Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4DPHa_JwR0CF9UVMme7nV0Wiisk.roa
File: 4DPHa_JwR0CF9UVMme7nV0Wiisk.roa (raw, json)
Hash identifier: 2dqBTX+Nmn+ahY/pFePYoIEkikSXadfa6VXYhmQoldU=
Subject key identifier: E0:33:C7:6B:F2:70:47:40:85:F5:45:4C:99:EE:E7:57:45:A2:8A:C9
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0139
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4DPHa_JwR0CF9UVMme7nV0Wiisk.roa
Signing time: Thu 14 Mar 2024 23:55:03 +0000
ROA not before: Thu 14 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313 (0x139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 14 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E033C76BF270474085F5454C99EEE75745A28AC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3c:a4:77:7e:27:7d:1a:f3:dd:8b:e0:c8:aa:
d6:b0:6e:36:06:b4:7a:bf:58:0c:0f:d5:9a:66:d7:
12:31:4a:28:3c:74:c0:19:a4:c2:da:83:5f:af:91:
06:18:f5:7b:33:88:0a:5f:14:2d:b0:79:07:8b:e8:
cc:92:a7:19:ca:68:0f:c2:7e:10:b4:1c:48:22:67:
39:0c:be:04:bf:3a:ec:9e:c5:fe:04:3b:af:04:03:
a5:0c:c2:48:4a:80:aa:f5:00:00:66:cd:6a:59:49:
79:a3:e9:ca:32:9f:16:f5:f2:d0:31:ec:8e:99:9e:
ad:1f:20:2c:12:1c:26:9c:52:2a:eb:63:ec:96:28:
a1:93:3e:3e:9e:06:7b:45:d8:2a:f5:02:0e:cd:21:
75:9b:f4:85:21:2f:a4:b8:fc:67:b1:53:d7:92:b5:
40:11:42:a7:41:b0:10:56:51:82:89:a3:d2:92:2a:
c2:aa:04:32:13:45:46:eb:e4:5c:b6:96:2a:6c:54:
a8:a6:a0:ff:51:4c:d3:18:c5:3c:43:df:e8:74:d7:
9e:03:ac:02:2d:16:bc:21:42:69:d3:b3:da:2e:2a:
0f:65:1e:15:b6:b1:a8:bf:68:2d:0e:15:2f:5d:4f:
d2:c1:4c:2c:d9:76:a5:8f:7f:a6:bd:a5:b4:ed:82:
f5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:33:C7:6B:F2:70:47:40:85:F5:45:4C:99:EE:E7:57:45:A2:8A:C9
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4DPHa_JwR0CF9UVMme7nV0Wiisk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
14:dd:fe:7b:40:6b:a2:11:b9:41:cd:d4:7d:3d:25:0b:83:e9:
1b:54:9d:a4:98:ba:da:d9:97:b0:d8:96:a1:b0:8e:3d:ef:77:
78:12:d3:40:e6:2c:b1:b1:fb:7a:8a:8f:4f:b6:9c:75:61:1a:
57:d3:0a:0f:ed:9c:25:60:75:57:23:0a:f4:d8:cc:7b:51:92:
2a:31:8d:04:83:78:7b:82:c7:47:61:c1:af:d5:5f:26:99:c5:
5e:bd:90:24:7b:6d:45:1e:96:eb:11:39:7c:0e:cf:66:c8:40:
8e:c9:97:dd:99:ae:98:6e:8a:58:b2:e7:0f:9d:7a:d8:c0:65:
c5:27:36:d2:9e:61:21:1b:2b:05:5f:b5:48:26:35:23:c5:62:
e2:e1:b6:6c:93:75:60:67:c2:79:74:10:f7:a8:3b:1e:71:a2:
ad:9e:65:89:b7:4a:49:a9:5d:c8:70:da:85:8b:25:a0:d6:40:
d6:47:66:c6:e8:35:66:5d:c1:d3:ae:da:0c:ec:ec:12:56:a1:
b6:29:5a:2e:e8:64:37:37:54:43:5f:32:80:1e:d4:d9:5f:22:
b1:4f:67:2c:43:11:7e:e8:41:88:c7:78:86:39:8e:34:2e:03:
df:aa:6c:a4:6a:44:2e:15:d9:0b:5c:7e:04:b5:69:17:44:55:
1a:11:51:1e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICATkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTQy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUwMzNDNzZCRjI3MDQ3
NDA4NUY1NDU0Qzk5RUVFNzU3NDVBMjhBQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCPKR3fid9GvPdi+DIqtawbjYGtHq/WAwP1Zpm1xIxSig8dMAZ
pMLag1+vkQYY9XsziApfFC2weQeL6MySpxnKaA/CfhC0HEgiZzkMvgS/Ouyexf4E
O68EA6UMwkhKgKr1AABmzWpZSXmj6coynxb18tAx7I6Znq0fICwSHCacUirrY+yW
KKGTPj6eBntF2Cr1Ag7NIXWb9IUhL6S4/GexU9eStUARQqdBsBBWUYKJo9KSKsKq
BDITRUbr5Fy2lipsVKimoP9RTNMYxTxD3+h0154DrAItFrwhQmnTs9ouKg9lHhW2
sai/aC0OFS9dT9LBTCzZdqWPf6a9pbTtgvWtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4DPHa/JwR0CF9UVMme7nV0WiiskwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzREUEhhX0p3UjBDRjlV
Vk1tZTduVjBXaWlzay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABTd/ntAa6IRuUHN1H09JQuD6RtUnaSYutrZ
l7DYlqGwjj3vd3gS00DmLLGx+3qKj0+2nHVhGlfTCg/tnCVgdVcjCvTYzHtRkiox
jQSDeHuCx0dhwa/VXyaZxV69kCR7bUUelusROXwOz2bIQI7Jl92Zrphuiliy5w+d
etjAZcUnNtKeYSEbKwVftUgmNSPFYuLhtmyTdWBnwnl0EPeoOx5xoq2eZYm3Skmp
Xchw2oWLJaDWQNZHZsboNWZdwdOu2gzs7BJWobYpWi7oZDc3VENfMoAe1NlfIrFP
ZyxDEX7oQYjHeIY5jjQuA9+qbKRqRC4V2QtcfgS1aRdEVRoRUR4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org