Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4ITpECqZH1PKOM5zj-GjI4P6IEo.roa
File: 4ITpECqZH1PKOM5zj-GjI4P6IEo.roa (raw, json)
Hash identifier: z6yNJXq2jqUXu0nY/ghD+b37oMKKkEqHP4gmJ+IWXV4=
Subject key identifier: E0:84:E9:10:2A:99:1F:53:CA:38:CE:73:8F:E1:A3:23:83:FA:20:4A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 011E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4ITpECqZH1PKOM5zj-GjI4P6IEo.roa
Signing time: Mon 11 Mar 2024 23:55:03 +0000
ROA not before: Mon 11 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286 (0x11e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 11 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E084E9102A991F53CA38CE738FE1A32383FA204A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d3:85:2d:bb:83:37:8c:46:e3:6a:53:0e:f5:
ad:a3:4e:ab:56:ec:67:59:b0:e3:0b:4a:82:cc:72:
20:a6:88:7d:8a:29:8b:3e:51:13:78:68:6f:f3:a5:
7d:bd:a7:d0:9c:53:2d:7e:05:9d:15:d1:1e:c2:15:
dd:23:cb:6a:4d:d7:00:6e:d6:69:2e:0e:4b:27:98:
c3:f6:31:64:4d:0c:c3:5c:1e:29:a1:69:ed:83:a9:
3e:65:17:a4:cd:52:6e:43:84:f1:e7:33:68:03:a6:
d9:84:73:65:3a:01:6d:8e:91:35:36:f3:86:d3:83:
ef:ed:f4:60:2b:39:89:cb:6f:22:d8:8b:0e:7b:1e:
94:f4:ec:0a:b8:e4:07:fa:48:2c:9d:83:d5:b8:bd:
5c:5e:8f:ef:e8:c7:6c:bd:aa:43:84:3a:8c:da:fc:
69:cf:0f:4e:84:8c:c6:3d:54:54:72:06:7c:9a:c0:
8c:66:68:09:fe:30:ee:cd:b1:f5:9b:b7:ff:52:79:
40:e0:17:a6:d0:01:78:ea:64:b1:ef:96:02:b4:c7:
01:ff:cd:1f:17:b6:3e:21:5d:f6:47:aa:7c:ce:61:
94:09:10:d6:b2:3b:57:e9:f7:e9:4d:9f:67:b8:46:
6a:59:35:e2:d2:59:a6:eb:7d:3a:04:c0:92:c3:c6:
ed:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:84:E9:10:2A:99:1F:53:CA:38:CE:73:8F:E1:A3:23:83:FA:20:4A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4ITpECqZH1PKOM5zj-GjI4P6IEo.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
59:27:fc:5b:24:c9:12:b7:b1:ff:3c:7e:38:fe:5b:0c:60:b2:
5d:25:84:37:42:c0:b6:b0:51:0e:4f:d5:0e:06:95:37:ab:8d:
e0:67:d4:66:7f:6e:c6:be:7f:d3:2d:36:d3:2c:32:13:72:29:
cf:9f:a9:c1:b5:38:5a:81:ae:20:86:b2:43:e0:ef:4e:40:92:
56:39:13:cd:58:ca:a4:ef:c0:84:fd:6c:31:a5:16:b1:88:4f:
45:0c:83:5e:c9:00:c5:51:01:4c:6c:6e:32:21:2f:bd:b1:b9:
4e:41:6a:6b:40:56:1b:b8:5c:67:a3:25:0c:23:2a:58:b7:75:
bd:67:ae:09:64:56:e7:c6:53:db:92:5f:39:87:b4:3b:53:eb:
c5:e2:4e:15:f8:bb:c4:df:91:be:9f:59:7c:d4:2f:08:9b:c0:
8f:20:a0:a0:cf:70:f4:d9:76:3f:12:f2:dd:dc:8c:01:43:99:
ff:7e:57:f0:02:1d:38:f6:3b:e1:06:99:75:d3:90:30:cb:2e:
65:01:18:aa:ad:40:8c:7e:bd:8e:f2:2b:00:9c:11:31:d6:36:
0d:65:63:fd:60:61:b7:45:45:bc:cc:06:52:cb:77:29:20:b3:
24:cf:31:44:c8:3f:27:2d:ee:f8:37:54:e8:64:ff:03:4b:ca:
70:40:d4:8e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTEy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUwODRFOTEwMkE5OTFG
NTNDQTM4Q0U3MzhGRTFBMzIzODNGQTIwNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD04Utu4M3jEbjalMO9a2jTqtW7GdZsOMLSoLMciCmiH2KKYs+
URN4aG/zpX29p9CcUy1+BZ0V0R7CFd0jy2pN1wBu1mkuDksnmMP2MWRNDMNcHimh
ae2DqT5lF6TNUm5DhPHnM2gDptmEc2U6AW2OkTU284bTg+/t9GArOYnLbyLYiw57
HpT07Aq45Af6SCydg9W4vVxej+/ox2y9qkOEOoza/GnPD06EjMY9VFRyBnyawIxm
aAn+MO7NsfWbt/9SeUDgF6bQAXjqZLHvlgK0xwH/zR8Xtj4hXfZHqnzOYZQJENay
O1fp9+lNn2e4RmpZNeLSWabrfToEwJLDxu3lAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4ITpECqZH1PKOM5zj+GjI4P6IEowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzRJVHBFQ3FaSDFQS09N
NXpqLUdqSTRQNklFby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFkn/FskyRK3sf88fjj+Wwxgsl0lhDdCwLaw
UQ5P1Q4GlTerjeBn1GZ/bsa+f9MtNtMsMhNyKc+fqcG1OFqBriCGskPg705AklY5
E81YyqTvwIT9bDGlFrGIT0UMg17JAMVRAUxsbjIhL72xuU5BamtAVhu4XGejJQwj
Kli3db1nrglkVufGU9uSXzmHtDtT68XiThX4u8Tfkb6fWXzULwibwI8goKDPcPTZ
dj8S8t3cjAFDmf9+V/ACHTj2O+EGmXXTkDDLLmUBGKqtQIx+vY7yKwCcETHWNg1l
Y/1gYbdFRbzMBlLLdykgsyTPMUTIPyct7vg3VOhk/wNLynBA1I4=
-----END CERTIFICATE-----
Generated at Tue Mar 12 06:29:14 2024 by rpki-client on console-ams.rpki-client.org