Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/pZpC5JNJFNC9iWK3b4MBEIvTqro.roa
File: pZpC5JNJFNC9iWK3b4MBEIvTqro.roa (raw, json)
Hash identifier: 954+bjt5SzcF+qxyIT8k8paPbYAzaINo8RMNm7GPA9c=
Subject key identifier: A5:9A:42:E4:93:49:14:D0:BD:89:62:B7:6F:83:01:10:8B:D3:AA:BA
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 035B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/pZpC5JNJFNC9iWK3b4MBEIvTqro.roa
Signing time: Tue 14 May 2024 15:55:04 +0000
ROA not before: Tue 14 May 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 859 (0x35b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 14 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A59A42E4934914D0BD8962B76F8301108BD3AABA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:db:ec:9e:a4:b4:5d:c0:9c:43:17:c2:79:a3:
82:f6:9a:62:c2:6d:24:8c:2b:53:77:a6:b2:b3:ec:
87:1e:0d:23:1e:32:14:44:54:78:cf:2e:33:c5:4e:
46:38:5a:a4:1d:c3:19:28:98:91:ae:ed:c5:3e:cc:
e0:8b:a1:78:7d:a0:0d:57:f0:e2:52:fd:d4:56:8f:
4d:06:be:c8:34:2e:82:c6:36:27:ea:bd:75:d6:b1:
21:f5:ed:3d:d5:b9:aa:4c:42:8a:22:e7:20:d6:5b:
a8:fd:ab:21:05:66:fa:00:4b:4c:f8:5f:87:99:7e:
4b:8c:cd:32:f9:c4:b9:ca:3f:0d:41:ba:50:08:c8:
1d:a7:b1:6f:19:8c:ef:be:0b:b7:6e:38:33:10:a2:
16:3b:71:66:ac:a5:55:2b:b2:97:40:4b:13:74:26:
c1:ea:a8:d3:d2:ec:ef:d4:8c:bc:ec:b1:4b:4d:79:
98:15:e3:78:d1:db:95:78:89:34:40:e0:8f:ac:e1:
f6:0a:d1:5a:4b:86:eb:53:9b:d6:c6:20:e1:bd:f8:
0d:ff:a3:cb:e5:18:96:d1:e6:45:91:b0:7d:f7:3d:
40:26:fd:d4:5e:a8:fc:ea:fd:24:85:4b:2e:a6:45:
6d:05:22:7a:5a:00:c1:18:4c:71:33:4f:28:5f:ea:
76:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9A:42:E4:93:49:14:D0:BD:89:62:B7:6F:83:01:10:8B:D3:AA:BA
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/pZpC5JNJFNC9iWK3b4MBEIvTqro.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:da:40:46:1e:fe:df:8b:96:04:5d:8e:a0:69:9e:74:35:fd:
21:99:e9:15:b8:a8:3b:22:18:30:53:97:bb:75:97:73:3a:2c:
0c:eb:d4:8e:40:0b:eb:31:fe:89:ac:9f:f3:6b:fc:f8:26:3c:
a7:45:47:ed:b4:3e:83:55:f5:89:80:a3:51:61:ab:e4:15:01:
18:ba:0a:14:b4:39:c9:3b:22:5b:78:99:36:0f:69:99:10:8c:
16:4b:6a:d4:a7:47:22:c4:c7:63:9d:b3:5a:a3:d9:93:76:57:
b8:ef:cd:d7:46:b9:c4:b2:e7:27:3f:23:c4:30:9b:5f:1f:4a:
da:78:27:f0:1b:00:d6:02:11:15:20:11:bd:18:e7:58:85:99:
78:7c:8f:de:19:ee:98:f7:32:77:1a:a1:a6:b7:25:59:d8:a3:
73:0f:a7:06:04:30:78:32:7c:42:d4:d8:7c:7a:68:79:da:ba:
c1:85:73:ae:b6:dd:28:ac:02:fa:40:5f:41:f2:42:ac:f1:6e:
52:10:e7:6f:8f:ec:cb:10:77:20:39:c9:f7:89:46:ca:ee:61:
d8:b2:5d:74:72:bb:7a:d5:89:2c:9c:f9:ef:19:9b:1a:c8:37:
bb:bd:0e:93:34:14:6a:99:ca:3f:a9:da:09:26:1a:72:83:c4:
f5:a8:f9:f1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTQx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEE1OUE0MkU0OTM0OTE0
RDBCRDg5NjJCNzZGODMwMTEwOEJEM0FBQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz2+yepLRdwJxDF8J5o4L2mmLCbSSMK1N3prKz7IceDSMeMhRE
VHjPLjPFTkY4WqQdwxkomJGu7cU+zOCLoXh9oA1X8OJS/dRWj00Gvsg0LoLGNifq
vXXWsSH17T3VuapMQooi5yDWW6j9qyEFZvoAS0z4X4eZfkuMzTL5xLnKPw1BulAI
yB2nsW8ZjO++C7duODMQohY7cWaspVUrspdASxN0JsHqqNPS7O/UjLzssUtNeZgV
43jR25V4iTRA4I+s4fYK0VpLhutTm9bGIOG9+A3/o8vlGJbR5kWRsH33PUAm/dRe
qPzq/SSFSy6mRW0FInpaAMEYTHEzTyhf6nYpAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUpZpC5JNJFNC9iWK3b4MBEIvTqrowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3BacEM1Sk5KRk5DOWlX
SzNiNE1CRUl2VHFyby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABzaQEYe/t+LlgRdjqBpnnQ1/SGZ6RW4qDsi
GDBTl7t1l3M6LAzr1I5AC+sx/omsn/Nr/PgmPKdFR+20PoNV9YmAo1Fhq+QVARi6
ChS0Ock7Ilt4mTYPaZkQjBZLatSnRyLEx2Ods1qj2ZN2V7jvzddGucSy5yc/I8Qw
m18fStp4J/AbANYCERUgEb0Y51iFmXh8j94Z7pj3Mncaoaa3JVnYo3MPpwYEMHgy
fELU2Hx6aHnausGFc6623SisAvpAX0HyQqzxblIQ52+P7MsQdyA5yfeJRsruYdiy
XXRyu3rViSyc+e8ZmxrIN7u9DpM0FGqZyj+p2gkmGnKDxPWo+fE=
-----END CERTIFICATE-----
Generated at Tue May 14 22:06:20 2024 by rpki-client on console-ams.rpki-client.org