Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/-2UHxrZlJG8ZIXmZbmKpQ0h9Ltg.roa
File: -2UHxrZlJG8ZIXmZbmKpQ0h9Ltg.roa (raw, json)
Hash identifier: DlREBxNm+LoESsIRyIiM71BVkyLT3C8HPvbQTbTM+1o=
Subject key identifier: FB:65:07:C6:B6:65:24:6F:19:21:79:99:6E:62:A9:43:48:7D:2E:D8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 014B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-2UHxrZlJG8ZIXmZbmKpQ0h9Ltg.roa
Signing time: Sat 16 Mar 2024 23:55:04 +0000
ROA not before: Sat 16 Mar 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331 (0x14b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 16 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=FB6507C6B665246F192179996E62A943487D2ED8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:86:f0:f2:fa:0d:79:91:3c:b7:67:89:70:14:
6a:c0:23:f7:6a:86:30:c9:30:23:1e:82:c0:93:e0:
f3:90:e8:4a:2e:37:b8:0f:db:87:33:dd:78:60:04:
93:2f:1a:bb:2b:91:52:f2:05:72:eb:e5:d1:c7:ef:
60:de:b0:11:f3:fc:13:a6:06:07:c2:25:84:2b:34:
04:c4:ff:98:d2:16:fa:fb:cf:c4:55:30:23:8e:0e:
35:fe:6e:be:58:10:46:e3:06:ac:fc:c9:a9:32:0b:
22:f2:00:14:49:af:dd:f1:6f:3b:ee:c6:ae:06:e3:
a5:58:49:3f:41:af:62:e1:f6:85:5c:07:ca:1f:43:
10:46:f4:50:f6:4c:c8:bc:ec:3c:8f:8b:ed:23:0f:
d7:9f:7b:0b:36:1b:a3:87:b4:a0:d5:87:9b:a2:6e:
51:45:9a:d8:da:1a:a6:89:b1:b4:6e:28:24:8b:f1:
e6:26:9c:4e:9c:4e:1e:9a:c3:11:9a:a7:c1:ae:72:
36:9b:cb:7b:fc:00:f9:26:20:8a:dd:c3:8e:6c:5c:
10:7b:43:fc:41:4f:6c:47:2b:23:04:d4:63:a6:77:
0d:ac:43:ef:5e:fd:6f:81:0e:2a:97:6f:47:10:17:
67:06:9c:30:4e:b5:3b:50:55:10:f0:3c:25:32:f0:
bb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:65:07:C6:B6:65:24:6F:19:21:79:99:6E:62:A9:43:48:7D:2E:D8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-2UHxrZlJG8ZIXmZbmKpQ0h9Ltg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
81:4c:27:19:0a:82:79:7a:e4:6d:46:70:9a:f4:7b:33:94:18:
ab:42:a1:7d:fc:35:a9:c0:6e:a5:a1:d3:25:15:75:d8:f9:c8:
46:78:2b:63:c1:09:4d:8a:10:0f:3d:d1:73:64:26:d4:ed:e2:
eb:d1:a1:97:aa:51:f8:1c:8d:72:9a:dc:81:1d:e6:c1:90:e3:
59:18:f5:e0:60:cf:55:b3:e5:8c:04:c0:e6:fb:e6:ae:db:ac:
5d:8a:b2:c6:23:8f:9f:f0:5a:c0:68:b6:84:4b:7b:12:9e:3f:
be:d0:fe:5c:b0:68:f0:c5:85:aa:34:71:a6:b4:08:02:96:81:
e8:56:59:a0:60:dc:2a:a8:88:5a:0f:8b:a8:68:9f:fd:0f:c5:
92:90:90:df:b1:4b:51:50:f0:3c:87:c3:4d:1c:bb:c2:91:30:
33:32:7d:af:ac:06:3c:ab:a5:37:74:44:6e:a3:ad:66:8e:e2:
31:5c:f5:2a:9a:cd:e4:fe:28:e1:f1:2b:2e:43:29:9b:7c:ff:
71:d2:31:81:92:48:32:bf:38:ce:66:b8:b4:68:d8:f1:12:6d:
0d:19:b7:85:f1:db:c5:ba:19:b1:ce:f1:f7:02:45:a7:59:86:
f8:27:c8:1d:53:c2:56:8a:3c:b5:4e:cf:64:01:0f:93:23:52:
1c:ae:9e:16
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTYy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEZCNjUwN0M2QjY2NTI0
NkYxOTIxNzk5OTZFNjJBOTQzNDg3RDJFRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3hvDy+g15kTy3Z4lwFGrAI/dqhjDJMCMegsCT4POQ6EouN7gP
24cz3XhgBJMvGrsrkVLyBXLr5dHH72DesBHz/BOmBgfCJYQrNATE/5jSFvr7z8RV
MCOODjX+br5YEEbjBqz8yakyCyLyABRJr93xbzvuxq4G46VYST9Br2Lh9oVcB8of
QxBG9FD2TMi87DyPi+0jD9efews2G6OHtKDVh5uiblFFmtjaGqaJsbRuKCSL8eYm
nE6cTh6awxGap8Gucjaby3v8APkmIIrdw45sXBB7Q/xBT2xHKyME1GOmdw2sQ+9e
/W+BDiqXb0cQF2cGnDBOtTtQVRDwPCUy8LtFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU+2UHxrZlJG8ZIXmZbmKpQ0h9LtgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLy0yVUh4clpsSkc4WklY
bVpibUtwUTBoOUx0Zy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIFMJxkKgnl65G1GcJr0ezOUGKtCoX38NanA
bqWh0yUVddj5yEZ4K2PBCU2KEA890XNkJtTt4uvRoZeqUfgcjXKa3IEd5sGQ41kY
9eBgz1Wz5YwEwOb75q7brF2KssYjj5/wWsBotoRLexKeP77Q/lywaPDFhao0caa0
CAKWgehWWaBg3CqoiFoPi6hon/0PxZKQkN+xS1FQ8DyHw00cu8KRMDMyfa+sBjyr
pTd0RG6jrWaO4jFc9SqazeT+KOHxKy5DKZt8/3HSMYGSSDK/OM5muLRo2PESbQ0Z
t4Xx28W6GbHO8fcCRadZhvgnyB1TwlaKPLVOz2QBD5MjUhyunhY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org