Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/p7VB-bdKGn5RwaMewVglcgQsTwY.roa
File: p7VB-bdKGn5RwaMewVglcgQsTwY.roa (raw, json)
Hash identifier: x7POJYA5tjFsU7m1jhW2NqnpXDJQzsyPE4ri/Ah+HMk=
Subject key identifier: A7:B5:41:F9:B7:4A:1A:7E:51:C1:A3:1E:C1:58:25:72:04:2C:4F:06
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 072A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/p7VB-bdKGn5RwaMewVglcgQsTwY.roa
Signing time: Fri 30 Aug 2024 23:55:03 +0000
ROA not before: Fri 30 Aug 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1834 (0x72a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 30 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A7B541F9B74A1A7E51C1A31EC1582572042C4F06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:24:f5:de:7d:a3:73:94:e4:de:f7:1a:c0:0f:
45:62:f6:92:ff:1d:9c:9f:c8:e5:e6:5e:f2:df:39:
3c:78:c9:7c:e5:cb:74:6b:5c:a9:a5:04:65:fa:c0:
4b:87:2a:7c:c2:db:a9:25:b4:6a:a0:f7:50:8b:44:
8a:e9:c1:fe:45:06:b2:17:6f:68:78:60:83:66:7f:
85:96:98:44:15:be:4d:9f:e1:64:23:12:20:17:1a:
2a:8f:96:5a:e9:5e:9b:12:1f:23:7e:d3:27:68:c6:
e8:4f:6d:80:18:17:da:3e:10:0d:2b:81:64:4d:90:
c3:6a:07:4a:c6:ca:f0:55:bf:c3:c5:c3:f7:7c:64:
6b:87:32:a5:0d:36:71:52:a0:c2:f9:8c:3d:04:7e:
33:67:2e:7d:0e:21:cd:7b:78:8d:6c:66:02:49:5f:
f1:ea:fe:9c:2b:59:da:24:13:5d:31:b3:d5:03:9c:
18:ac:80:a7:b9:9e:de:28:02:7e:58:bd:d3:3b:02:
04:21:02:9d:73:06:32:29:90:8b:0a:85:6a:9e:f0:
bf:02:96:a3:4d:33:85:14:7b:ee:7c:56:df:36:4e:
e0:b4:df:13:07:3d:3e:65:d5:fd:35:6f:a5:56:fe:
07:11:28:13:6f:17:0a:a2:7a:27:a3:1b:96:53:20:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B5:41:F9:B7:4A:1A:7E:51:C1:A3:1E:C1:58:25:72:04:2C:4F:06
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/p7VB-bdKGn5RwaMewVglcgQsTwY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a1:4b:0a:e4:95:4e:57:c8:3b:cb:8d:c0:20:4f:0f:9a:9e:
b2:4f:41:25:1a:cf:68:ed:bb:08:2a:10:14:18:d5:d9:25:d5:
8a:76:df:85:54:2d:1e:c4:62:40:0c:9d:ea:7f:6e:32:19:85:
5b:6f:ad:bb:71:0b:3d:04:65:1a:b2:e1:52:46:a0:95:67:80:
62:ef:ec:61:f4:c2:0f:0d:dd:8f:3a:f3:da:d6:a7:dd:34:11:
97:33:ef:2a:cb:41:ee:8a:fa:9d:02:05:85:a3:4e:9f:10:82:
43:78:dd:9d:78:d2:cc:e2:f1:13:5f:9e:85:2f:ad:75:f1:80:
c6:02:57:97:14:cc:67:6e:f6:a8:61:fd:a5:62:d5:97:fc:f8:
7e:9b:65:97:c2:57:85:12:57:77:89:15:f8:ac:fa:6d:09:2a:
69:bd:fb:57:ab:9a:e3:86:a8:9f:aa:3e:be:a1:1b:0a:74:c3:
bd:78:66:4d:46:75:39:c0:15:45:03:a6:18:90:97:0c:30:4b:
40:96:bb:fa:40:83:c2:39:d6:b0:0a:7b:a6:f8:02:63:9d:44:
6a:26:4a:ea:f0:4b:c8:fc:99:3f:c5:8d:67:e2:f3:d3:89:84:
14:29:d2:91:95:43:4f:e0:91:60:3f:30:4d:fd:a5:05:53:d7:
1b:31:b7:b8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICByowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MzAy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEE3QjU0MUY5Qjc0QTFB
N0U1MUMxQTMxRUMxNTgyNTcyMDQyQzRGMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6JPXefaNzlOTe9xrAD0Vi9pL/HZyfyOXmXvLfOTx4yXzly3Rr
XKmlBGX6wEuHKnzC26kltGqg91CLRIrpwf5FBrIXb2h4YINmf4WWmEQVvk2f4WQj
EiAXGiqPllrpXpsSHyN+0ydoxuhPbYAYF9o+EA0rgWRNkMNqB0rGyvBVv8PFw/d8
ZGuHMqUNNnFSoML5jD0EfjNnLn0OIc17eI1sZgJJX/Hq/pwrWdokE10xs9UDnBis
gKe5nt4oAn5YvdM7AgQhAp1zBjIpkIsKhWqe8L8ClqNNM4UUe+58Vt82TuC03xMH
PT5l1f01b6VW/gcRKBNvFwqieiejG5ZTIBNnAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUp7VB+bdKGn5RwaMewVglcgQsTwYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3A3VkItYmRLR241Undh
TWV3VmdsY2dRc1R3WS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADqhSwrklU5XyDvLjcAgTw+anrJPQSUaz2jt
uwgqEBQY1dkl1Yp234VULR7EYkAMnep/bjIZhVtvrbtxCz0EZRqy4VJGoJVngGLv
7GH0wg8N3Y8689rWp900EZcz7yrLQe6K+p0CBYWjTp8QgkN43Z140szi8RNfnoUv
rXXxgMYCV5cUzGdu9qhh/aVi1Zf8+H6bZZfCV4USV3eJFfis+m0JKmm9+1ermuOG
qJ+qPr6hGwp0w714Zk1GdTnAFUUDphiQlwwwS0CWu/pAg8I51rAKe6b4AmOdRGom
SurwS8j8mT/FjWfi89OJhBQp0pGVQ0/gkWA/ME39pQVT1xsxt7g=
-----END CERTIFICATE-----
Generated at Sat Aug 31 05:44:45 2024 by rpki-client on console-ams.rpki-client.org