Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/t3L3yhSRdzgUTVDz4TQADmfE39Y.roa
File: t3L3yhSRdzgUTVDz4TQADmfE39Y.roa (raw, json)
Hash identifier: KrhNqmoGZqE+WZxpkVJI+YUxPf0DTQtAwEGungRK9tw=
Subject key identifier: B7:72:F7:CA:14:91:77:38:14:4D:50:F3:E1:34:00:0E:67:C4:DF:D6
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06AF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/t3L3yhSRdzgUTVDz4TQADmfE39Y.roa
Signing time: Sat 17 Aug 2024 07:55:04 +0000
ROA not before: Sat 17 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1711 (0x6af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 17 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B772F7CA14917738144D50F3E134000E67C4DFD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:56:bd:a1:d4:3b:5d:61:ef:86:c8:d3:89:
52:c8:2a:f7:a7:d4:bf:37:c0:f2:ef:d9:4c:e6:2e:
eb:24:d8:86:dc:da:be:6d:1e:25:e1:2c:94:41:32:
f3:bb:e0:eb:51:be:d4:5f:55:4d:91:1c:27:09:cf:
37:cd:48:72:82:0d:61:fa:46:8d:fe:33:83:65:54:
3a:d4:7f:00:3d:c6:43:90:0a:a7:af:ca:95:f3:88:
22:aa:2d:a9:2c:02:6e:eb:67:1c:82:e0:cd:2f:e4:
da:b4:66:ca:03:1a:aa:b3:4a:e5:94:89:5f:ad:74:
e3:bf:56:ca:dd:48:b9:ea:ea:91:16:11:1b:5f:71:
d5:5b:3f:b4:c8:a4:31:1b:d4:fe:c9:ec:be:cd:10:
14:21:a5:e4:3d:9d:16:43:ab:40:60:b7:5f:75:69:
bb:e8:4d:78:bb:60:9e:7d:7a:87:c5:30:e0:f5:43:
d5:75:7f:ee:e6:a5:9e:a9:90:03:21:93:48:d1:53:
d6:60:9d:92:1b:0e:78:6f:bf:7c:ce:ef:19:0e:76:
84:f6:87:3f:c6:5a:81:73:09:08:2e:83:9e:63:51:
db:0f:26:6b:7a:0a:3c:e2:31:d6:61:00:b5:d4:3b:
58:d2:3f:55:a1:48:85:9f:35:7b:15:d3:83:02:fb:
40:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:72:F7:CA:14:91:77:38:14:4D:50:F3:E1:34:00:0E:67:C4:DF:D6
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/t3L3yhSRdzgUTVDz4TQADmfE39Y.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ec:d5:da:37:d0:74:a1:c7:c3:d3:3e:bf:9a:9a:14:98:f7:
cc:af:57:c8:7c:b4:5d:b7:20:54:09:99:d4:6b:d8:aa:a1:b4:
58:ac:ba:62:ba:71:95:a6:24:e0:a4:20:a1:c0:3b:37:b6:35:
97:c7:0b:90:2a:e8:3c:e9:e7:ca:f7:79:07:a8:b4:97:99:28:
11:0b:9a:82:e1:a5:8d:c2:05:8c:e7:ce:4a:a0:b5:23:f4:68:
97:a6:e2:3f:0a:7d:77:55:f2:d9:1d:20:01:63:b6:b4:b0:9f:
53:92:76:4a:00:bc:01:a1:bc:6b:2b:f1:61:9c:4e:1d:e3:bf:
26:be:27:a2:0d:aa:5c:37:a2:55:42:e2:95:14:01:52:b4:3d:
39:e8:dd:1d:5b:f9:f8:1e:fa:53:bd:9e:39:2a:56:d2:95:8d:
3a:df:6b:2a:a0:0d:e7:22:ad:10:01:62:11:1d:20:a6:68:06:
07:ce:79:8c:18:8a:d5:70:41:f0:8c:9c:de:5f:00:4a:bc:f5:
bf:38:19:ba:c9:3f:ae:a2:8f:24:1f:95:d4:f2:67:e4:46:48:
2f:c6:43:56:a4:2d:1a:31:1f:4d:47:4b:dc:3f:42:9f:f8:96:
33:fd:a8:35:63:da:a5:b1:11:c8:24:e1:af:1d:21:e4:e6:3b:
95:0d:8d:ab
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBq8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTcw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI3NzJGN0NBMTQ5MTc3
MzgxNDRENTBGM0UxMzQwMDBFNjdDNERGRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz31a9odQ7XWHvhsjTiVLIKven1L83wPLv2UzmLusk2Ibc2r5t
HiXhLJRBMvO74OtRvtRfVU2RHCcJzzfNSHKCDWH6Ro3+M4NlVDrUfwA9xkOQCqev
ypXziCKqLaksAm7rZxyC4M0v5Nq0ZsoDGqqzSuWUiV+tdOO/VsrdSLnq6pEWERtf
cdVbP7TIpDEb1P7J7L7NEBQhpeQ9nRZDq0Bgt191abvoTXi7YJ59eofFMOD1Q9V1
f+7mpZ6pkAMhk0jRU9ZgnZIbDnhvv3zO7xkOdoT2hz/GWoFzCQgug55jUdsPJmt6
CjziMdZhALXUO1jSP1WhSIWfNXsV04MC+0BZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUt3L3yhSRdzgUTVDz4TQADmfE39YwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3QzTDN5aFNSZHpnVVRW
RHo0VFFBRG1mRTM5WS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGPs1do30HShx8PTPr+amhSY98yvV8h8tF23
IFQJmdRr2KqhtFisumK6cZWmJOCkIKHAOze2NZfHC5Aq6Dzp58r3eQeotJeZKBEL
moLhpY3CBYznzkqgtSP0aJem4j8KfXdV8tkdIAFjtrSwn1OSdkoAvAGhvGsr8WGc
Th3jvya+J6INqlw3olVC4pUUAVK0PTno3R1b+fge+lO9njkqVtKVjTrfayqgDeci
rRABYhEdIKZoBgfOeYwYitVwQfCMnN5fAEq89b84GbrJP66ijyQfldTyZ+RGSC/G
Q1akLRoxH01HS9w/Qp/4ljP9qDVj2qWxEcgk4a8dIeTmO5UNjas=
-----END CERTIFICATE-----
Generated at Sat Aug 17 15:32:57 2024 by rpki-client on console-ams.rpki-client.org