Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/2N6t1HvmnNr-asmGfaMxc23e3pM.roa
File: 2N6t1HvmnNr-asmGfaMxc23e3pM.roa (raw, json)
Hash identifier: p1BDxOSDsJRfYCLyrrjyovLmKhFudlgcJyB3ZYYeyVA=
Subject key identifier: D8:DE:AD:D4:7B:E6:9C:DA:FE:6A:C9:86:7D:A3:31:73:6D:DE:DE:93
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01C3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2N6t1HvmnNr-asmGfaMxc23e3pM.roa
Signing time: Sat 30 Mar 2024 07:55:03 +0000
ROA not before: Sat 30 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Mar 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 451 (0x1c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 30 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D8DEADD47BE69CDAFE6AC9867DA331736DDEDE93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3d:9c:20:81:fb:8a:88:ad:15:9d:cd:55:d6:
c6:e5:f2:43:f9:ea:07:b5:18:ec:c8:fb:74:6d:6e:
45:32:2b:21:c0:95:79:de:96:d7:7d:4b:3d:4b:dd:
57:fd:70:07:13:e0:12:f7:cc:ed:48:ff:36:68:b3:
f5:44:ae:e5:d1:94:d7:f5:6d:86:3a:e5:6e:43:39:
7d:41:fb:5e:ec:c2:f5:86:30:d4:00:85:b2:e1:c4:
b9:2f:7d:eb:b8:20:49:50:03:32:a3:e6:74:25:25:
5e:4f:0c:88:eb:ea:cc:58:09:73:71:c9:64:bb:a7:
6c:92:56:9d:ee:aa:b0:cc:44:5f:ef:87:4b:8d:66:
2a:69:f6:20:36:83:42:a6:6c:84:de:73:99:b4:78:
ae:9c:e7:20:54:91:b4:cd:b4:ef:89:ba:28:84:22:
b2:81:ee:89:db:0e:19:17:91:10:e7:e9:70:f5:23:
62:0a:f6:9f:4a:7b:47:5a:69:08:48:41:53:fe:f3:
6d:93:30:33:26:90:41:7d:5c:c0:95:f4:bc:39:9b:
bc:c4:82:4b:65:cf:a0:03:ad:4d:6d:0a:e5:65:4f:
f3:1a:98:90:7a:c7:e5:32:b2:5c:07:b8:b7:9e:55:
6f:3a:4e:d1:e9:3f:fd:5b:14:58:9d:9d:73:50:73:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DE:AD:D4:7B:E6:9C:DA:FE:6A:C9:86:7D:A3:31:73:6D:DE:DE:93
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/2N6t1HvmnNr-asmGfaMxc23e3pM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e1:c5:55:97:68:c0:d9:59:38:44:42:59:ef:1a:86:6a:70:
52:73:e2:b5:74:0f:bc:5e:30:70:e8:46:4f:99:2b:2f:5f:a8:
02:c0:a3:84:8d:1e:d0:26:41:14:df:2e:fe:e1:22:b5:7c:8e:
90:59:1a:c4:ec:f0:33:c1:0a:18:7c:57:ba:3f:87:67:b2:b5:
e5:7c:f0:ea:dd:60:78:43:2b:32:af:cd:9e:c5:7f:d9:3a:6c:
17:e2:06:71:19:de:dc:b4:20:d2:3f:4e:33:a0:03:4b:39:8a:
33:b8:98:df:6a:c2:81:10:c4:8e:50:c3:cb:e7:3e:c8:63:02:
cb:0f:d3:a0:c5:6a:e2:7b:7c:50:80:ed:98:a2:e0:02:5c:cb:
86:c8:ff:ac:dd:fc:3c:88:27:2e:32:3f:53:81:eb:06:6f:14:
59:0a:fb:17:97:60:3c:80:de:27:88:6e:03:18:27:ad:c0:a6:
0e:40:ce:58:f5:bd:79:bf:b3:df:5a:38:7d:c9:05:8e:30:c3:
d9:a9:12:4a:7c:2c:bf:ae:06:fb:e9:22:7b:91:6e:37:a4:30:
e7:a2:b8:94:61:b1:e5:17:a4:6e:a8:39:ff:b0:3e:6f:32:e1:
0b:17:4b:bb:4b:3d:19:18:27:49:68:27:07:70:61:1b:76:3d:
0e:f8:c4:26
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMzAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ4REVBREQ0N0JFNjlD
REFGRTZBQzk4NjdEQTMzMTczNkRERURFOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCPZwggfuKiK0Vnc1V1sbl8kP56ge1GOzI+3RtbkUyKyHAlXne
ltd9Sz1L3Vf9cAcT4BL3zO1I/zZos/VEruXRlNf1bYY65W5DOX1B+17swvWGMNQA
hbLhxLkvfeu4IElQAzKj5nQlJV5PDIjr6sxYCXNxyWS7p2ySVp3uqrDMRF/vh0uN
Zipp9iA2g0KmbITec5m0eK6c5yBUkbTNtO+JuiiEIrKB7onbDhkXkRDn6XD1I2IK
9p9Ke0daaQhIQVP+822TMDMmkEF9XMCV9Lw5m7zEgktlz6ADrU1tCuVlT/MamJB6
x+UyslwHuLeeVW86TtHpP/1bFFidnXNQc0LHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU2N6t1HvmnNr+asmGfaMxc23e3pMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzJONnQxSHZtbk5yLWFz
bUdmYU14YzIzZTNwTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHzhxVWXaMDZWThEQlnvGoZqcFJz4rV0D7xe
MHDoRk+ZKy9fqALAo4SNHtAmQRTfLv7hIrV8jpBZGsTs8DPBChh8V7o/h2eyteV8
8OrdYHhDKzKvzZ7Ff9k6bBfiBnEZ3ty0INI/TjOgA0s5ijO4mN9qwoEQxI5Qw8vn
PshjAssP06DFauJ7fFCA7Zii4AJcy4bI/6zd/DyIJy4yP1OB6wZvFFkK+xeXYDyA
3ieIbgMYJ63Apg5Azlj1vXm/s99aOH3JBY4ww9mpEkp8LL+uBvvpInuRbjekMOei
uJRhseUXpG6oOf+wPm8y4QsXS7tLPRkYJ0loJwdwYRt2PQ74xCY=
-----END CERTIFICATE-----
Generated at Sat Mar 30 14:33:31 2024 by rpki-client on console-ams.rpki-client.org