Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/0OqjOmQ4lyOVkjpwK9JblwFZTfg.roa
File: 0OqjOmQ4lyOVkjpwK9JblwFZTfg.roa (raw, json)
Hash identifier: Tpe+vWtAUc7q8G6ml9z7J+jvFpMQta2ifmVusoYEFko=
Subject key identifier: D0:EA:A3:3A:64:38:97:23:95:92:3A:70:2B:D2:5B:97:01:59:4D:F8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 19
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/0OqjOmQ4lyOVkjpwK9JblwFZTfg.roa
Signing time: Sun 11 Feb 2024 23:55:03 +0000
ROA not before: Sun 11 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 11 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D0EAA33A6438972395923A702BD25B9701594DF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4a:7e:18:09:80:44:0b:b9:c7:c4:e6:cf:df:
d5:c0:ba:83:05:d4:2a:af:7a:55:ad:b0:b6:c4:2d:
cb:2c:93:b5:7a:67:69:b1:00:76:7b:45:f5:16:8b:
b8:06:21:54:39:b2:09:8c:f1:58:13:cf:9b:53:37:
15:90:73:27:93:62:2d:0f:cd:87:7d:61:50:35:88:
ec:bf:76:40:e2:d9:f2:63:00:4c:46:f3:ff:c2:31:
83:32:5d:77:f2:ec:21:12:73:6d:9f:9c:fb:fd:ec:
71:79:10:06:82:1c:a6:f1:65:2b:15:67:36:c7:36:
95:ce:50:8f:dd:ed:2d:42:f7:3b:64:ea:1e:d5:b1:
84:50:f1:86:9a:2c:91:47:fc:0b:73:85:9a:83:a4:
11:85:6d:87:89:46:50:fa:08:e3:d8:7c:b5:49:3d:
d5:c7:b8:73:02:c5:a3:83:1c:44:7b:2f:de:1b:fd:
70:1d:53:33:7b:eb:e5:ee:28:3d:48:7b:08:7e:42:
08:2f:80:9e:bc:a5:85:75:e2:5a:d7:fa:13:9d:32:
9b:07:28:5b:5f:e6:f8:8b:01:1b:ca:09:ac:0e:3c:
95:2c:98:c4:98:13:0e:ad:5b:96:33:a4:ea:69:76:
ce:17:05:91:98:29:c4:c7:07:51:a1:ac:ae:02:1e:
0c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:EA:A3:3A:64:38:97:23:95:92:3A:70:2B:D2:5B:97:01:59:4D:F8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/0OqjOmQ4lyOVkjpwK9JblwFZTfg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:44:67:50:48:cd:8f:d8:88:25:95:e7:b3:e6:70:df:94:38:
c4:fe:e4:95:db:29:94:2a:af:47:65:33:87:11:4c:65:b1:78:
58:51:48:36:e9:c7:c9:5e:d0:1a:e5:20:36:41:63:61:dd:95:
fa:15:b4:9b:78:bf:eb:16:e2:cc:df:d6:8d:61:e8:0f:6d:15:
30:4e:a0:09:10:8c:0c:e4:0f:e3:a5:77:d7:66:b6:f6:da:0e:
ce:b2:ec:c4:bf:4d:15:0e:3d:b7:45:6e:8d:6e:d5:9a:a6:2c:
03:72:64:3f:79:75:51:5e:64:72:15:42:b2:18:23:7d:33:3a:
10:78:34:8d:c8:16:b2:89:74:bb:0b:5b:a5:ff:3e:08:02:eb:
d8:c2:11:0b:eb:e5:6a:7d:24:b7:fc:c9:82:7a:f9:de:eb:6a:
1d:68:66:44:94:66:1e:c0:ce:ad:10:0a:6c:44:8a:bf:6d:48:
17:22:be:19:24:83:37:e4:50:84:6b:ef:65:47:72:73:cf:db:
cd:c6:ff:4a:f9:6b:36:ee:ae:52:2e:0d:3a:ba:98:75:7c:4a:
7e:1d:f1:e7:3d:ac:21:e8:6a:3b:0a:9e:bf:91:e4:38:a6:c7:
b1:cb:40:7c:b1:b9:53:c6:64:40:33:02:60:79:dd:82:69:90:
82:c5:5c:a1
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMTIz
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoRDBFQUEzM0E2NDM4OTcy
Mzk1OTIzQTcwMkJEMjVCOTcwMTU5NERGODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM1KfhgJgEQLucfE5s/f1cC6gwXUKq96Va2wtsQtyyyTtXpnabEA
dntF9RaLuAYhVDmyCYzxWBPPm1M3FZBzJ5NiLQ/Nh31hUDWI7L92QOLZ8mMATEbz
/8IxgzJdd/LsIRJzbZ+c+/3scXkQBoIcpvFlKxVnNsc2lc5Qj93tLUL3O2TqHtWx
hFDxhposkUf8C3OFmoOkEYVth4lGUPoI49h8tUk91ce4cwLFo4McRHsv3hv9cB1T
M3vr5e4oPUh7CH5CCC+AnrylhXXiWtf6E50ymwcoW1/m+IsBG8oJrA48lSyYxJgT
Dq1bljOk6ml2zhcFkZgpxMcHUaGsrgIeDGMCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTQ6qM6ZDiXI5WSOnAr0luXAVlN+DAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvME9xak9tUTRseU9Wa2pw
d0s5SmJsd0ZaVGZnLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAtURnUEjNj9iIJZXns+Zw35Q4xP7kldsplCqv
R2UzhxFMZbF4WFFINunHyV7QGuUgNkFjYd2V+hW0m3i/6xbizN/WjWHoD20VME6g
CRCMDOQP46V312a29toOzrLsxL9NFQ49t0VujW7VmqYsA3JkP3l1UV5kchVCshgj
fTM6EHg0jcgWsol0uwtbpf8+CALr2MIRC+vlan0kt/zJgnr53utqHWhmRJRmHsDO
rRAKbESKv21IFyK+GSSDN+RQhGvvZUdyc8/bzcb/SvlrNu6uUi4NOrqYdXxKfh3x
5z2sIehqOwqev5HkOKbHsctAfLG5U8ZkQDMCYHndgmmQgsVcoQ==
-----END CERTIFICATE-----
Generated at Mon Feb 12 04:46:35 2024 by rpki-client on console-ams.rpki-client.org