Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/8Ch64OKWmn4i6VlkaX0Y-LaqLcg.roa
File: 8Ch64OKWmn4i6VlkaX0Y-LaqLcg.roa (raw, json)
Hash identifier: 6DaYCa+I9sgCmM7ezlsH0mH33BZnb0leufPR5NMEJHw=
Subject key identifier: F0:28:7A:E0:E2:96:9A:7E:22:E9:59:64:69:7D:18:F8:B6:AA:2D:C8
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0133
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/8Ch64OKWmn4i6VlkaX0Y-LaqLcg.roa
Signing time: Thu 14 Mar 2024 07:55:03 +0000
ROA not before: Thu 14 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 307 (0x133)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 14 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F0287AE0E2969A7E22E95964697D18F8B6AA2DC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:59:57:73:ab:da:96:c2:65:ac:c2:45:7e:0c:
ff:9d:0e:32:4b:d0:bf:39:c6:00:34:d6:58:fa:d9:
a8:6f:39:b6:7c:37:e2:ca:fb:73:49:76:23:6f:df:
58:ce:8f:de:d6:f3:21:1d:b8:01:ff:81:91:5d:b7:
76:cd:2c:22:64:fd:ff:b1:9b:11:3d:f7:aa:af:14:
44:8e:49:fc:07:57:92:4e:8b:4d:32:94:a4:b6:8c:
71:ad:b1:86:51:56:5f:05:ca:8f:22:e4:d2:54:06:
e9:16:93:ba:15:36:db:e9:24:52:38:25:b8:79:98:
97:a9:51:b7:1d:83:8e:23:17:2e:4e:4e:11:d5:5e:
46:be:67:97:27:55:cd:da:0c:85:91:5d:cd:91:00:
11:43:e8:33:f0:df:86:fe:2b:e9:29:fa:f9:44:9c:
9c:19:a1:4d:85:e9:85:c6:a4:c7:1b:4d:19:45:80:
4a:41:e3:a6:c3:7f:64:3f:db:33:b4:fd:5b:75:0c:
71:66:52:40:f2:59:d8:6e:ed:aa:48:c7:c5:ad:66:
a1:ec:98:7d:5c:69:78:24:5f:57:58:54:ad:37:7c:
54:5a:16:40:fe:fa:9b:c4:65:7b:05:ae:55:f8:c5:
1e:6f:e9:4a:d8:0f:0f:63:d8:e7:42:46:7b:3a:9b:
c3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:28:7A:E0:E2:96:9A:7E:22:E9:59:64:69:7D:18:F8:B6:AA:2D:C8
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/8Ch64OKWmn4i6VlkaX0Y-LaqLcg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
21:16:8e:e9:1b:2a:a1:9d:e2:88:2b:cf:ac:cb:24:23:f6:54:
35:d2:d6:f7:75:0c:56:64:ab:28:c8:32:29:b7:8e:98:a3:74:
67:3d:0d:56:ad:68:d9:77:ce:51:d5:2d:8e:bd:3b:2a:9b:86:
f3:2f:b1:f7:f5:fb:e3:6d:29:8a:a9:1d:41:67:d1:5d:2d:1c:
6b:de:ae:02:0b:d8:70:7d:15:53:fd:4d:d8:f2:c7:31:e5:cf:
47:05:8d:a6:e8:83:11:10:73:e3:42:d6:b6:41:fe:42:52:9c:
33:13:89:77:e9:e3:ed:77:dd:8b:be:71:c8:e0:57:74:da:16:
52:08:92:33:e0:8f:c1:f5:65:32:ea:97:10:fb:41:b0:b9:a4:
1d:4d:1d:08:d1:f8:d2:9b:df:1f:15:e9:ce:00:86:47:23:6f:
d8:eb:6e:91:bd:9a:31:67:75:ce:bf:27:44:9e:1f:29:94:a9:
a3:70:96:ac:84:ca:4a:fc:b7:1a:47:40:7e:d7:d6:ed:a0:cb:
97:d6:0b:1c:5b:fc:23:fb:20:5c:9d:a4:64:8e:e7:7a:5d:07:
49:25:78:5b:95:66:ca:a0:af:54:c2:1d:fa:99:ec:ee:e5:ae:
d9:f2:ca:45:53:27:a7:fe:1f:d3:b1:ab:02:d4:1f:94:ad:1d:
30:2b:6a:2d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICATMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTQw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEYwMjg3QUUwRTI5NjlB
N0UyMkU5NTk2NDY5N0QxOEY4QjZBQTJEQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEWVdzq9qWwmWswkV+DP+dDjJL0L85xgA01lj62ahvObZ8N+LK
+3NJdiNv31jOj97W8yEduAH/gZFdt3bNLCJk/f+xmxE996qvFESOSfwHV5JOi00y
lKS2jHGtsYZRVl8Fyo8i5NJUBukWk7oVNtvpJFI4Jbh5mJepUbcdg44jFy5OThHV
Xka+Z5cnVc3aDIWRXc2RABFD6DPw34b+K+kp+vlEnJwZoU2F6YXGpMcbTRlFgEpB
46bDf2Q/2zO0/Vt1DHFmUkDyWdhu7apIx8WtZqHsmH1caXgkX1dYVK03fFRaFkD+
+pvEZXsFrlX4xR5v6UrYDw9j2OdCRns6m8PvAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU8Ch64OKWmn4i6VlkaX0Y+LaqLcgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzhDaDY0T0tXbW40aTZW
bGthWDBZLUxhcUxjZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACEWjukbKqGd4ogrz6zLJCP2VDXS1vd1DFZk
qyjIMim3jpijdGc9DVataNl3zlHVLY69OyqbhvMvsff1++NtKYqpHUFn0V0tHGve
rgIL2HB9FVP9TdjyxzHlz0cFjabogxEQc+NC1rZB/kJSnDMTiXfp4+133Yu+ccjg
V3TaFlIIkjPgj8H1ZTLqlxD7QbC5pB1NHQjR+NKb3x8V6c4Ahkcjb9jrbpG9mjFn
dc6/J0SeHymUqaNwlqyEykr8txpHQH7X1u2gy5fWCxxb/CP7IFydpGSO53pdB0kl
eFuVZsqgr1TCHfqZ7O7lrtnyykVTJ6f+H9OxqwLUH5StHTArai0=
-----END CERTIFICATE-----
Generated at Thu Mar 14 14:48:36 2024 by rpki-client on console-ams.rpki-client.org