Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oHA-3TSt0QtYSQtGx1oNReEt4zo.roa
File: oHA-3TSt0QtYSQtGx1oNReEt4zo.roa (raw, json)
Hash identifier: xKCP1LgfCI+oKInjN//8LsP3VrSfmrL9mhrAg75EMIk=
Subject key identifier: A0:70:3E:DD:34:AD:D1:0B:58:49:0B:46:C7:5A:0D:45:E1:2D:E3:3A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 05DD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oHA-3TSt0QtYSQtGx1oNReEt4zo.roa
Signing time: Wed 24 Jul 2024 23:55:04 +0000
ROA not before: Wed 24 Jul 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1501 (0x5dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 24 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A0703EDD34ADD10B58490B46C75A0D45E12DE33A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:06:a9:41:df:d0:b8:15:99:13:c0:21:aa:c9:
e9:c7:58:a2:4f:d6:eb:41:52:b6:ae:94:7e:4e:ed:
10:d2:3e:55:74:f4:46:39:bc:45:2c:c9:7a:a4:2e:
6e:71:f5:20:3d:ac:43:51:94:fe:e6:24:f1:90:d8:
17:58:68:1d:e6:b4:69:a4:b8:e5:82:b4:4a:09:bc:
d1:11:04:fd:4c:9b:49:be:48:c4:1c:a1:99:f2:a9:
16:7f:2f:76:88:16:7b:5b:dc:2e:5d:91:59:bb:88:
01:65:cc:26:79:aa:16:24:78:12:6e:46:9c:80:e1:
f9:41:16:f2:f1:37:41:1f:97:0d:e7:f6:d6:98:35:
59:31:c8:d9:a9:76:28:fb:49:e5:7e:6f:9e:d9:33:
1c:ac:89:9f:93:ed:57:49:24:35:89:fc:95:3a:23:
8b:97:2b:97:e7:1b:1f:10:99:28:5d:02:07:d2:c0:
6b:73:64:e1:96:57:4e:f7:32:80:3d:08:1e:86:94:
a5:71:ae:77:73:54:a1:0b:ce:5a:64:43:65:b8:67:
b9:d9:84:2e:56:5f:12:66:c1:32:56:a5:5b:89:4e:
21:53:17:cf:88:aa:84:5b:4f:64:cd:4e:ba:17:6a:
0b:02:d9:fb:38:b0:5a:eb:58:97:82:d7:be:69:19:
e2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:70:3E:DD:34:AD:D1:0B:58:49:0B:46:C7:5A:0D:45:E1:2D:E3:3A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oHA-3TSt0QtYSQtGx1oNReEt4zo.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
32:2d:d2:3d:c4:ea:44:5e:6a:59:8c:26:b0:7a:6f:f6:98:79:
1e:bf:d4:5f:f7:08:50:8f:5c:10:2f:ff:51:46:8b:1a:51:ea:
a1:8a:01:aa:13:9c:b2:83:48:3a:37:6a:44:4b:bf:e0:6b:fa:
ad:e2:67:60:14:59:c4:ea:7b:8f:fa:78:ef:07:eb:e2:a6:6f:
5b:24:ab:1a:4a:44:91:f1:dd:3a:30:df:de:0c:96:dc:a6:1c:
10:c5:17:79:a2:6a:79:0e:97:7d:8f:9c:68:c9:ae:2b:d6:b9:
63:1e:78:cd:72:a0:09:30:93:74:53:bd:03:94:41:15:be:31:
64:e6:2f:2a:e2:09:5d:1a:35:31:46:b8:08:00:20:8c:a2:0b:
6b:03:78:4e:10:ac:91:6a:53:8e:7e:06:1c:11:b1:31:96:41:
a3:80:c8:87:19:35:dd:3e:43:05:9b:5b:5e:da:9c:68:c1:d9:
ed:a9:70:88:40:a9:cb:d1:ea:9e:10:c6:d2:18:11:6b:af:15:
0c:d4:92:4e:cb:c6:90:d1:e0:f3:01:fa:72:88:01:81:38:27:
f7:67:ac:53:a1:90:0f:98:56:1b:d6:19:d9:ac:0a:8b:9f:a1:
94:47:9f:d2:a4:69:ae:5b:82:75:b4:7a:1a:59:2a:75:2e:0e:
ff:31:d4:17
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MjQy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEwNzAzRUREMzRBREQx
MEI1ODQ5MEI0NkM3NUEwRDQ1RTEyREUzM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbBqlB39C4FZkTwCGqyenHWKJP1utBUraulH5O7RDSPlV09EY5
vEUsyXqkLm5x9SA9rENRlP7mJPGQ2BdYaB3mtGmkuOWCtEoJvNERBP1Mm0m+SMQc
oZnyqRZ/L3aIFntb3C5dkVm7iAFlzCZ5qhYkeBJuRpyA4flBFvLxN0Eflw3n9taY
NVkxyNmpdij7SeV+b57ZMxysiZ+T7VdJJDWJ/JU6I4uXK5fnGx8QmShdAgfSwGtz
ZOGWV073MoA9CB6GlKVxrndzVKELzlpkQ2W4Z7nZhC5WXxJmwTJWpVuJTiFTF8+I
qoRbT2TNTroXagsC2fs4sFrrWJeC175pGeIzAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoHA+3TSt0QtYSQtGx1oNReEt4zowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29IQS0zVFN0MFF0WVNR
dEd4MW9OUmVFdDR6by5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADIt0j3E6kRealmMJrB6b/aYeR6/1F/3CFCP
XBAv/1FGixpR6qGKAaoTnLKDSDo3akRLv+Br+q3iZ2AUWcTqe4/6eO8H6+Kmb1sk
qxpKRJHx3Tow394MltymHBDFF3miankOl32PnGjJrivWuWMeeM1yoAkwk3RTvQOU
QRW+MWTmLyriCV0aNTFGuAgAIIyiC2sDeE4QrJFqU45+BhwRsTGWQaOAyIcZNd0+
QwWbW17anGjB2e2pcIhAqcvR6p4QxtIYEWuvFQzUkk7LxpDR4PMB+nKIAYE4J/dn
rFOhkA+YVhvWGdmsCoufoZRHn9Kkaa5bgnW0ehpZKnUuDv8x1Bc=
-----END CERTIFICATE-----
Generated at Thu Jul 25 06:45:48 2024 by rpki-client on console-fra.rpki-client.org