Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/8EIObm-bEVMdUfUcVimUYytytzc.roa
File: 8EIObm-bEVMdUfUcVimUYytytzc.roa (raw, json)
Hash identifier: pDrrSGjEuC4biZ29ny8Vr3Ndd0g3lqexHJtHwUJiUSs=
Subject key identifier: F0:42:0E:6E:6F:9B:11:53:1D:51:F5:1C:56:29:94:63:2B:72:B7:37
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 7F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/8EIObm-bEVMdUfUcVimUYytytzc.roa
Signing time: Fri 23 Feb 2024 07:55:03 +0000
ROA not before: Fri 23 Feb 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127 (0x7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 23 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F0420E6E6F9B11531D51F51C562994632B72B737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:94:77:c4:8c:0a:54:13:c8:fc:05:3e:94:
78:e9:46:10:9d:c0:2a:c8:51:3e:dd:a4:6e:00:ba:
a4:b3:d7:a5:10:aa:06:7d:0e:a9:87:5b:ca:fc:ee:
7a:6f:84:9f:ff:4f:63:9d:ef:f7:01:33:c4:f6:71:
d5:20:14:91:d3:bf:b5:bd:7b:8f:f3:9c:92:52:f0:
fb:05:da:a3:1f:99:a3:2f:c8:99:af:71:16:78:0b:
a6:c7:bf:8f:19:ec:53:1f:f8:5c:72:be:97:32:86:
13:f8:79:16:f6:25:b4:21:d3:73:b5:62:fb:3f:b8:
77:ca:6a:65:c9:25:1d:3c:f4:f9:af:2f:f5:d6:03:
c9:42:c5:b8:2b:bd:ed:24:9f:fe:81:48:51:24:a7:
7a:54:6a:ca:e9:3d:8a:90:af:7b:fb:9d:90:23:26:
22:67:55:d0:74:9b:03:d1:fc:8c:3e:8c:2f:cb:9f:
4d:b6:18:48:47:82:7c:19:00:1e:76:55:18:b0:98:
b5:26:af:5a:af:bb:ba:a7:7b:39:fb:d4:bb:ec:ab:
60:83:3f:02:5e:46:98:17:6a:97:a5:bf:f7:1c:8e:
2f:5c:de:6f:ca:c4:0e:5f:0a:f4:e2:df:14:be:e1:
5b:fb:b6:a6:2f:70:b6:3d:b9:bd:4b:1a:50:cf:00:
1d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:42:0E:6E:6F:9B:11:53:1D:51:F5:1C:56:29:94:63:2B:72:B7:37
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/8EIObm-bEVMdUfUcVimUYytytzc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:ac:a5:48:54:f1:a1:63:e3:94:8a:8d:6d:f4:50:b9:89:dd:
11:fa:20:b4:5f:42:10:5f:04:d9:f9:55:ef:b7:14:e2:75:ab:
9a:15:d6:6b:43:3c:46:46:7a:75:97:6c:b4:bb:a3:1a:07:92:
ed:c8:14:0b:39:43:a3:6f:b8:74:d4:18:41:3b:09:41:11:eb:
d9:23:a3:b6:b3:98:6d:0d:49:c6:1a:a9:88:26:d5:23:dd:b1:
4a:a4:3b:52:51:78:eb:1f:ac:40:c2:2d:dc:39:c0:b9:da:da:
e8:3b:59:0a:b8:76:2e:f8:6e:8c:12:29:9b:17:66:29:3b:86:
03:ac:93:e6:9e:72:b9:e0:29:30:f0:1b:12:01:9b:73:33:b6:
9b:9c:b7:89:d3:5e:40:4c:10:71:74:5b:6b:53:4f:7b:43:b6:
77:81:0f:75:50:8e:eb:33:41:f8:c0:17:b5:51:5c:2e:6e:3b:
50:5f:90:6f:47:83:61:3d:8f:a4:bf:48:f3:04:c7:b7:32:25:
9b:d9:a4:a0:79:cc:92:b8:df:4e:72:7d:bd:6f:88:bd:a1:25:
a0:72:a6:0f:d4:5b:c8:31:5c:17:c8:cc:ad:98:28:42:36:28:
61:ed:34:2e:05:da:cb:6b:60:0c:1d:b1:e6:25:22:b6:06:d0:
84:43:7b:74
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIyMzA3
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoRjA0MjBFNkU2RjlCMTE1
MzFENTFGNTFDNTYyOTk0NjMyQjcyQjczNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKlRlHfEjApUE8j8BT6UeOlGEJ3AKshRPt2kbgC6pLPXpRCqBn0O
qYdbyvzuem+En/9PY53v9wEzxPZx1SAUkdO/tb17j/OcklLw+wXaox+Zoy/Ima9x
FngLpse/jxnsUx/4XHK+lzKGE/h5FvYltCHTc7Vi+z+4d8pqZcklHTz0+a8v9dYD
yULFuCu97SSf/oFIUSSnelRqyuk9ipCve/udkCMmImdV0HSbA9H8jD6ML8ufTbYY
SEeCfBkAHnZVGLCYtSavWq+7uqd7OfvUu+yrYIM/Al5GmBdql6W/9xyOL1zeb8rE
Dl8K9OLfFL7hW/u2pi9wtj25vUsaUM8AHdUCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTwQg5ub5sRUx1R9RxWKZRjK3K3NzAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvOEVJT2JtLWJFVk1kVWZV
Y1ZpbVVZeXR5dHpjLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAqKylSFTxoWPjlIqNbfRQuYndEfogtF9CEF8E
2flV77cU4nWrmhXWa0M8RkZ6dZdstLujGgeS7cgUCzlDo2+4dNQYQTsJQRHr2SOj
trOYbQ1JxhqpiCbVI92xSqQ7UlF46x+sQMIt3DnAudra6DtZCrh2LvhujBIpmxdm
KTuGA6yT5p5yueApMPAbEgGbczO2m5y3idNeQEwQcXRba1NPe0O2d4EPdVCO6zNB
+MAXtVFcLm47UF+Qb0eDYT2PpL9I8wTHtzIlm9mkoHnMkrjfTnJ9vW+IvaEloHKm
D9RbyDFcF8jMrZgoQjYoYe00LgXay2tgDB2x5iUitgbQhEN7dA==
-----END CERTIFICATE-----
Generated at Fri Feb 23 16:26:39 2024 by rpki-client on console-ams.rpki-client.org