Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/3O8ysvEVVdh5GwkSafLsU2uBIkA.roa
File: 3O8ysvEVVdh5GwkSafLsU2uBIkA.roa (raw, json)
Hash identifier: bKMsHZHfnbB5nfUfLkFiZZSGd+KJctUmA8DgB8H1f+c=
Subject key identifier: DC:EF:32:B2:F1:15:55:D8:79:1B:09:12:69:F2:EC:53:6B:81:22:40
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 013F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3O8ysvEVVdh5GwkSafLsU2uBIkA.roa
Signing time: Fri 15 Mar 2024 15:55:03 +0000
ROA not before: Fri 15 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 319 (0x13f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 15 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DCEF32B2F11555D8791B091269F2EC536B812240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:06:60:3d:69:75:eb:1f:67:f6:93:6e:12:
a4:3f:06:a2:73:a2:99:05:a4:ef:1f:65:26:4a:c3:
10:42:7f:b7:7c:34:b8:ff:0d:f1:2b:9f:d6:6d:e7:
ed:16:03:db:22:22:10:bc:e2:25:5f:ad:e7:aa:0a:
af:21:22:7a:b5:31:2a:d8:74:b0:df:7f:bd:c2:c8:
ca:b8:83:49:62:dc:7e:5e:a6:d8:0c:04:75:f4:56:
5c:12:1b:51:6b:07:0b:68:bf:ac:69:9e:36:e7:20:
fd:44:1c:c8:a5:d7:72:a5:66:85:9b:96:64:97:b9:
af:32:8c:da:61:b2:ab:26:96:21:ad:30:be:ae:c2:
5d:85:ea:d5:67:4c:2b:a0:6d:b9:5f:2d:3f:a1:cd:
37:fa:1c:dc:78:8a:70:70:e0:f2:1b:a7:91:94:db:
15:ad:47:92:ce:b7:78:b8:8e:f5:89:21:2f:0e:fd:
7b:98:f8:4b:60:1c:46:f6:ea:11:3b:aa:eb:f4:f4:
c7:b2:ab:2b:08:8e:e7:39:b8:bc:bd:96:ef:74:83:
16:43:a2:06:c1:9b:92:08:fb:a7:4b:10:b4:a2:c5:
65:93:c1:66:d1:4a:eb:8e:19:b0:20:cf:9a:56:dd:
d1:11:0a:44:0f:3b:f1:0d:8f:28:af:60:a9:6f:cd:
a5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EF:32:B2:F1:15:55:D8:79:1B:09:12:69:F2:EC:53:6B:81:22:40
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3O8ysvEVVdh5GwkSafLsU2uBIkA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:bd:c4:7b:da:5c:a7:c6:fa:9d:d8:f7:61:f9:49:c4:fd:a1:
08:9b:9c:41:88:a2:74:74:c6:b3:91:36:36:b9:2e:af:fc:ff:
95:e1:8c:4f:d4:d3:db:da:11:89:55:65:94:4d:76:ee:85:11:
62:a0:7c:df:97:59:c8:b8:81:97:56:69:2d:59:91:b4:4d:8a:
40:5b:5a:30:4a:8d:8d:da:09:81:8a:88:08:64:1b:17:56:f2:
50:96:2f:41:90:45:c3:43:94:89:62:32:8c:af:1c:17:25:48:
14:fb:10:1b:c4:9b:12:76:c1:28:1a:e4:d3:56:e1:28:fa:4a:
7e:f5:bf:eb:00:34:bc:28:af:f5:d0:de:07:fe:1e:7c:e1:80:
40:83:58:ff:3d:5f:be:ec:12:05:cf:a6:a9:95:c1:59:12:c2:
30:3e:d0:2a:e6:85:48:90:08:c9:a9:33:48:72:d4:40:ea:3c:
13:9f:ad:47:b4:9e:cf:0e:e2:d7:15:79:ad:a7:9e:f1:b9:e9:
07:62:83:b8:4d:6a:6c:29:f2:66:d7:1d:4e:81:e5:33:1a:c6:
15:b8:64:18:ae:a4:d1:5c:7a:86:99:0c:be:c5:7c:1c:41:ab:
8b:80:e1:a8:fd:df:25:53:c4:d2:94:ee:25:5d:bc:91:83:80:
23:0c:45:9d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTUx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERDRUYzMkIyRjExNTU1
RDg3OTFCMDkxMjY5RjJFQzUzNkI4MTIyNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOJgZgPWl16x9n9pNuEqQ/BqJzopkFpO8fZSZKwxBCf7d8NLj/
DfErn9Zt5+0WA9siIhC84iVfreeqCq8hInq1MSrYdLDff73CyMq4g0li3H5eptgM
BHX0VlwSG1FrBwtov6xpnjbnIP1EHMil13KlZoWblmSXua8yjNphsqsmliGtML6u
wl2F6tVnTCugbblfLT+hzTf6HNx4inBw4PIbp5GU2xWtR5LOt3i4jvWJIS8O/XuY
+EtgHEb26hE7quv09MeyqysIjuc5uLy9lu90gxZDogbBm5II+6dLELSixWWTwWbR
SuuOGbAgz5pW3dERCkQPO/ENjyivYKlvzaUzAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU3O8ysvEVVdh5GwkSafLsU2uBIkAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzNPOHlzdkVWVmRoNUd3
a1NhZkxzVTJ1QklrQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMi9xHvaXKfG+p3Y92H5ScT9oQibnEGIonR0
xrORNja5Lq/8/5XhjE/U09vaEYlVZZRNdu6FEWKgfN+XWci4gZdWaS1ZkbRNikBb
WjBKjY3aCYGKiAhkGxdW8lCWL0GQRcNDlIliMoyvHBclSBT7EBvEmxJ2wSga5NNW
4Sj6Sn71v+sANLwor/XQ3gf+HnzhgECDWP89X77sEgXPpqmVwVkSwjA+0CrmhUiQ
CMmpM0hy1EDqPBOfrUe0ns8O4tcVea2nnvG56Qdig7hNamwp8mbXHU6B5TMaxhW4
ZBiupNFceoaZDL7FfBxBq4uA4aj93yVTxNKU7iVdvJGDgCMMRZ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org