Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/-mMpfPqO_Bmmczw36zUayyuYaOU.roa
File: -mMpfPqO_Bmmczw36zUayyuYaOU.roa (raw, json)
Hash identifier: pok0hl/lft3C+9VqwFVC8AdZLRrzec0wMWM46RuqxlA=
Subject key identifier: FA:63:29:7C:FA:8E:FC:19:A6:73:3C:37:EB:35:1A:CB:2B:98:68:E5
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 034F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-mMpfPqO_Bmmczw36zUayyuYaOU.roa
Signing time: Mon 13 May 2024 07:55:03 +0000
ROA not before: Mon 13 May 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 847 (0x34f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 13 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=FA63297CFA8EFC19A6733C37EB351ACB2B9868E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a5:37:c0:17:3d:18:99:46:f0:d9:77:f5:bf:
b0:78:cc:d7:fa:59:2b:4f:fd:00:f5:79:e0:ff:ff:
52:5d:01:e2:46:f4:1c:7b:3c:e6:d9:4e:ee:05:d4:
c2:48:08:aa:1e:1f:a3:e6:10:ef:13:c8:ee:7e:3b:
54:52:b6:53:73:28:ae:c4:e9:73:73:d1:cb:39:e6:
13:40:47:62:4a:1d:92:2d:ca:46:a3:a3:12:6a:3a:
5e:1e:4b:13:14:61:b7:a9:45:ff:4b:d7:45:a6:07:
8b:bf:59:62:ab:3e:9d:46:6e:f0:34:e8:26:bd:7d:
f1:cc:e4:a9:a3:30:18:58:b6:14:97:76:f8:0d:96:
ac:66:1d:34:2f:fb:c9:6b:bd:f1:87:10:c3:67:6f:
fd:b6:50:2f:ec:ca:e6:cc:11:1c:5f:a6:df:a1:a7:
32:db:55:6f:f9:46:68:17:1f:69:96:b2:a6:5c:c1:
76:d7:7a:ae:69:0e:b6:a9:b3:1c:e1:0b:20:85:a2:
b1:69:45:cf:f5:47:8a:a9:b3:3b:20:e6:81:b0:e1:
f4:c6:73:95:db:47:a5:ff:3d:ea:e2:02:be:e5:bc:
54:f5:a8:0b:a2:2f:91:65:f0:2b:49:29:65:4d:b3:
2c:38:59:14:6b:8d:4b:23:7c:93:3b:c0:84:1b:6b:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:63:29:7C:FA:8E:FC:19:A6:73:3C:37:EB:35:1A:CB:2B:98:68:E5
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-mMpfPqO_Bmmczw36zUayyuYaOU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e4:89:81:5a:54:b8:2d:a1:a5:d3:0f:86:3e:d1:4c:c0:d3:
0e:a9:09:59:0a:5b:0d:b0:ba:7a:45:c2:43:87:74:75:b9:f4:
df:54:0e:b3:8c:9f:b3:b2:5a:de:1c:60:cf:81:34:e6:9b:8b:
66:7a:d5:00:84:36:18:f6:c9:50:84:b2:1a:b4:97:a7:b1:45:
ff:3b:71:f6:6b:5b:88:3b:7b:fb:5b:61:f6:8c:da:7b:6b:d7:
c4:f5:1e:59:90:05:2e:85:1d:d0:19:c7:ca:50:97:30:99:e5:
ae:51:ec:e3:9c:38:dd:50:d2:e4:30:31:ff:0e:5f:c4:04:e1:
a3:08:30:24:60:cf:7e:12:2a:29:2f:cb:37:08:34:6f:d5:c5:
02:2f:70:23:68:d6:d9:b0:6f:83:81:bc:f8:1a:7e:ef:5a:4f:
e7:02:9e:78:ac:50:c9:ee:70:00:6c:5a:5b:77:d2:c2:7b:03:
84:32:a5:8d:2b:f1:c2:25:ca:0d:ad:e6:36:1e:27:77:e8:35:
9a:f2:45:a1:e6:a2:65:57:df:99:33:b9:2b:a0:ec:ca:a5:22:
dd:12:f4:cb:6c:2f:5b:e9:ff:1c:c2:9b:26:e5:5d:58:82:c9:
4b:ea:4b:de:37:36:0b:db:fe:ec:91:50:26:aa:60:df:51:ca:
65:e3:cd:92
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA08wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTMw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEZBNjMyOTdDRkE4RUZD
MTlBNjczM0MzN0VCMzUxQUNCMkI5ODY4RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDpTfAFz0YmUbw2Xf1v7B4zNf6WStP/QD1eeD//1JdAeJG9Bx7
PObZTu4F1MJICKoeH6PmEO8TyO5+O1RStlNzKK7E6XNz0cs55hNAR2JKHZItykaj
oxJqOl4eSxMUYbepRf9L10WmB4u/WWKrPp1GbvA06Ca9ffHM5KmjMBhYthSXdvgN
lqxmHTQv+8lrvfGHEMNnb/22UC/syubMERxfpt+hpzLbVW/5RmgXH2mWsqZcwXbX
eq5pDrapsxzhCyCForFpRc/1R4qpszsg5oGw4fTGc5XbR6X/PeriAr7lvFT1qAui
L5Fl8CtJKWVNsyw4WRRrjUsjfJM7wIQba99NAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU+mMpfPqO/Bmmczw36zUayyuYaOUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLy1tTXBmUHFPX0JtbWN6
dzM2elVheXl1WWFPVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJvkiYFaVLgtoaXTD4Y+0UzA0w6pCVkKWw2w
unpFwkOHdHW59N9UDrOMn7OyWt4cYM+BNOabi2Z61QCENhj2yVCEshq0l6exRf87
cfZrW4g7e/tbYfaM2ntr18T1HlmQBS6FHdAZx8pQlzCZ5a5R7OOcON1Q0uQwMf8O
X8QE4aMIMCRgz34SKikvyzcING/VxQIvcCNo1tmwb4OBvPgafu9aT+cCnnisUMnu
cABsWlt30sJ7A4QypY0r8cIlyg2t5jYeJ3foNZryRaHmomVX35kzuSug7MqlIt0S
9MtsL1vp/xzCmyblXViCyUvqS943Ngvb/uyRUCaqYN9RymXjzZI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org