Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/89jBOyxVuM1QtUya95SchDmDM4Q.roa
File: 89jBOyxVuM1QtUya95SchDmDM4Q.roa (raw, json)
Hash identifier: fASh+2DqU4H2DCdpYA0ylxcuNKymrAvWxtepPvpAsRw=
Subject key identifier: F3:D8:C1:3B:2C:55:B8:CD:50:B5:4C:9A:F7:94:9C:84:39:83:33:84
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 16
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/89jBOyxVuM1QtUya95SchDmDM4Q.roa
Signing time: Sun 11 Feb 2024 15:55:03 +0000
ROA not before: Sun 11 Feb 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 11 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F3D8C13B2C55B8CD50B54C9AF7949C8439833384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:54:30:0c:5a:0f:ff:b4:2e:3f:4d:ff:73:4f:
64:32:ed:f7:46:61:ed:f4:8a:8a:83:23:90:e0:1a:
b0:e0:c9:86:4b:e3:ac:fb:0c:8d:06:58:84:f9:3a:
7c:e3:4e:e2:0d:b8:c0:1e:7e:1b:5d:09:06:a5:75:
d5:50:c7:ff:e3:66:92:1c:46:01:4c:88:1c:39:58:
ce:fd:70:f5:9f:81:8a:cc:66:82:59:d4:ff:3b:44:
27:b3:1e:73:46:05:cd:b1:1c:1a:42:9b:6f:8c:ab:
96:bc:fb:02:bb:0b:24:1d:75:9d:bd:13:2c:a3:1f:
37:5a:a7:6d:27:3a:5a:50:67:d3:9c:c1:cd:a5:60:
51:e2:71:13:99:19:ca:9a:ba:f5:e9:65:6d:3f:50:
f6:f1:9e:c0:e8:10:44:89:86:26:a0:a3:57:9e:fa:
62:40:af:e6:8d:18:70:d8:4d:91:7e:19:23:21:17:
a1:bb:9e:e8:60:3a:41:bd:ae:1f:9a:63:6d:81:04:
0d:c0:a1:36:22:b3:e9:34:f9:9c:e3:be:cc:07:7b:
db:df:e0:43:5b:b9:04:79:08:2a:04:25:0b:cd:e4:
83:0b:77:6f:fc:f6:30:51:69:b2:cc:98:3d:af:f5:
40:96:c4:96:d5:4e:71:99:be:b6:4f:44:7b:a7:c5:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D8:C1:3B:2C:55:B8:CD:50:B5:4C:9A:F7:94:9C:84:39:83:33:84
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/89jBOyxVuM1QtUya95SchDmDM4Q.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:4b:3e:43:d6:12:8c:bf:d9:d4:ba:ae:b4:11:d1:9c:7e:f2:
37:e9:37:ec:ef:df:86:e6:8b:99:53:74:c2:e0:42:86:fe:fd:
d4:3a:ba:58:75:04:42:b4:2d:68:8f:dd:37:97:c7:ca:57:4b:
22:96:64:7d:e0:9e:5a:83:41:81:1e:ef:cb:53:09:46:cf:a4:
c3:52:52:15:27:78:b6:3d:b1:af:75:ae:75:fe:b1:df:d5:70:
c8:5e:86:f8:c4:51:f6:cb:6a:23:e8:e7:23:ce:63:cc:38:1c:
92:fc:ff:0b:d9:17:45:02:5d:f4:f7:5d:9e:e4:45:a3:0b:01:
35:f1:3d:49:e1:8e:be:18:91:9f:e8:a3:81:6d:a6:ab:34:f5:
61:83:cd:68:f1:5a:54:86:a8:04:7b:e5:ec:ef:41:f6:f7:e7:
b1:f8:18:06:3d:b9:65:d8:45:4a:d3:3f:82:6b:61:e9:43:46:
cc:5b:7c:04:07:3c:a6:c0:d5:ba:ed:1b:d2:5f:50:4d:a8:bd:
25:3f:af:b6:de:5a:62:c2:8b:4c:c0:70:b4:14:80:1f:df:69:
10:35:1c:e5:67:1d:9b:ca:6a:60:d7:a9:5e:13:4d:32:c9:15:
f2:30:50:c7:09:a5:25:5b:ea:6e:27:e7:fc:d8:e6:10:66:9e:
64:03:dd:e4
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMTE1
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoRjNEOEMxM0IyQzU1QjhD
RDUwQjU0QzlBRjc5NDlDODQzOTgzMzM4NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALRUMAxaD/+0Lj9N/3NPZDLt90Zh7fSKioMjkOAasODJhkvjrPsM
jQZYhPk6fONO4g24wB5+G10JBqV11VDH/+NmkhxGAUyIHDlYzv1w9Z+BisxmglnU
/ztEJ7Mec0YFzbEcGkKbb4yrlrz7ArsLJB11nb0TLKMfN1qnbSc6WlBn05zBzaVg
UeJxE5kZypq69ellbT9Q9vGewOgQRImGJqCjV576YkCv5o0YcNhNkX4ZIyEXobue
6GA6Qb2uH5pjbYEEDcChNiKz6TT5nOO+zAd729/gQ1u5BHkIKgQlC83kgwt3b/z2
MFFpssyYPa/1QJbEltVOcZm+tk9Ee6fF5V0CAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTz2ME7LFW4zVC1TJr3lJyEOYMzhDAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvODlqQk95eFZ1TTFRdFV5
YTk1U2NoRG1ETTRRLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAyUs+Q9YSjL/Z1LqutBHRnH7yN+k37O/fhuaL
mVN0wuBChv791Dq6WHUEQrQtaI/dN5fHyldLIpZkfeCeWoNBgR7vy1MJRs+kw1JS
FSd4tj2xr3Wudf6x39VwyF6G+MRR9stqI+jnI85jzDgckvz/C9kXRQJd9PddnuRF
owsBNfE9SeGOvhiRn+ijgW2mqzT1YYPNaPFaVIaoBHvl7O9B9vfnsfgYBj25ZdhF
StM/gmth6UNGzFt8BAc8psDVuu0b0l9QTai9JT+vtt5aYsKLTMBwtBSAH99pEDUc
5Wcdm8pqYNepXhNNMskV8jBQxwmlJVvqbifn/NjmEGaeZAPd5A==
-----END CERTIFICATE-----
Generated at Sun Feb 11 22:30:43 2024 by rpki-client on console-ams.rpki-client.org