Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/AD-yWPnOsvxCpp9vqGt5WiiSMNs.roa
File: AD-yWPnOsvxCpp9vqGt5WiiSMNs.roa (raw, json)
Hash identifier: SFq1kL7M8U8JPAPXJmsHYjtWZ/nP28iu7Q97OsSHT8g=
Subject key identifier: 00:3F:B2:58:F9:CE:B2:FC:42:A6:9F:6F:A8:6B:79:5A:28:92:30:DB
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0340
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/AD-yWPnOsvxCpp9vqGt5WiiSMNs.roa
Signing time: Sat 11 May 2024 15:55:03 +0000
ROA not before: Sat 11 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 832 (0x340)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 11 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=003FB258F9CEB2FC42A69F6FA86B795A289230DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a6:ca:10:4a:37:24:72:23:12:50:e2:78:d7:
a2:72:b9:ee:06:0b:32:f5:3c:41:9d:35:9f:82:51:
55:bd:8c:1b:5b:2b:cf:00:7f:f3:1c:23:20:5c:26:
58:e2:27:11:01:9f:eb:2a:f9:65:84:da:a2:ac:88:
0e:d6:e5:44:59:29:f1:c0:ed:70:6e:bd:bc:67:05:
71:74:37:32:7d:b5:ac:f5:ac:ef:1d:51:e3:04:f6:
bd:de:50:5e:92:e5:fa:95:1f:97:52:43:b8:94:ad:
e6:42:e1:09:f3:1f:82:1d:54:5e:37:8f:f7:f6:61:
c6:50:f2:f2:ed:3d:b5:6e:2a:6e:0c:98:43:cc:a6:
f6:a0:96:5d:62:77:cd:12:6b:e6:56:3f:6c:fc:62:
0d:fe:09:2c:7d:a9:20:a3:06:19:fc:bb:49:4c:09:
34:cf:67:04:93:25:d1:83:1c:8d:c4:eb:c9:21:9b:
01:4b:84:02:98:4f:99:0b:3b:a1:ea:23:bf:1e:9c:
64:21:eb:3a:4f:9c:14:72:42:63:c6:fa:a9:e1:ab:
cf:c2:20:a3:fc:43:c8:7a:93:d5:ea:ea:5b:f5:84:
64:ad:ac:e5:e9:40:70:9c:54:7d:7c:a0:5f:fe:ac:
56:00:3f:05:45:2e:4e:b1:d3:38:62:ad:0d:20:2c:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3F:B2:58:F9:CE:B2:FC:42:A6:9F:6F:A8:6B:79:5A:28:92:30:DB
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/AD-yWPnOsvxCpp9vqGt5WiiSMNs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:11:79:d7:a3:22:a6:40:81:a6:0f:2d:21:c5:38:7f:f8:94:
9a:78:9f:3f:4c:78:13:be:c8:57:a3:23:b3:a1:b4:db:df:91:
3c:63:31:c5:0e:bd:c6:d6:f0:ee:cb:88:1d:c2:62:07:31:c3:
3c:ad:76:65:7a:e5:a4:51:8b:45:88:87:f4:87:3e:27:2d:bb:
81:19:48:fb:53:4a:97:1a:fb:54:c5:fb:3c:0b:37:3e:17:84:
57:95:79:df:c2:76:43:c6:b8:55:8b:74:28:f8:fa:55:a7:0b:
dc:0c:79:42:70:23:c3:64:be:2a:c4:fe:3d:73:b3:8c:4d:f3:
94:d7:20:67:01:d2:da:be:d4:36:7b:df:e3:5b:3c:2a:01:83:
90:78:32:02:a5:09:26:5d:b0:3d:6a:fd:f7:78:cc:f4:1d:00:
8c:15:b0:23:61:af:35:1a:2d:06:26:80:b7:da:99:a5:b6:67:
bc:9e:f6:00:36:25:ea:2e:94:21:a1:08:5a:40:16:1b:ca:b2:
95:d3:69:36:ba:e3:ea:b2:59:89:6b:22:0e:25:f4:07:ec:4e:
25:6f:ea:05:b8:4e:47:7d:6f:fc:23:16:5a:4a:cf:6e:8b:9b:
5c:35:63:68:47:ab:a3:36:ab:64:7e:b7:c6:89:5e:b1:c6:83:
ae:0e:14:92
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA0AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAwM0ZCMjU4RjlDRUIy
RkM0MkE2OUY2RkE4NkI3OTVBMjg5MjMwREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYpsoQSjckciMSUOJ416Jyue4GCzL1PEGdNZ+CUVW9jBtbK88A
f/McIyBcJljiJxEBn+sq+WWE2qKsiA7W5URZKfHA7XBuvbxnBXF0NzJ9taz1rO8d
UeME9r3eUF6S5fqVH5dSQ7iUreZC4QnzH4IdVF43j/f2YcZQ8vLtPbVuKm4MmEPM
pvagll1id80Sa+ZWP2z8Yg3+CSx9qSCjBhn8u0lMCTTPZwSTJdGDHI3E68khmwFL
hAKYT5kLO6HqI78enGQh6zpPnBRyQmPG+qnhq8/CIKP8Q8h6k9Xq6lv1hGStrOXp
QHCcVH18oF/+rFYAPwVFLk6x0zhirQ0gLAVvAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUAD+yWPnOsvxCpp9vqGt5WiiSMNswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0FELXlXUG5Pc3Z4Q3Bw
OXZxR3Q1V2lpU01Ocy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKkRedejIqZAgaYPLSHFOH/4lJp4nz9MeBO+
yFejI7OhtNvfkTxjMcUOvcbW8O7LiB3CYgcxwzytdmV65aRRi0WIh/SHPictu4EZ
SPtTSpca+1TF+zwLNz4XhFeVed/CdkPGuFWLdCj4+lWnC9wMeUJwI8NkvirE/j1z
s4xN85TXIGcB0tq+1DZ73+NbPCoBg5B4MgKlCSZdsD1q/fd4zPQdAIwVsCNhrzUa
LQYmgLfamaW2Z7ye9gA2JeoulCGhCFpAFhvKspXTaTa64+qyWYlrIg4l9AfsTiVv
6gW4Tkd9b/wjFlpKz26Lm1w1Y2hHq6M2q2R+t8aJXrHGg64OFJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org