Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/5AHIwX5-u_H0u65jGuM0Zy6ipq4.roa
File: 5AHIwX5-u_H0u65jGuM0Zy6ipq4.roa (raw, json)
Hash identifier: hUEXyj0Za67cwzrwaLprbuCVhsaRvaY/PXTjCpSAeTU=
Subject key identifier: E4:01:C8:C1:7E:7E:BB:F1:F4:BB:AE:63:1A:E3:34:67:2E:A2:A6:AE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 10
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/5AHIwX5-u_H0u65jGuM0Zy6ipq4.roa
Signing time: Sat 10 Feb 2024 23:55:03 +0000
ROA not before: Sat 10 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 10 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E401C8C17E7EBBF1F4BBAE631AE334672EA2A6AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4f:87:6f:a5:98:70:d9:c3:3c:95:b8:15:e2:
de:a2:51:bb:eb:29:80:bd:2d:97:7b:f0:e2:16:28:
f8:4f:41:ba:1a:1f:43:0d:8a:16:03:e0:35:30:01:
e5:44:99:fa:ef:90:17:08:b1:cc:33:cf:df:62:55:
58:cb:ff:5f:1f:29:38:28:ad:a5:81:04:fc:25:7d:
47:31:e6:99:21:d6:ce:0b:fc:74:e5:49:d2:91:21:
1a:68:b5:62:ec:18:c6:17:62:74:7f:5f:dc:5a:f1:
bc:7b:07:ea:72:76:63:31:c8:5b:56:7f:df:86:4b:
68:ea:a0:5e:5a:84:be:14:c4:2e:18:87:f6:1b:85:
8a:77:47:d3:b2:81:c9:1e:c8:a3:b6:41:b0:36:94:
66:33:35:ea:1d:f9:07:eb:31:85:a9:3f:af:a5:71:
8e:04:8a:71:28:df:fa:4d:fe:78:ef:af:56:6b:3e:
8a:4e:5a:e2:f1:b3:9a:9b:43:6c:b0:10:c3:46:f8:
d9:76:1e:22:88:13:cf:0e:02:7d:51:22:e0:ad:fc:
3c:26:34:ca:13:3f:82:c3:d6:85:13:e0:e2:e6:69:
65:f5:71:e9:1c:5f:29:80:9b:f2:36:15:45:02:52:
45:46:37:df:16:04:30:8e:68:03:88:50:4a:33:09:
b3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:01:C8:C1:7E:7E:BB:F1:F4:BB:AE:63:1A:E3:34:67:2E:A2:A6:AE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/5AHIwX5-u_H0u65jGuM0Zy6ipq4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a3:84:b6:db:cd:af:7c:5c:bb:1a:e5:f6:95:62:0c:53:21:
e3:96:1f:3d:3f:8f:a5:d0:c5:20:70:a8:98:79:be:ba:33:c6:
ca:6d:28:73:8a:25:b7:8d:c0:64:d8:96:c4:9d:83:94:6e:45:
c0:5d:1e:06:98:15:20:ac:4b:d0:e3:b7:a0:41:9b:a0:42:f0:
26:9c:f6:88:be:73:93:44:f8:1c:7b:a0:f1:c9:31:98:ee:c2:
73:e7:26:50:38:ed:89:9e:55:65:1f:6b:64:8c:43:57:f0:99:
4f:ba:01:26:f0:9a:2f:81:cd:0c:94:34:db:4e:bb:e9:b2:2c:
0a:75:5b:46:35:fa:ac:bf:73:64:c2:50:86:ca:60:f3:d0:b3:
73:bb:a2:4a:db:8c:f5:e7:0e:30:db:ec:fe:0e:38:09:12:ac:
70:6e:45:16:df:27:3f:14:21:d5:bd:64:2a:93:c7:7e:1f:05:
31:2d:6d:0e:92:40:d3:d2:b1:c6:b6:78:47:3f:bb:23:01:75:
0d:64:5a:3d:3c:99:f7:ba:f7:b9:f3:80:49:24:41:ca:0a:13:
7e:26:21:b2:f4:69:28:91:56:64:44:7e:95:4a:fe:36:b8:da:
0a:2a:02:b6:bc:b4:d4:fe:35:75:fd:34:3f:3a:17:40:28:a8:
5c:00:95:cc
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMDIz
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoRTQwMUM4QzE3RTdFQkJG
MUY0QkJBRTYzMUFFMzM0NjcyRUEyQTZBRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN1Ph2+lmHDZwzyVuBXi3qJRu+spgL0tl3vw4hYo+E9BuhofQw2K
FgPgNTAB5USZ+u+QFwixzDPP32JVWMv/Xx8pOCitpYEE/CV9RzHmmSHWzgv8dOVJ
0pEhGmi1YuwYxhdidH9f3FrxvHsH6nJ2YzHIW1Z/34ZLaOqgXlqEvhTELhiH9huF
indH07KByR7Io7ZBsDaUZjM16h35B+sxhak/r6VxjgSKcSjf+k3+eO+vVms+ik5a
4vGzmptDbLAQw0b42XYeIogTzw4CfVEi4K38PCY0yhM/gsPWhRPg4uZpZfVx6Rxf
KYCb8jYVRQJSRUY33xYEMI5oA4hQSjMJs/8CAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTkAcjBfn678fS7rmMa4zRnLqKmrjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvNUFISXdYNS11X0gwdTY1
akd1TTBaeTZpcHE0LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEALaOEttvNr3xcuxrl9pViDFMh45YfPT+PpdDF
IHComHm+ujPGym0oc4olt43AZNiWxJ2DlG5FwF0eBpgVIKxL0OO3oEGboELwJpz2
iL5zk0T4HHug8ckxmO7Cc+cmUDjtiZ5VZR9rZIxDV/CZT7oBJvCaL4HNDJQ02067
6bIsCnVbRjX6rL9zZMJQhspg89Czc7uiStuM9ecOMNvs/g44CRKscG5FFt8nPxQh
1b1kKpPHfh8FMS1tDpJA09KxxrZ4Rz+7IwF1DWRaPTyZ97r3ufOASSRBygoTfiYh
svRpKJFWZER+lUr+NrjaCioCtry01P41df00PzoXQCioXACVzA==
-----END CERTIFICATE-----
Generated at Sun Feb 11 06:34:51 2024 by rpki-client on console-ams.rpki-client.org