Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/CtJEYY4qFDtGy6Lhmrw1V9-0ajM.roa
File: CtJEYY4qFDtGy6Lhmrw1V9-0ajM.roa (raw, json)
Hash identifier: 8cPPF70zzRPxGkFSy3EHMWxvHx8VOaEJh9UJB3s9Tc0=
Subject key identifier: 0A:D2:44:61:8E:2A:14:3B:46:CB:A2:E1:9A:BC:35:57:DF:B4:6A:33
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 022C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CtJEYY4qFDtGy6Lhmrw1V9-0ajM.roa
Signing time: Wed 10 Apr 2024 23:55:04 +0000
ROA not before: Wed 10 Apr 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 556 (0x22c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 10 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0AD244618E2A143B46CBA2E19ABC3557DFB46A33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:83:35:9e:8c:f8:d9:53:8b:d2:7e:1e:0c:24:
a9:e9:0c:26:a0:c6:f9:a7:42:f4:3a:75:cf:2e:62:
bc:19:38:eb:d6:56:ff:17:be:4c:41:e3:01:a0:cb:
bc:00:ac:69:ee:c2:bb:7c:02:93:b6:92:a0:a2:92:
ce:89:31:71:90:48:46:fb:76:14:3f:22:6d:76:fb:
a9:c6:cb:83:4b:37:1b:cb:90:da:d6:80:55:92:4b:
a9:62:80:70:4f:35:22:ef:78:f5:c7:be:8b:c2:c1:
57:fc:50:4e:eb:11:dd:10:7a:ea:8b:ba:0a:a5:0f:
3b:91:f0:b8:a4:0f:49:5a:f6:c2:a3:87:b6:12:3a:
0b:30:23:57:d1:b7:69:2f:3b:a1:85:7e:d9:b6:37:
f4:85:d1:8c:aa:78:cc:08:b6:e0:0e:3b:de:98:aa:
0a:f2:2a:be:39:69:e8:cf:d8:62:07:c1:78:f7:7f:
fb:c2:a0:92:f1:b6:d1:fe:7c:f4:4e:ea:2a:e7:6d:
02:35:c5:cf:9c:91:47:45:92:99:57:53:6c:33:52:
3c:8b:e3:54:a2:cf:8f:76:73:71:ab:e7:b1:99:96:
9d:e9:de:ce:c7:43:b9:70:d9:72:72:d4:17:6c:84:
2f:c9:02:08:38:c6:c0:eb:cc:1e:20:91:46:b5:56:
6c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D2:44:61:8E:2A:14:3B:46:CB:A2:E1:9A:BC:35:57:DF:B4:6A:33
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/CtJEYY4qFDtGy6Lhmrw1V9-0ajM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
11:df:97:63:aa:43:51:01:ca:87:0a:d8:40:1e:d0:10:6f:65:
c9:2a:a8:b4:9c:11:52:d3:72:8d:26:df:f0:5c:15:f2:34:60:
ca:08:dc:74:15:28:ce:96:5c:98:6a:46:ef:07:2d:bf:7f:a1:
cf:34:75:de:5f:94:28:b1:23:17:8e:cd:05:09:e8:46:d9:96:
65:48:e5:3d:a4:51:db:04:6b:0e:3d:10:80:d7:3f:0e:80:a0:
f6:77:25:dc:ec:b6:0b:74:b2:cb:d9:21:60:f4:31:a4:3e:d2:
f0:81:34:ed:8e:1c:20:5e:f7:de:bf:73:b7:c4:4d:60:c8:78:
99:fa:69:dd:f9:43:06:19:2c:ff:7b:39:0e:36:8f:14:57:56:
5b:d1:ca:a7:1a:0d:be:9e:96:f9:c7:9e:61:48:8d:7e:e0:e8:
50:2d:17:fa:70:b0:9d:7f:db:65:cc:af:e6:0d:7c:96:b4:22:
64:42:e9:cf:e5:3e:14:17:e2:4e:9b:38:52:7e:0d:6f:4f:b8:
67:8a:6e:ba:11:a9:a6:82:59:40:43:af:9d:dd:c4:4f:d4:6c:
fe:71:d0:51:bb:e0:29:69:92:bf:bd:4d:02:2b:f3:eb:1c:ec:
01:9b:c7:77:fd:40:05:f5:93:eb:16:0d:41:3c:a4:c6:a3:43:
e2:19:39:3f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAiwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MTAy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBBRDI0NDYxOEUyQTE0
M0I0NkNCQTJFMTlBQkMzNTU3REZCNDZBMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwgzWejPjZU4vSfh4MJKnpDCagxvmnQvQ6dc8uYrwZOOvWVv8X
vkxB4wGgy7wArGnuwrt8ApO2kqCiks6JMXGQSEb7dhQ/Im12+6nGy4NLNxvLkNrW
gFWSS6ligHBPNSLvePXHvovCwVf8UE7rEd0QeuqLugqlDzuR8LikD0la9sKjh7YS
OgswI1fRt2kvO6GFftm2N/SF0YyqeMwItuAOO96YqgryKr45aejP2GIHwXj3f/vC
oJLxttH+fPRO6irnbQI1xc+ckUdFkplXU2wzUjyL41Siz492c3Gr57GZlp3p3s7H
Q7lw2XJy1BdshC/JAgg4xsDrzB4gkUa1Vmw3AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUCtJEYY4qFDtGy6Lhmrw1V9+0ajMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0N0SkVZWTRxRkR0R3k2
TGhtcncxVjktMGFqTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABHfl2OqQ1EByocK2EAe0BBvZckqqLScEVLT
co0m3/BcFfI0YMoI3HQVKM6WXJhqRu8HLb9/oc80dd5flCixIxeOzQUJ6EbZlmVI
5T2kUdsEaw49EIDXPw6AoPZ3Jdzstgt0ssvZIWD0MaQ+0vCBNO2OHCBe996/c7fE
TWDIeJn6ad35QwYZLP97OQ42jxRXVlvRyqcaDb6elvnHnmFIjX7g6FAtF/pwsJ1/
22XMr+YNfJa0ImRC6c/lPhQX4k6bOFJ+DW9PuGeKbroRqaaCWUBDr53dxE/UbP5x
0FG74Clpkr+9TQIr8+sc7AGbx3f9QAX1k+sWDUE8pMajQ+IZOT8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org