Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/3q0-fT7_Pxt41NfwRcsYnAIl5MI.roa
File: 3q0-fT7_Pxt41NfwRcsYnAIl5MI.roa (raw, json)
Hash identifier: XepcRj1E8CZPSgILE2ydfR2wUh5KEwZx9T2rCWjqsAA=
Subject key identifier: DE:AD:3E:7D:3E:FF:3F:1B:78:D4:D7:F0:45:CB:18:9C:02:25:E4:C2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: FA
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3q0-fT7_Pxt41NfwRcsYnAIl5MI.roa
Signing time: Thu 07 Mar 2024 23:55:03 +0000
ROA not before: Thu 07 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250 (0xfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 7 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DEAD3E7D3EFF3F1B78D4D7F045CB189C0225E4C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:70:fe:43:28:f3:a8:b5:97:6d:17:76:5d:56:
ac:fd:16:06:bb:cf:a9:f8:75:54:f1:23:7a:1a:75:
b9:99:13:f6:b8:7b:fe:19:1e:7b:28:ca:21:57:98:
51:05:ad:8d:10:9f:ff:bd:e4:dd:24:0a:30:36:23:
4e:bc:a9:18:4e:20:1a:d4:a5:e7:fd:82:85:26:46:
02:9e:1f:a6:9b:86:bc:f9:50:e2:bf:23:7a:46:73:
61:70:cb:be:b3:11:f5:ae:08:6d:15:a0:5e:9e:c6:
9a:38:8e:82:f0:81:77:27:3e:0b:82:5e:ba:ce:9c:
01:91:27:24:09:e8:ad:a9:23:f2:f1:b1:1d:d3:31:
eb:cc:a5:6f:c5:0c:14:43:77:6a:88:2d:33:bb:38:
b0:a4:e7:fb:43:95:a4:61:d5:ca:e0:8f:69:be:a7:
78:72:ed:16:7c:eb:a7:23:88:dd:81:42:1a:61:97:
ec:14:3d:75:c4:83:1b:33:7f:69:e8:79:c1:5e:83:
d8:24:5e:6c:97:7b:ba:ab:6d:c0:b8:34:6f:d2:0d:
a6:b7:2c:58:5c:78:90:ea:fb:f8:d8:1f:32:a0:84:
2f:e6:a7:43:d8:a6:32:17:48:93:98:88:42:5c:14:
16:8d:4b:4f:c0:d9:c4:ee:36:a8:51:c1:87:da:2c:
fa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AD:3E:7D:3E:FF:3F:1B:78:D4:D7:F0:45:CB:18:9C:02:25:E4:C2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3q0-fT7_Pxt41NfwRcsYnAIl5MI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
93:69:d5:12:31:11:15:be:f2:de:dd:ab:a9:21:38:2a:6e:72:
c4:47:82:c3:9f:2e:69:4c:d0:de:29:aa:c5:87:71:06:cd:95:
69:45:25:68:4f:77:85:9f:4a:f4:29:e4:3a:e3:bf:89:0f:69:
2a:3a:d1:fe:3c:b0:66:ce:46:e4:e1:a7:82:1f:54:3c:24:98:
e8:38:9e:c7:04:f8:f5:4a:24:7a:0f:3c:3c:cd:3f:7b:ef:2c:
19:4b:8e:64:ea:34:00:54:4e:56:15:ca:10:c9:4a:e3:d9:b1:
1b:a8:13:38:83:1e:c6:4e:30:51:41:6d:f9:8d:32:dc:f8:c4:
4b:d5:bf:14:81:b9:8b:90:5d:c5:a9:42:79:28:5f:46:9b:9c:
d6:84:27:03:04:79:bc:f4:ad:1c:44:5b:a4:6b:78:16:a9:4c:
50:47:b2:55:db:67:32:62:54:01:a5:21:3c:3b:2a:16:d4:85:
b2:18:c9:cb:4d:59:58:ee:06:41:90:2a:85:9f:6c:e1:60:da:
91:71:a8:f5:33:1e:95:7e:aa:cb:8a:af:6d:1b:24:4e:5d:1e:
a0:ca:70:8f:9f:08:5f:fc:77:23:8d:16:1c:aa:05:bb:03:59:
63:23:5e:74:2d:f4:1b:14:d0:ff:ff:8c:89:5d:55:da:66:a8:
52:94:01:28
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDcy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERFQUQzRTdEM0VGRjNG
MUI3OEQ0RDdGMDQ1Q0IxODlDMDIyNUU0QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCicP5DKPOotZdtF3ZdVqz9Fga7z6n4dVTxI3oadbmZE/a4e/4Z
HnsoyiFXmFEFrY0Qn/+95N0kCjA2I068qRhOIBrUpef9goUmRgKeH6abhrz5UOK/
I3pGc2Fwy76zEfWuCG0VoF6expo4joLwgXcnPguCXrrOnAGRJyQJ6K2pI/LxsR3T
MevMpW/FDBRDd2qILTO7OLCk5/tDlaRh1crgj2m+p3hy7RZ866cjiN2BQhphl+wU
PXXEgxszf2noecFeg9gkXmyXe7qrbcC4NG/SDaa3LFhceJDq+/jYHzKghC/mp0PY
pjIXSJOYiEJcFBaNS0/A2cTuNqhRwYfaLPpzAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU3q0+fT7/Pxt41NfwRcsYnAIl5MIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzNxMC1mVDdfUHh0NDFO
ZndSY3NZbkFJbDVNSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJNp1RIxERW+8t7dq6khOCpucsRHgsOfLmlM
0N4pqsWHcQbNlWlFJWhPd4WfSvQp5Drjv4kPaSo60f48sGbORuThp4IfVDwkmOg4
nscE+PVKJHoPPDzNP3vvLBlLjmTqNABUTlYVyhDJSuPZsRuoEziDHsZOMFFBbfmN
Mtz4xEvVvxSBuYuQXcWpQnkoX0abnNaEJwMEebz0rRxEW6RreBapTFBHslXbZzJi
VAGlITw7KhbUhbIYyctNWVjuBkGQKoWfbOFg2pFxqPUzHpV+qsuKr20bJE5dHqDK
cI+fCF/8dyONFhyqBbsDWWMjXnQt9BsU0P//jIldVdpmqFKUASg=
-----END CERTIFICATE-----
Generated at Fri Mar 8 04:59:23 2024 by rpki-client on console-ams.rpki-client.org