Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/3JSLiViiWcHoEFC-hUbE_GnAY-M.roa
File: 3JSLiViiWcHoEFC-hUbE_GnAY-M.roa (raw, json)
Hash identifier: OYNEU5A/dh74dkNXKnL+lz6ELQ+odSsT9KtkdDRgWN4=
Subject key identifier: DC:94:8B:89:58:A2:59:C1:E8:10:50:BE:85:46:C4:FC:69:C0:63:E3
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0226
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3JSLiViiWcHoEFC-hUbE_GnAY-M.roa
Signing time: Wed 10 Apr 2024 07:55:03 +0000
ROA not before: Wed 10 Apr 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 550 (0x226)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 10 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DC948B8958A259C1E81050BE8546C4FC69C063E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:9b:ff:03:93:d9:36:68:8c:27:eb:e4:17:
1c:50:f4:85:eb:b2:a0:06:b5:d2:ce:63:e6:b2:e7:
a5:50:69:b8:d9:25:04:2e:e2:92:5a:bf:59:db:90:
4f:99:82:62:ce:fd:c0:6c:03:31:fd:b1:c5:e6:e3:
69:6a:ee:86:c6:10:40:12:d7:05:86:2b:31:ca:dd:
a4:9f:bf:91:b5:6f:66:72:86:fe:6f:d0:ef:d7:6a:
94:97:e9:9d:f6:d4:3c:e6:43:2b:0c:4d:cb:24:79:
4c:02:34:a6:ac:18:cc:22:b0:dd:c5:d6:d2:3c:39:
01:3a:74:b5:4f:f1:d0:4d:56:92:47:a5:a1:bd:c7:
eb:27:8d:44:bc:5d:a2:cb:e1:4f:66:40:5f:97:3c:
5d:63:a1:bb:e6:5f:f8:3a:03:29:b2:6d:bc:ae:54:
68:b1:26:0d:a7:b6:3e:7e:74:6e:4e:ec:ac:1e:58:
8a:6f:a8:5d:50:96:a2:6e:6c:0a:df:dd:94:2f:cb:
95:cb:85:3d:3b:c5:db:8b:e7:b1:89:90:ad:17:62:
ff:b5:ac:d5:07:f0:2a:f9:eb:39:2b:8f:84:1e:25:
8c:bb:48:7d:4c:0e:4e:b5:c5:33:e2:c4:e1:0f:be:
a2:1c:70:c6:fd:bd:2f:d4:e3:a2:fb:ab:22:54:bd:
59:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:94:8B:89:58:A2:59:C1:E8:10:50:BE:85:46:C4:FC:69:C0:63:E3
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3JSLiViiWcHoEFC-hUbE_GnAY-M.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
06:54:18:0c:83:33:7a:1a:61:32:30:53:6d:00:e3:8e:74:96:
9c:c7:92:47:2b:74:7c:e5:0c:f0:05:c4:c0:59:9a:db:23:bb:
40:11:95:a3:5d:8b:46:c8:e8:ae:7e:1c:15:07:9b:dc:9e:df:
1c:38:f2:31:7e:ec:0b:96:a1:a9:77:76:64:0b:49:7a:9c:02:
4e:bf:ea:9c:40:a4:fe:d6:a7:be:9b:06:af:bf:72:20:f5:c3:
2b:d5:9c:4a:73:8e:34:7f:cf:79:c3:b0:eb:56:24:9c:4a:d5:
15:d7:44:01:14:7a:08:2b:a2:a9:54:f2:da:04:3b:16:f2:aa:
ef:4f:08:5a:08:2d:f6:f1:24:e1:dc:26:49:b0:c2:ce:2a:97:
e5:0e:e7:ae:77:2c:b9:6f:12:ab:68:fb:2f:84:b7:0e:fb:ea:
d6:11:40:3c:e2:23:f5:56:3c:2b:f5:dd:1b:aa:df:dc:db:71:
e0:89:8c:dd:54:2f:74:3a:8a:0c:6c:95:77:a7:06:92:84:21:
22:45:95:9a:83:64:e0:68:16:4a:19:dc:bf:4b:40:c0:0f:6b:
2f:c6:03:37:db:19:08:79:98:a5:5b:c9:ff:10:5a:71:b0:79:
77:2e:1c:da:22:3d:74:57:aa:50:8b:38:39:ad:c1:5c:4e:1a:
5e:ce:ff:42
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MTAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERDOTQ4Qjg5NThBMjU5
QzFFODEwNTBCRTg1NDZDNEZDNjlDMDYzRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCknJv/A5PZNmiMJ+vkFxxQ9IXrsqAGtdLOY+ay56VQabjZJQQu
4pJav1nbkE+ZgmLO/cBsAzH9scXm42lq7obGEEAS1wWGKzHK3aSfv5G1b2Zyhv5v
0O/XapSX6Z321DzmQysMTcskeUwCNKasGMwisN3F1tI8OQE6dLVP8dBNVpJHpaG9
x+snjUS8XaLL4U9mQF+XPF1jobvmX/g6AymybbyuVGixJg2ntj5+dG5O7KweWIpv
qF1QlqJubArf3ZQvy5XLhT07xduL57GJkK0XYv+1rNUH8Cr56zkrj4QeJYy7SH1M
Dk61xTPixOEPvqIccMb9vS/U46L7qyJUvVltAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU3JSLiViiWcHoEFC+hUbE/GnAY+MwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzNKU0xpVmlpV2NIb0VG
Qy1oVWJFX0duQVktTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAZUGAyDM3oaYTIwU20A4450lpzHkkcrdHzl
DPAFxMBZmtsju0ARlaNdi0bI6K5+HBUHm9ye3xw48jF+7AuWoal3dmQLSXqcAk6/
6pxApP7Wp76bBq+/ciD1wyvVnEpzjjR/z3nDsOtWJJxK1RXXRAEUeggroqlU8toE
Oxbyqu9PCFoILfbxJOHcJkmwws4ql+UO5653LLlvEqto+y+Etw776tYRQDziI/VW
PCv13Ruq39zbceCJjN1UL3Q6igxslXenBpKEISJFlZqDZOBoFkoZ3L9LQMAPay/G
AzfbGQh5mKVbyf8QWnGweXcuHNoiPXRXqlCLODmtwVxOGl7O/0I=
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:40:10 2024 by rpki-client on console-ams.rpki-client.org