Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/38Wzq5Mm5wQD9JnROebqNNM1pvY.roa
File: 38Wzq5Mm5wQD9JnROebqNNM1pvY.roa (raw, json)
Hash identifier: qbH236iK71mPvc8IndaG97nNG49G790NsDdJ5E/QaS8=
Subject key identifier: DF:C5:B3:AB:93:26:E7:04:03:F4:99:D1:39:E6:EA:34:D3:35:A6:F6
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 3D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/38Wzq5Mm5wQD9JnROebqNNM1pvY.roa
Signing time: Thu 15 Feb 2024 23:55:02 +0000
ROA not before: Thu 15 Feb 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 15 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DFC5B3AB9326E70403F499D139E6EA34D335A6F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8c:d5:36:e9:d1:9e:c8:50:50:65:46:43:74:
db:f6:99:f5:bb:9f:27:70:3d:f3:81:17:ab:f3:1d:
ec:5b:e8:bc:43:89:33:5d:80:3b:51:44:27:0c:e2:
7e:d2:8e:3a:44:6d:22:e0:c8:e8:68:2a:5b:6b:b2:
06:5b:de:42:2e:b3:d5:80:80:24:06:65:60:22:d5:
1d:fb:25:d2:8c:1a:3c:f9:84:ff:f2:e3:69:9a:a4:
d1:54:9c:9c:be:cf:65:79:ec:f8:5c:3d:3c:77:00:
af:22:36:f3:1c:a6:c2:75:e5:13:4f:7a:72:32:fe:
64:05:f8:85:7b:46:a7:8d:5e:88:fe:98:5a:27:de:
a6:68:06:ce:d5:1b:3f:39:de:6a:8e:b2:c1:b4:66:
12:f0:2c:00:7b:dd:e1:5f:51:95:0f:5f:28:91:87:
b6:b2:c0:13:24:a0:72:01:60:58:bf:e2:b3:b5:98:
15:17:27:89:3d:33:4e:33:6e:9b:1b:a7:74:94:a6:
d3:42:e8:54:0f:58:5c:9b:a7:81:4a:33:38:9c:26:
39:fe:0a:86:00:8b:f4:62:3e:44:1e:96:4a:df:e6:
2a:5a:4b:d4:0b:64:64:b0:10:49:f8:4a:86:0d:23:
71:51:28:5a:5b:4b:9c:45:a1:53:0f:dc:eb:75:9c:
0f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C5:B3:AB:93:26:E7:04:03:F4:99:D1:39:E6:EA:34:D3:35:A6:F6
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/38Wzq5Mm5wQD9JnROebqNNM1pvY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
06:1e:69:41:be:c1:92:22:87:6d:f5:de:22:e9:5b:6b:f2:b8:
9d:f5:75:2f:3a:a4:33:4e:46:ae:28:12:61:89:b4:98:33:0d:
e3:5f:d4:b7:72:d1:d7:ee:b9:b3:ea:e5:6d:1d:60:c7:b4:8b:
9f:ea:5c:bf:8b:69:c5:22:d5:f7:7e:46:e9:bf:a3:76:3c:06:
fb:74:48:f7:70:fe:77:16:be:3f:9e:06:c6:de:8f:c0:1e:91:
30:52:a3:ee:6a:82:9b:db:18:d7:c4:19:df:39:28:59:7d:bb:
59:58:67:33:3a:00:78:29:f9:1e:26:f0:35:08:13:f5:20:cc:
75:bc:ce:c8:c2:69:ec:b2:8f:63:e9:18:c8:f2:b7:80:ec:bd:
ca:20:d2:d3:b1:94:93:ba:06:70:b9:49:ff:81:3e:db:74:b3:
19:c9:99:d3:2f:8b:05:9d:54:58:b6:b1:0e:a7:71:cc:2b:bd:
3d:19:95:7b:95:cf:7a:c9:92:a1:4a:1e:f9:ec:24:1e:d0:9a:
93:18:22:eb:b0:97:bc:cf:7b:a8:88:2e:f0:91:e1:ad:ac:aa:
b1:09:55:a3:f4:2b:75:57:47:d3:b1:8e:74:3d:14:b4:f0:03:
1e:32:32:d9:86:b5:88:18:15:9a:ab:fb:7f:45:77:3a:e1:fd:
22:2a:8b:fb
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNTIz
NTUwMloXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoREZDNUIzQUI5MzI2RTcw
NDAzRjQ5OUQxMzlFNkVBMzREMzM1QTZGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOiM1Tbp0Z7IUFBlRkN02/aZ9bufJ3A984EXq/Md7FvovEOJM12A
O1FEJwziftKOOkRtIuDI6GgqW2uyBlveQi6z1YCAJAZlYCLVHfsl0owaPPmE//Lj
aZqk0VScnL7PZXns+Fw9PHcAryI28xymwnXlE096cjL+ZAX4hXtGp41eiP6YWife
pmgGztUbPzneao6ywbRmEvAsAHvd4V9RlQ9fKJGHtrLAEySgcgFgWL/is7WYFRcn
iT0zTjNumxundJSm00LoVA9YXJungUozOJwmOf4KhgCL9GI+RB6WSt/mKlpL1Atk
ZLAQSfhKhg0jcVEoWltLnEWhUw/c63WcD4MCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTfxbOrkybnBAP0mdE55uo00zWm9jAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvMzhXenE1TW01d1FEOUpu
Uk9lYnFOTk0xcHZZLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEABh5pQb7BkiKHbfXeIulba/K4nfV1LzqkM05G
rigSYYm0mDMN41/Ut3LR1+65s+rlbR1gx7SLn+pcv4tpxSLV935G6b+jdjwG+3RI
93D+dxa+P54Gxt6PwB6RMFKj7mqCm9sY18QZ3zkoWX27WVhnMzoAeCn5HibwNQgT
9SDMdbzOyMJp7LKPY+kYyPK3gOy9yiDS07GUk7oGcLlJ/4E+23SzGcmZ0y+LBZ1U
WLaxDqdxzCu9PRmVe5XPesmSoUoe+ewkHtCakxgi67CXvM97qIgu8JHhrayqsQlV
o/QrdVdH07GOdD0UtPADHjIy2Ya1iBgVmqv7f0V3OuH9IiqL+w==
-----END CERTIFICATE-----
Generated at Fri Feb 16 07:19:44 2024 by rpki-client on console-ams.rpki-client.org