Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/xjZrfMQPUUXD23xeNVjdTCyMJ14.roa
File: xjZrfMQPUUXD23xeNVjdTCyMJ14.roa (raw, json)
Hash identifier: 4MkRR+WO1rZMT3y6e3wIDBqDqhVs53Qn/vCy2rHPEzI=
Subject key identifier: C6:36:6B:7C:C4:0F:51:45:C3:DB:7C:5E:35:58:DD:4C:2C:8C:27:5E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 087A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xjZrfMQPUUXD23xeNVjdTCyMJ14.roa
Signing time: Mon 07 Oct 2024 07:55:03 +0000
ROA not before: Mon 07 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2170 (0x87a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 7 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C6366B7CC40F5145C3DB7C5E3558DD4C2C8C275E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f8:3c:e4:6b:51:9f:dc:35:09:3b:df:13:35:
6b:14:bc:71:d0:4d:d1:97:b4:5c:6d:19:a5:ec:fd:
36:7f:06:12:f5:31:ca:80:53:b9:2a:e5:b7:9a:c3:
3d:1f:b9:1a:92:40:23:a1:86:87:50:09:bd:c7:f9:
58:b5:b5:1a:56:38:ec:d1:0e:55:f5:cc:c0:80:11:
c0:a3:b0:2f:85:88:b6:ef:68:41:c4:89:3b:ab:8f:
82:71:97:8f:ef:9e:20:c7:ab:4b:80:a9:e3:fa:33:
98:92:58:67:ae:29:99:36:d3:fc:27:2c:8f:18:ed:
b0:5c:23:1c:dc:97:13:f2:11:60:00:62:56:b6:47:
da:d9:11:fc:6b:af:c4:a7:b9:ff:ac:54:b2:19:3f:
22:49:43:e2:4e:ae:3a:1d:6e:3f:6d:0f:9f:eb:18:
3a:a7:ff:72:35:6b:7e:fd:61:8a:5e:09:be:db:07:
06:f3:63:b3:89:96:72:09:95:4b:92:98:f4:ae:e1:
c1:fc:44:53:aa:44:cb:ae:97:d5:4a:8a:c3:f7:4a:
55:bf:fe:04:5e:a6:cd:75:4b:9a:7d:3b:93:19:51:
9f:e0:42:42:94:1b:8c:02:e1:7e:dd:3a:99:3f:c6:
45:d4:59:ac:7d:14:d2:20:6f:c7:8b:19:d2:0f:f8:
db:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:36:6B:7C:C4:0F:51:45:C3:DB:7C:5E:35:58:DD:4C:2C:8C:27:5E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xjZrfMQPUUXD23xeNVjdTCyMJ14.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7f:68:18:d5:81:fa:6b:72:9f:03:03:ad:52:4c:37:0e:58:
3c:ef:aa:74:05:71:5c:f7:5f:65:b7:6e:43:64:c6:c7:fe:ea:
1a:29:d7:1b:3b:ec:77:89:fd:77:11:01:5e:a5:ab:58:de:19:
b6:07:2e:91:7f:f3:fb:47:23:b9:08:ec:7d:20:43:a0:b7:d7:
11:b7:b4:38:42:fd:49:fb:d0:73:9a:eb:36:96:9c:39:9b:cd:
a1:db:50:fd:b5:d0:45:1b:50:fa:e0:25:47:51:82:26:78:09:
8e:fc:cf:2f:ff:db:69:3c:a2:e7:25:7b:3e:31:b5:8d:01:a5:
17:04:95:93:6b:5e:f7:44:63:d6:ee:3f:1a:64:bb:72:74:9b:
0d:8b:ca:e9:50:07:86:d8:52:78:f4:c7:e5:b2:a6:36:37:ec:
2a:68:2a:56:87:97:99:62:f3:75:c1:75:e5:e3:f1:3c:77:e2:
55:0b:0b:f2:57:6e:bf:f8:69:d8:65:48:b1:be:45:d6:f1:87:
69:04:17:ad:87:6d:9b:92:b7:1c:ae:47:4f:b7:63:48:82:8d:
af:de:a4:5d:31:f5:a3:86:e2:97:75:aa:75:8d:1d:a4:18:f7:
d9:0c:a1:d3:09:f5:dc:8f:0f:0e:e7:51:d0:50:b3:6c:76:4f:
ac:40:94:d2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM2MzY2QjdDQzQwRjUx
NDVDM0RCN0M1RTM1NThERDRDMkM4QzI3NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq+Dzka1Gf3DUJO98TNWsUvHHQTdGXtFxtGaXs/TZ/BhL1McqA
U7kq5beawz0fuRqSQCOhhodQCb3H+Vi1tRpWOOzRDlX1zMCAEcCjsC+FiLbvaEHE
iTurj4Jxl4/vniDHq0uAqeP6M5iSWGeuKZk20/wnLI8Y7bBcIxzclxPyEWAAYla2
R9rZEfxrr8Snuf+sVLIZPyJJQ+JOrjodbj9tD5/rGDqn/3I1a379YYpeCb7bBwbz
Y7OJlnIJlUuSmPSu4cH8RFOqRMuul9VKisP3SlW//gReps11S5p9O5MZUZ/gQkKU
G4wC4X7dOpk/xkXUWax9FNIgb8eLGdIP+NslAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUxjZrfMQPUUXD23xeNVjdTCyMJ14wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3hqWnJmTVFQVVVYRDIz
eGVOVmpkVEN5TUoxNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAB5/aBjVgfprcp8DA61STDcOWDzvqnQFcVz3
X2W3bkNkxsf+6hop1xs77HeJ/XcRAV6lq1jeGbYHLpF/8/tHI7kI7H0gQ6C31xG3
tDhC/Un70HOa6zaWnDmbzaHbUP210EUbUPrgJUdRgiZ4CY78zy//22k8ouclez4x
tY0BpRcElZNrXvdEY9buPxpku3J0mw2LyulQB4bYUnj0x+WypjY37CpoKlaHl5li
83XBdeXj8Tx34lULC/JXbr/4adhlSLG+Rdbxh2kEF62HbZuStxyuR0+3Y0iCja/e
pF0x9aOG4pd1qnWNHaQY99kModMJ9dyPDw7nUdBQs2x2T6xAlNI=
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:51 2024 by rpki-client on console-ams.rpki-client.org