Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/CSTICRtsfKhIqDuujb8LWwetOig.roa
File: CSTICRtsfKhIqDuujb8LWwetOig.roa (raw, json)
Hash identifier: Iw2ebbL+EVv86hb8f8U9/yZAxR9XwVuBpxaXwXXuQuk=
Subject key identifier: 09:24:C8:09:1B:6C:7C:A8:48:A8:3B:AE:8D:BF:0B:5B:07:AD:3A:28
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0250
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CSTICRtsfKhIqDuujb8LWwetOig.roa
Signing time: Sun 14 Apr 2024 23:55:04 +0000
ROA not before: Sun 14 Apr 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 592 (0x250)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 14 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0924C8091B6C7CA848A83BAE8DBF0B5B07AD3A28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:90:45:7d:4f:a2:73:03:3e:b1:a8:d4:30:b7:
eb:55:32:8f:66:70:71:45:7b:be:57:3b:ce:f0:75:
a0:39:e1:ff:5b:1f:02:d4:09:de:a4:92:d2:ff:02:
90:7f:36:c1:e3:11:1d:2a:2e:f2:98:97:1f:a3:42:
31:71:24:6b:38:24:91:19:8a:7b:7c:67:3b:76:a1:
81:bd:24:88:a4:c1:ac:2f:a3:ff:94:5e:05:24:fb:
c9:4d:01:97:1f:97:b2:6c:3b:5e:1a:5c:e8:54:d0:
8e:f7:6b:33:18:b3:d9:64:64:57:04:31:e0:2d:5d:
d6:36:40:ca:13:d9:d3:8f:72:8f:fa:a2:7c:42:97:
c7:d6:ac:21:e1:c4:cf:7d:94:10:27:37:7f:b2:4a:
c6:44:c2:da:94:cc:6e:11:20:20:a4:1c:6c:d5:b7:
40:2e:bb:77:d4:f4:29:3d:b7:0e:a5:dd:f8:37:07:
e1:6a:dd:5d:6b:cb:9a:4e:93:9d:86:1b:e9:1a:c9:
66:4c:9e:9a:40:dc:86:de:29:cd:4e:98:98:86:f0:
cf:bc:21:c9:6f:c6:bc:9e:48:d6:09:98:3f:db:10:
c9:99:6f:cc:75:77:aa:10:68:3b:84:4b:42:be:95:
08:c7:59:54:6e:d9:ee:50:2f:88:6b:49:e3:d0:05:
7f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:24:C8:09:1B:6C:7C:A8:48:A8:3B:AE:8D:BF:0B:5B:07:AD:3A:28
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CSTICRtsfKhIqDuujb8LWwetOig.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
17:9c:b5:fc:51:94:cc:5c:de:ee:2a:3f:f7:ec:43:22:6c:a7:
dc:98:36:5d:e3:a3:ee:27:0c:1f:12:14:f9:3e:f2:44:3d:bb:
7b:3f:0d:65:0e:c1:f0:71:7d:fe:2a:dd:4d:b9:d1:09:bd:02:
5f:2c:de:a8:1f:94:e2:6a:60:37:e3:5b:ed:74:3a:02:30:29:
2d:30:8a:cf:75:64:3c:c6:35:d2:6b:f3:83:1e:4c:49:bf:b6:
e3:6f:b0:2d:c5:e0:7a:b1:2b:f2:63:e0:2f:0f:8d:36:62:d4:
03:bc:fa:fd:0e:a8:82:05:a1:fe:6d:13:af:4e:26:57:3c:1c:
c4:03:5b:0f:5c:e4:35:fa:66:27:96:4a:29:7a:63:b9:54:c6:
c0:94:db:ab:f6:2a:86:70:64:be:7f:e5:32:96:b4:e6:47:a7:
b1:2c:b6:f1:69:d2:ea:a3:00:a2:e7:c8:d6:24:f7:8d:47:3a:
fb:16:60:66:d8:0d:7d:f7:cb:c5:6c:62:a0:24:18:0e:ce:e2:
0b:69:f2:1b:a9:7d:1e:f4:c3:cc:76:7b:9b:ca:70:29:5c:ae:
41:8e:16:22:09:6f:df:5d:f1:f9:3d:64:54:ad:f8:1d:fa:e9:
9c:54:9c:30:8b:14:32:72:75:82:fd:60:45:9f:78:0d:d3:ad:
d5:02:56:30
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAlAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MTQy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA5MjRDODA5MUI2QzdD
QTg0OEE4M0JBRThEQkYwQjVCMDdBRDNBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHkEV9T6JzAz6xqNQwt+tVMo9mcHFFe75XO87wdaA54f9bHwLU
Cd6kktL/ApB/NsHjER0qLvKYlx+jQjFxJGs4JJEZint8Zzt2oYG9JIikwawvo/+U
XgUk+8lNAZcfl7JsO14aXOhU0I73azMYs9lkZFcEMeAtXdY2QMoT2dOPco/6onxC
l8fWrCHhxM99lBAnN3+ySsZEwtqUzG4RICCkHGzVt0Auu3fU9Ck9tw6l3fg3B+Fq
3V1ry5pOk52GG+kayWZMnppA3IbeKc1OmJiG8M+8IclvxryeSNYJmD/bEMmZb8x1
d6oQaDuES0K+lQjHWVRu2e5QL4hrSePQBX8LAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUCSTICRtsfKhIqDuujb8LWwetOigwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0NTVElDUnRzZktoSXFE
dXVqYjhMV3dldE9pZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABectfxRlMxc3u4qP/fsQyJsp9yYNl3jo+4n
DB8SFPk+8kQ9u3s/DWUOwfBxff4q3U250Qm9Al8s3qgflOJqYDfjW+10OgIwKS0w
is91ZDzGNdJr84MeTEm/tuNvsC3F4HqxK/Jj4C8PjTZi1AO8+v0OqIIFof5tE69O
Jlc8HMQDWw9c5DX6ZieWSil6Y7lUxsCU26v2KoZwZL5/5TKWtOZHp7EstvFp0uqj
AKLnyNYk941HOvsWYGbYDX33y8VsYqAkGA7O4gtp8hupfR70w8x2e5vKcClcrkGO
FiIJb99d8fk9ZFSt+B366ZxUnDCLFDJydYL9YEWfeA3TrdUCVjA=
-----END CERTIFICATE-----
Generated at Mon Apr 15 06:39:31 2024 by rpki-client on console-ams.rpki-client.org