Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/D00iaHKh1Wg7e8AwV76AhQVVoCM.roa
File: D00iaHKh1Wg7e8AwV76AhQVVoCM.roa (raw, json)
Hash identifier: yN6HdD9nrk8/8JLQbhyCQN/A58iCk8ZwDZZ2tmDtglA=
Subject key identifier: 0F:4D:22:68:72:A1:D5:68:3B:7B:C0:30:57:BE:80:85:05:55:A0:23
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: B2
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D00iaHKh1Wg7e8AwV76AhQVVoCM.roa
Signing time: Wed 28 Feb 2024 23:55:03 +0000
ROA not before: Wed 28 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178 (0xb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 28 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0F4D226872A1D5683B7BC03057BE80850555A023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:82:c7:66:52:67:dd:d9:7f:ea:0f:93:89:d0:
0b:6e:34:2e:63:23:71:32:b3:55:be:98:2b:08:17:
b7:96:3d:cc:8d:e5:cd:07:0e:32:b5:f0:f6:26:43:
02:31:62:6c:cb:92:3b:a2:5e:81:d5:fe:49:96:34:
6c:1b:20:bb:e9:93:03:65:89:e5:8e:bb:3e:24:5c:
16:87:1c:ca:c3:9f:5e:28:09:5f:5e:bc:46:59:88:
08:07:cc:84:c5:c7:01:7c:94:e6:1d:cf:1e:72:0c:
5e:e7:11:06:fc:5e:b1:1b:07:4a:22:e5:cd:74:43:
e6:ae:93:e4:b7:2e:17:ce:c4:42:22:02:99:b8:7e:
56:ac:4b:93:c3:4a:82:34:05:d5:e5:14:9e:58:9a:
08:68:a7:79:99:d7:fa:cb:c8:4d:c0:20:10:85:ed:
3b:44:b7:d1:fa:b1:7e:ce:fa:63:b2:71:2a:6f:87:
50:24:33:62:9a:21:5f:12:ce:7e:4c:0a:7c:8b:39:
ca:14:5f:cc:3b:5a:1c:95:6c:ee:5a:7d:e2:af:98:
bf:81:38:10:c2:68:0a:44:01:90:81:e5:0b:58:a6:
2d:ac:24:01:92:d4:a4:81:c9:e0:db:20:d0:62:5b:
6a:e3:ea:6b:bf:6b:a2:2b:ab:f5:fa:7f:68:bc:6d:
90:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4D:22:68:72:A1:D5:68:3B:7B:C0:30:57:BE:80:85:05:55:A0:23
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D00iaHKh1Wg7e8AwV76AhQVVoCM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
20:fe:ff:c4:38:fc:34:d2:b1:98:cb:7a:b7:7f:12:7a:d9:d2:
41:98:bd:d9:cd:96:11:1a:a8:43:17:6b:46:35:40:c9:c3:f1:
6a:45:11:01:cf:d0:e7:d9:8a:99:9b:b1:97:86:a2:eb:d9:1d:
47:de:0c:18:90:5a:4c:ad:bd:ca:e9:42:27:67:65:ab:47:04:
93:59:99:2c:19:ae:57:3e:b3:4d:b7:f7:14:90:7d:f0:c5:5a:
3f:66:e5:6f:e7:b1:23:46:9c:0e:a5:c5:11:dd:9f:02:fd:d9:
b1:3a:bd:9d:2e:d7:e1:4f:b0:e4:e8:90:4b:f6:85:d8:8a:77:
26:01:a2:8e:d0:05:eb:fc:a1:9f:62:c9:80:2d:d5:51:e4:98:
0f:05:5a:5e:50:e0:b1:19:c8:de:02:88:22:c3:8f:08:3b:7e:
24:55:e1:4d:ac:48:cd:31:42:96:e7:c4:10:49:a4:8b:cb:e4:
06:03:3c:4b:ce:ef:3e:6f:bb:f5:96:f5:88:47:17:07:51:1b:
dd:fa:0e:d8:60:19:b3:ce:76:23:17:a5:67:82:8e:cf:b0:ab:
31:04:30:09:06:98:8e:39:ff:01:8c:21:3d:92:26:20:71:49:
59:46:d6:8e:fe:61:b8:d2:2a:ae:36:cf:3d:5b:8c:cb:c9:e8:
12:e0:f3:7f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICALIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAyMjgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBGNEQyMjY4NzJBMUQ1
NjgzQjdCQzAzMDU3QkU4MDg1MDU1NUEwMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmgsdmUmfd2X/qD5OJ0AtuNC5jI3Eys1W+mCsIF7eWPcyN5c0H
DjK18PYmQwIxYmzLkjuiXoHV/kmWNGwbILvpkwNlieWOuz4kXBaHHMrDn14oCV9e
vEZZiAgHzITFxwF8lOYdzx5yDF7nEQb8XrEbB0oi5c10Q+auk+S3LhfOxEIiApm4
flasS5PDSoI0BdXlFJ5Ymghop3mZ1/rLyE3AIBCF7TtEt9H6sX7O+mOycSpvh1Ak
M2KaIV8Szn5MCnyLOcoUX8w7WhyVbO5afeKvmL+BOBDCaApEAZCB5QtYpi2sJAGS
1KSByeDbINBiW2rj6mu/a6Irq/X6f2i8bZAFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUD00iaHKh1Wg7e8AwV76AhQVVoCMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0QwMGlhSEtoMVdnN2U4
QXdWNzZBaFFWVm9DTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACD+/8Q4/DTSsZjLerd/EnrZ0kGYvdnNlhEa
qEMXa0Y1QMnD8WpFEQHP0OfZipmbsZeGouvZHUfeDBiQWkytvcrpQidnZatHBJNZ
mSwZrlc+s0239xSQffDFWj9m5W/nsSNGnA6lxRHdnwL92bE6vZ0u1+FPsOTokEv2
hdiKdyYBoo7QBev8oZ9iyYAt1VHkmA8FWl5Q4LEZyN4CiCLDjwg7fiRV4U2sSM0x
QpbnxBBJpIvL5AYDPEvO7z5vu/WW9YhHFwdRG936DthgGbPOdiMXpWeCjs+wqzEE
MAkGmI45/wGMIT2SJiBxSVlG1o7+YbjSKq42zz1bjMvJ6BLg838=
-----END CERTIFICATE-----
Generated at Thu Feb 29 04:25:32 2024 by rpki-client on console-ams.rpki-client.org