Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4yuuTQkA-4vbgQvcQTScN4iJ2Bs.roa
File: 4yuuTQkA-4vbgQvcQTScN4iJ2Bs.roa (raw, json)
Hash identifier: 42PXVnxizzc4RxAMT7UyzUzpbcs/ofPCQ5BG97T8WvI=
Subject key identifier: E3:2B:AE:4D:09:00:FB:8B:DB:81:0B:DC:41:34:9C:37:88:89:D8:1B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01A8
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4yuuTQkA-4vbgQvcQTScN4iJ2Bs.roa
Signing time: Wed 27 Mar 2024 07:55:03 +0000
ROA not before: Wed 27 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424 (0x1a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 27 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E32BAE4D0900FB8BDB810BDC41349C378889D81B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:80:fb:27:b3:cf:4c:bb:9d:2e:b0:79:14:
3d:63:73:e7:0a:93:0f:a4:49:c7:b4:e0:74:73:8d:
f9:a9:c8:d5:cb:96:87:d1:fd:1c:44:d3:68:41:22:
da:a6:66:dd:f1:fd:36:ea:c7:72:6f:d6:9e:a4:57:
1e:fd:17:91:dc:c4:b3:69:de:b5:4a:04:fc:de:65:
ff:22:79:5f:bf:bf:cd:53:5d:9b:f3:5b:69:c9:02:
53:5c:39:2f:83:59:c5:7d:b1:e5:14:91:0a:c8:ee:
63:5c:ef:c4:11:9e:df:15:15:26:7f:f0:4b:2a:d3:
bd:10:22:3b:1c:66:20:35:ff:a0:5a:9c:b3:b3:b7:
5f:22:8b:ac:4c:89:bd:05:b3:c6:bd:b0:1d:db:31:
14:3d:bd:8a:1d:ae:12:1b:cd:25:9c:15:be:3d:76:
b2:82:df:fc:19:35:56:69:ff:36:ef:55:c0:dc:46:
c0:66:20:cc:3c:22:93:fd:34:ac:12:bf:8a:3a:17:
90:0a:df:e0:8a:2e:d3:1c:f7:63:20:7f:0d:49:3c:
f2:c9:de:5f:01:57:f5:b0:2d:92:ca:e5:39:a1:f1:
34:d0:4c:6d:65:7d:7b:8e:ea:b7:a9:df:e6:7f:ea:
de:24:3b:f5:57:88:6d:13:fe:3e:68:aa:bf:44:86:
04:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2B:AE:4D:09:00:FB:8B:DB:81:0B:DC:41:34:9C:37:88:89:D8:1B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4yuuTQkA-4vbgQvcQTScN4iJ2Bs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c4:b1:e2:7f:0b:73:d4:94:d7:c6:ae:1b:56:f8:b5:33:7f:
4c:7a:a1:3c:0f:76:ce:02:9c:ce:12:78:71:01:bc:07:01:cc:
7a:41:ec:97:c6:1e:33:81:35:cc:d2:2d:93:a9:18:71:bf:98:
3a:f3:bf:ed:73:49:87:9d:90:26:92:1c:e0:84:fb:47:50:4d:
89:d9:b0:43:ad:77:fb:6e:5d:d1:13:84:b6:40:c6:56:de:94:
86:a8:e9:97:47:d6:c7:df:c5:97:9d:ad:23:36:41:75:92:5a:
34:5b:45:56:e2:0f:43:bf:7a:04:85:81:56:4a:a6:48:ed:07:
ef:ff:38:42:3c:20:56:3a:5e:3d:f6:2e:e8:f1:3c:a0:d8:71:
d8:b5:77:59:5c:36:4a:b1:ba:b0:e5:a9:00:bf:f6:a4:d2:b2:
22:e3:2c:48:41:b5:f3:78:49:1e:03:c2:c5:2e:b7:ad:a8:37:
b4:c4:03:f8:37:4a:3d:bc:4c:20:4e:0c:64:f7:d8:0a:75:a5:
42:3e:1f:18:cc:5f:89:09:e8:08:6e:7f:bc:50:87:34:6f:94:
23:e6:1b:58:ab:05:a1:04:b4:f0:18:7a:b7:c8:35:13:6f:27:
fd:b2:34:0d:b6:4d:6a:4e:85:36:27:09:bc:f9:c1:a1:e7:27:
57:57:b2:3a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjcw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUzMkJBRTREMDkwMEZC
OEJEQjgxMEJEQzQxMzQ5QzM3ODg4OUQ4MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/6oD7J7PPTLudLrB5FD1jc+cKkw+kSce04HRzjfmpyNXLlofR
/RxE02hBItqmZt3x/Tbqx3Jv1p6kVx79F5HcxLNp3rVKBPzeZf8ieV+/v81TXZvz
W2nJAlNcOS+DWcV9seUUkQrI7mNc78QRnt8VFSZ/8Esq070QIjscZiA1/6BanLOz
t18ii6xMib0Fs8a9sB3bMRQ9vYodrhIbzSWcFb49drKC3/wZNVZp/zbvVcDcRsBm
IMw8IpP9NKwSv4o6F5AK3+CKLtMc92Mgfw1JPPLJ3l8BV/WwLZLK5Tmh8TTQTG1l
fXuO6rep3+Z/6t4kO/VXiG0T/j5oqr9EhgTZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4yuuTQkA+4vbgQvcQTScN4iJ2BswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzR5dXVUUWtBLTR2YmdR
dmNRVFNjTjRpSjJCcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAF/EseJ/C3PUlNfGrhtW+LUzf0x6oTwPds4C
nM4SeHEBvAcBzHpB7JfGHjOBNczSLZOpGHG/mDrzv+1zSYedkCaSHOCE+0dQTYnZ
sEOtd/tuXdEThLZAxlbelIao6ZdH1sffxZedrSM2QXWSWjRbRVbiD0O/egSFgVZK
pkjtB+//OEI8IFY6Xj32LujxPKDYcdi1d1lcNkqxurDlqQC/9qTSsiLjLEhBtfN4
SR4DwsUut62oN7TEA/g3Sj28TCBODGT32Ap1pUI+HxjMX4kJ6Ahuf7xQhzRvlCPm
G1irBaEEtPAYerfINRNvJ/2yNA22TWpOhTYnCbz5waHnJ1dXsjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org