Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oZL1CB57ejSgcuL-5koy5u7F_PE.roa
File: oZL1CB57ejSgcuL-5koy5u7F_PE.roa (raw, json)
Hash identifier: jv+749nNNU5/9UkNc04vV34kzUQ6qteeoefABC9JYpA=
Subject key identifier: A1:92:F5:08:1E:7B:7A:34:A0:72:E2:FE:E6:4A:32:E6:EE:C5:FC:F1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08F8
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oZL1CB57ejSgcuL-5koy5u7F_PE.roa
Signing time: Mon 21 Oct 2024 07:55:02 +0000
ROA not before: Mon 21 Oct 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2296 (0x8f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 21 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A192F5081E7B7A34A072E2FEE64A32E6EEC5FCF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:80:40:a4:9b:34:d0:15:8d:31:96:47:a0:0f:
1f:dd:44:9c:7a:70:ba:68:ca:f2:00:53:f5:d0:8c:
8d:fd:8f:d1:08:0c:f5:75:ef:6a:80:5b:6f:a8:5f:
12:cd:55:66:c8:96:e1:08:21:62:15:45:36:10:28:
77:b0:ee:7b:7d:c1:62:76:32:15:e8:91:63:2d:b4:
4b:5e:1c:b4:cc:64:95:7f:7f:1f:70:3b:8f:25:94:
ea:c7:41:3c:a0:73:d8:57:33:4e:97:34:45:9e:e3:
4b:36:ef:20:9f:4e:c4:b1:ab:da:80:23:d4:d5:b4:
a5:13:50:9b:9c:d7:a1:64:16:33:be:de:4f:a8:00:
e6:72:ab:d7:34:25:8a:da:a7:2d:d3:7b:18:d3:06:
ad:1d:0c:14:0a:cc:6f:a0:dc:75:3d:8f:3c:27:62:
5b:b7:ee:53:58:d7:5f:2d:58:2a:9a:ef:d6:bf:6f:
70:fe:42:2e:d1:d6:de:3b:98:4b:a6:df:1d:d7:ae:
1f:4d:83:1a:da:3b:f7:c3:be:05:19:d9:32:e7:89:
70:c0:db:f7:88:f1:ca:16:28:b8:41:9e:f8:6b:c7:
53:0c:23:94:b6:ac:83:49:c7:83:19:2e:b8:73:f2:
53:68:4c:f4:d6:b1:6c:5a:ca:36:b3:fe:ea:78:01:
4d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:92:F5:08:1E:7B:7A:34:A0:72:E2:FE:E6:4A:32:E6:EE:C5:FC:F1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oZL1CB57ejSgcuL-5koy5u7F_PE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b1:f3:03:23:18:90:16:b9:b8:49:ff:02:9b:52:14:ee:b7:
18:33:c0:ea:4c:7c:33:02:ed:31:9f:5b:b4:b6:6f:c9:c2:b1:
45:20:30:75:da:94:e5:02:91:7e:61:66:fa:22:ec:89:e8:4e:
41:3f:d6:e0:2a:fb:cc:84:a1:4a:91:5c:a7:23:ea:6b:a3:e4:
3b:0e:01:0e:98:3b:e3:50:56:eb:29:c4:1d:22:a1:4b:31:d1:
91:0e:84:be:e4:03:01:72:0a:ef:3f:c2:5c:c7:a0:6f:1e:13:
d0:ec:01:eb:c4:1c:d7:be:58:ac:41:49:7e:d0:22:2a:e5:a7:
d4:45:74:35:97:ad:ef:39:cd:c9:75:d5:cf:9d:97:e8:08:54:
00:8f:02:b4:c0:48:62:70:69:ad:84:b9:7b:e8:57:cb:df:3a:
03:5a:5f:ca:e5:ff:b6:ca:52:27:e3:21:58:fa:c3:1c:2b:94:
a5:18:2d:b3:e5:46:8f:67:b5:09:7b:50:b1:25:56:98:4b:67:
72:e7:96:c7:d4:ce:62:42:a2:46:0e:ad:16:90:97:c5:f2:73:
f8:a8:78:d8:f1:a4:44:ff:04:52:58:ed:29:c0:6a:d5:cd:2e:
f3:4f:4c:28:22:e3:f7:95:60:47:2f:bf:60:ab:9d:b5:aa:df:
4c:18:50:e4
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjEw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEExOTJGNTA4MUU3QjdB
MzRBMDcyRTJGRUU2NEEzMkU2RUVDNUZDRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRgECkmzTQFY0xlkegDx/dRJx6cLpoyvIAU/XQjI39j9EIDPV1
72qAW2+oXxLNVWbIluEIIWIVRTYQKHew7nt9wWJ2MhXokWMttEteHLTMZJV/fx9w
O48llOrHQTygc9hXM06XNEWe40s27yCfTsSxq9qAI9TVtKUTUJuc16FkFjO+3k+o
AOZyq9c0JYrapy3TexjTBq0dDBQKzG+g3HU9jzwnYlu37lNY118tWCqa79a/b3D+
Qi7R1t47mEum3x3Xrh9NgxraO/fDvgUZ2TLniXDA2/eI8coWKLhBnvhrx1MMI5S2
rINJx4MZLrhz8lNoTPTWsWxayjaz/up4AU09AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoZL1CB57ejSgcuL+5koy5u7F/PEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29aTDFDQjU3ZWpTZ2N1
TC01a295NXU3Rl9QRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAKx8wMjGJAWubhJ/wKbUhTutxgzwOpMfDMC
7TGfW7S2b8nCsUUgMHXalOUCkX5hZvoi7InoTkE/1uAq+8yEoUqRXKcj6muj5DsO
AQ6YO+NQVuspxB0ioUsx0ZEOhL7kAwFyCu8/wlzHoG8eE9DsAevEHNe+WKxBSX7Q
Iirlp9RFdDWXre85zcl11c+dl+gIVACPArTASGJwaa2EuXvoV8vfOgNaX8rl/7bK
UifjIVj6wxwrlKUYLbPlRo9ntQl7ULElVphLZ3LnlsfUzmJCokYOrRaQl8Xyc/io
eNjxpET/BFJY7SnAatXNLvNPTCgi4/eVYEcvv2CrnbWq30wYUOQ=
-----END CERTIFICATE-----
Generated at Mon Oct 21 16:36:31 2024 by rpki-client on console-ams.rpki-client.org