Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/9PmVn11XcQ441jKH76zn3PYofkY.roa
File: 9PmVn11XcQ441jKH76zn3PYofkY.roa (raw, json)
Hash identifier: QMcDKYzmzXj6yQ6CQtQ2S2vRWzg1fB5nelMR4YuZPFk=
Subject key identifier: F4:F9:95:9F:5D:57:71:0E:38:D6:32:87:EF:AC:E7:DC:F6:28:7E:46
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0352
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/9PmVn11XcQ441jKH76zn3PYofkY.roa
Signing time: Mon 13 May 2024 15:55:03 +0000
ROA not before: Mon 13 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 850 (0x352)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 13 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F4F9959F5D57710E38D63287EFACE7DCF6287E46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a1:cb:8c:47:1f:c6:d0:e7:3e:60:c6:a7:ea:
8d:c9:f1:1f:db:f7:c8:00:8d:30:f3:5a:99:a0:28:
d7:7b:87:1e:d6:65:67:cc:c0:46:69:10:cc:50:7b:
25:49:41:e2:34:e3:cf:0c:31:fd:39:cc:22:cc:29:
02:7a:47:f3:0a:f7:d7:41:56:9b:1a:37:93:c5:5b:
c8:de:72:87:2f:8c:7f:91:5e:9c:69:f4:d4:90:3c:
c1:ad:31:c2:0e:99:f7:a0:e3:95:5c:74:17:a5:c3:
89:20:33:c1:87:82:59:56:d1:56:32:a5:2b:c4:93:
40:98:a1:68:bb:b6:d0:25:f1:01:33:c9:09:7b:e4:
e0:55:83:7f:0c:fb:13:2c:9c:be:08:31:05:81:f5:
6e:9b:df:51:68:06:eb:e5:d9:55:aa:d0:50:ad:57:
87:40:d3:5b:02:85:fb:94:a8:e2:4d:87:07:4f:42:
91:d4:8a:7e:e8:24:1c:f4:8b:27:3f:cf:ef:0f:13:
aa:de:a3:71:71:bb:9d:4d:14:fa:55:46:5e:6f:9d:
e7:ff:89:67:b4:c3:05:2e:d8:49:1b:f0:23:52:7c:
8b:63:32:5c:a4:30:e9:c3:7a:89:12:85:46:7c:96:
aa:61:7e:c3:49:4c:84:18:28:c3:dc:e7:32:e1:78:
6e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F9:95:9F:5D:57:71:0E:38:D6:32:87:EF:AC:E7:DC:F6:28:7E:46
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/9PmVn11XcQ441jKH76zn3PYofkY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
18:f4:17:27:95:e2:de:a7:52:bf:b0:91:ec:8d:04:bb:07:6c:
eb:d2:6d:95:fc:91:9a:16:99:3f:4b:da:fa:34:e7:25:ac:42:
8a:27:32:dc:53:03:e8:f4:32:a5:e1:9b:21:7c:a0:7c:39:8f:
76:8b:be:c8:64:b0:3f:96:6e:6c:f7:8d:a8:70:91:7c:c8:65:
b3:0d:e7:12:b7:70:e8:45:dd:69:d1:49:bb:85:03:89:3d:b9:
97:f1:7b:dc:b4:02:20:28:1d:dd:0b:0e:cd:1b:15:d9:5d:a1:
9c:a0:0c:14:6b:af:76:0c:68:1c:d1:31:41:91:dd:e7:7d:c3:
5a:70:ab:e1:6b:cb:9b:f3:0e:f5:6e:8f:d9:c1:39:72:78:74:
bb:34:8c:60:f7:af:a5:22:08:7c:ce:dd:3d:17:20:e9:e2:79:
af:d0:42:b5:89:91:23:8d:d1:25:26:79:51:d4:e4:94:cc:78:
73:66:0b:b2:b8:4c:d7:6e:51:81:58:29:58:a6:17:f9:8e:e6:
37:49:48:73:81:c2:f3:6d:a0:8a:3d:57:77:7e:da:01:a9:8c:
48:4f:bf:29:2e:e4:df:0e:e4:05:35:33:f0:aa:60:f0:57:2a:
b3:4b:f3:03:e6:2e:5f:60:22:50:ac:f1:70:fc:08:d9:72:5f:
6d:55:a2:05
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTMx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEY0Rjk5NTlGNUQ1Nzcx
MEUzOEQ2MzI4N0VGQUNFN0RDRjYyODdFNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmocuMRx/G0Oc+YMan6o3J8R/b98gAjTDzWpmgKNd7hx7WZWfM
wEZpEMxQeyVJQeI0488MMf05zCLMKQJ6R/MK99dBVpsaN5PFW8jecocvjH+RXpxp
9NSQPMGtMcIOmfeg45VcdBelw4kgM8GHgllW0VYypSvEk0CYoWi7ttAl8QEzyQl7
5OBVg38M+xMsnL4IMQWB9W6b31FoBuvl2VWq0FCtV4dA01sChfuUqOJNhwdPQpHU
in7oJBz0iyc/z+8PE6reo3Fxu51NFPpVRl5vnef/iWe0wwUu2Ekb8CNSfItjMlyk
MOnDeokShUZ8lqphfsNJTIQYKMPc5zLheG5fAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU9PmVn11XcQ441jKH76zn3PYofkYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzlQbVZuMTFYY1E0NDFq
S0g3NnpuM1BZb2ZrWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABj0FyeV4t6nUr+wkeyNBLsHbOvSbZX8kZoW
mT9L2vo05yWsQoonMtxTA+j0MqXhmyF8oHw5j3aLvshksD+Wbmz3jahwkXzIZbMN
5xK3cOhF3WnRSbuFA4k9uZfxe9y0AiAoHd0LDs0bFdldoZygDBRrr3YMaBzRMUGR
3ed9w1pwq+Fry5vzDvVuj9nBOXJ4dLs0jGD3r6UiCHzO3T0XIOniea/QQrWJkSON
0SUmeVHU5JTMeHNmC7K4TNduUYFYKVimF/mO5jdJSHOBwvNtoIo9V3d+2gGpjEhP
vyku5N8O5AU1M/CqYPBXKrNL8wPmLl9gIlCs8XD8CNlyX21VogU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org