c:7d:57:80:81:00:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5D:48:FD:BD:AE:5C:69:25:D1:EB:D8:AB:5E:1C:6E:57:AC:6B:62
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oF1I_b2uXGkl0evYq14cblesa2I.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
76:44:e3:2b:72:6a:f1:d8:19:2e:48:b9:dc:c4:f5:e6:9c:c9:
f0:40:b5:23:eb:09:3a:db:a4:af:f0:55:c4:8c:f1:4c:c3:ae:
07:7e:d6:98:9f:f1:e4:4a:59:49:72:02:ea:14:9e:70:89:46:
30:eb:79:c2:c2:e8:6d:91:65:c5:62:98:42:0a:83:e1:a1:a0:
8b:04:f8:44:5c:d1:b2:3c:bf:da:6d:d8:cd:b9:24:85:29:62:
88:80:d9:34:83:f2:c1:0e:d3:f0:22:f6:ca:02:fe:4e:d1:52:
e6:78:d3:5e:b4:c3:8c:7e:e6:6c:40:ba:48:69:5f:a1:1f:d5:
73:47:f5:c3:c4:ad:a8:01:e0:f9:2f:ad:a3:48:e5:3d:6d:1b:
07:03:6e:df:79:77:fd:0e:89:9d:d5:65:6a:73:74:2b:37:5b:
b1:37:01:b9:e0:58:9d:13:76:29:81:01:6a:2e:fd:f5:b7:e5:
01:be:fa:cb:19:f4:e7:9a:94:d7:4c:76:de:db:fb:60:80:26:
68:1a:12:b9:d7:92:9a:c4:01:98:52:5a:82:63:da:81:a5:77:
5e:53:ba:d3:8a:81:06:ed:f2:e9:f1:75:3f:ca:f4:10:d6:8b:
e1:6f:d9:40:2c:ec:4c:75:f6:93:9e:0b:62:ff:6e:d4:80:a1:
7c:94:22:f3
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICB8YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MTcw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEwNUQ0OEZEQkRBRTVD
NjkyNUQxRUJEOEFCNUUxQzZFNTdBQzZCNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCheXVraLCyPnJpZTwWjPGC/4WCASm4Db0wtcBpZkAqH7r1VQXC
/wO1zPA0QfBvTJys+7EMbQZol8GNED+rxzn8eErnJqPUAcw6UDhTT4iLVz4eM/Hn
qvbjj6+f+xNIJpK//Qebyldqzw9QNqaOIIuV5WYXfxv4aXTaWO8KBQPbyKu+GaK7
aXuv+TWbLMTK0ns9X4x27Kj0R7ZbYBA95jYkudMOVTlOTi4fq8IIRx+iHZe0fSc0
8x6fvQ7MpvORgVy+5a8qVctojn1F4LevGJ/l0hPtunxn3iqBynHZkksupKlXK5oA
driFaoFJ8w6G5AqeLCRr7Ou/2Dx9V4CBAABBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoF1I/b2uXGkl0evYq14cblesa2IwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29GMUlfYjJ1WEdrbDBl
dllxMTRjYmxlc2EySS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHZE4ytyavHYGS5IudzE9eacyfBAtSPrCTrb
pK/wVcSM8UzDrgd+1pif8eRKWUlyAuoUnnCJRjDrecLC6G2RZcVimEIKg+GhoIsE
+ERc0bI8v9pt2M25JIUpYoiA2TSD8sEO0/Ai9soC/k7RUuZ40160w4x+5mxAukhp
X6Ef1XNH9cPEragB4PkvraNI5T1tGwcDbt95d/0OiZ3VZWpzdCs3W7E3AbngWJ0T
dimBAWou/fW35QG++ssZ9OealNdMdt7b+2CAJmgaErnXkprEAZhSWoJj2oGld15T
utOKgQbt8unxdT/K9BDWi+Fv2UAs7Ex19pOeC2L/btSAoXyUIvM=
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:50 2024 by rpki-client on console-ams.rpki-client.org