Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/CiyP3jmCU64jyt9Z7QCPMxGP1I8.roa
File: CiyP3jmCU64jyt9Z7QCPMxGP1I8.roa (raw, json)
Hash identifier: JHQw/fY0J4msizmd8H0zZliyREA/8OxcNfh1z3vwzFo=
Subject key identifier: 0A:2C:8F:DE:39:82:53:AE:23:CA:DF:59:ED:00:8F:33:11:8F:D4:8F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03A9
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CiyP3jmCU64jyt9Z7QCPMxGP1I8.roa
Signing time: Thu 23 May 2024 07:55:04 +0000
ROA not before: Thu 23 May 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937 (0x3a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 23 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0A2C8FDE398253AE23CADF59ED008F33118FD48F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:b6:7d:d2:1e:f8:62:dd:f3:ac:ea:55:8f:
3c:da:89:81:68:2b:76:4b:d9:80:4d:bd:f7:1b:82:
03:5a:d1:ca:44:12:8a:d4:30:f4:d3:a2:15:8d:4f:
03:6e:68:23:6f:6b:19:51:bc:0a:99:1d:5c:b4:db:
43:d2:16:17:f6:95:25:a8:f3:bf:a8:fe:89:1b:7a:
dd:d8:9a:d7:5e:5d:44:f9:e4:bb:c2:35:aa:1f:b4:
95:56:84:9a:2f:c0:81:b4:d3:32:4a:40:4f:07:6f:
54:e2:f5:34:0c:7e:46:07:e4:07:07:a1:3e:f2:76:
59:09:21:67:45:38:c4:e3:d5:64:96:bf:13:52:ef:
dc:fa:44:4c:f5:dc:eb:dd:70:69:46:5c:fe:2e:f8:
31:8a:e9:f6:32:62:eb:e3:12:07:4a:e8:5e:02:fe:
60:78:8c:d8:e4:a3:e4:96:4f:3a:49:02:50:68:09:
69:61:e2:33:71:e7:0e:ab:72:7c:4b:9f:b0:df:a1:
a9:67:97:1f:19:fe:bb:95:78:ef:03:d6:f3:39:47:
cf:51:d8:d3:52:89:45:98:2d:8b:4d:20:ba:ff:d9:
3d:71:b9:d7:2d:36:a5:b1:d0:94:b8:f5:0b:c3:ec:
0e:67:36:44:5d:b3:8a:c0:92:43:77:5c:25:f7:5b:
c6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2C:8F:DE:39:82:53:AE:23:CA:DF:59:ED:00:8F:33:11:8F:D4:8F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CiyP3jmCU64jyt9Z7QCPMxGP1I8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:68:75:f5:d8:4a:34:12:0d:83:12:96:38:d1:d1:1b:95:a7:
c1:72:8a:59:3f:ae:88:68:85:ed:f3:54:cd:24:23:c7:69:9b:
9b:03:5e:68:da:99:05:a5:91:ca:af:95:82:22:be:42:ef:c0:
a7:38:e3:16:2b:e4:02:9d:bf:56:7c:c2:dc:2d:c0:04:4c:dd:
01:81:16:95:ef:44:94:72:99:36:4b:13:5a:64:f5:d2:69:c6:
5f:cd:3a:20:06:b4:7d:e3:86:85:43:b7:20:25:b2:cf:0c:ae:
8d:d4:51:f0:0f:fa:ea:b7:7c:96:ff:04:23:91:29:a1:e8:c5:
d7:23:18:1e:a1:37:04:38:55:26:54:c9:5a:6c:a1:2c:3d:5a:
03:97:4f:f7:9a:f6:22:cd:a7:3e:ab:ff:1e:92:5d:3d:4c:f5:
3a:b0:81:79:24:c0:fd:5e:41:10:6c:e4:5e:24:b6:f7:fe:65:
ee:0d:f0:ce:96:c7:cf:07:70:46:96:c0:33:1c:50:a8:e4:ea:
a5:4d:e4:9c:83:1e:18:77:00:1f:57:0d:b9:93:d4:30:5d:fb:
16:a2:cd:80:fd:84:71:f0:6d:3d:2b:f5:06:af:dd:12:f4:7c:
a4:10:b9:1d:c3:5a:ac:ed:b9:36:92:9a:65:98:02:ef:12:16:
4c:76:f8:37
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MjMw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBBMkM4RkRFMzk4MjUz
QUUyM0NBREY1OUVEMDA4RjMzMTE4RkQ0OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7xbZ90h74Yt3zrOpVjzzaiYFoK3ZL2YBNvfcbggNa0cpEEorU
MPTTohWNTwNuaCNvaxlRvAqZHVy020PSFhf2lSWo87+o/okbet3YmtdeXUT55LvC
NaoftJVWhJovwIG00zJKQE8Hb1Ti9TQMfkYH5AcHoT7ydlkJIWdFOMTj1WSWvxNS
79z6REz13OvdcGlGXP4u+DGK6fYyYuvjEgdK6F4C/mB4jNjko+SWTzpJAlBoCWlh
4jNx5w6rcnxLn7Dfoalnlx8Z/ruVeO8D1vM5R89R2NNSiUWYLYtNILr/2T1xudct
NqWx0JS49QvD7A5nNkRds4rAkkN3XCX3W8aJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUCiyP3jmCU64jyt9Z7QCPMxGP1I8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0NpeVAzam1DVTY0anl0
OVo3UUNQTXhHUDFJOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKpodfXYSjQSDYMSljjR0RuVp8Fyilk/roho
he3zVM0kI8dpm5sDXmjamQWlkcqvlYIivkLvwKc44xYr5AKdv1Z8wtwtwARM3QGB
FpXvRJRymTZLE1pk9dJpxl/NOiAGtH3jhoVDtyAlss8Mro3UUfAP+uq3fJb/BCOR
KaHoxdcjGB6hNwQ4VSZUyVpsoSw9WgOXT/ea9iLNpz6r/x6SXT1M9TqwgXkkwP1e
QRBs5F4ktvf+Ze4N8M6Wx88HcEaWwDMcUKjk6qVN5JyDHhh3AB9XDbmT1DBd+xai
zYD9hHHwbT0r9Qav3RL0fKQQuR3DWqztuTaSmmWYAu8SFkx2+Dc=
-----END CERTIFICATE-----
Generated at Thu May 23 15:27:14 2024 by rpki-client on console-ams.rpki-client.org