Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/D0TlwK2-NIFo7-nW0V9gyxMsd04.roa
File: D0TlwK2-NIFo7-nW0V9gyxMsd04.roa (raw, json)
Hash identifier: isaEegBxSkxan2NVIrbY2lIEsgjBZlqNj3LnyUTsj/U=
Subject key identifier: 0F:44:E5:C0:AD:BE:34:81:68:EF:E9:D6:D1:5F:60:CB:13:2C:77:4E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 6D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D0TlwK2-NIFo7-nW0V9gyxMsd04.roa
Signing time: Wed 21 Feb 2024 07:55:03 +0000
ROA not before: Wed 21 Feb 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109 (0x6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 21 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0F44E5C0ADBE348168EFE9D6D15F60CB132C774E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d7:b3:73:29:82:f1:ad:df:e9:34:f5:dc:3d:
2c:fa:b2:a9:08:b7:8d:87:fb:a4:c1:9d:59:c2:65:
3f:45:69:ae:f1:34:d0:f9:b9:04:09:5e:96:e3:9c:
f0:31:81:26:58:bc:94:d8:15:a1:3e:81:b0:cf:99:
e6:ee:c5:bc:c2:db:3b:3c:92:f7:74:99:17:c5:83:
d3:9c:dd:1a:c4:e6:06:b0:de:c2:bc:d0:e9:fe:c4:
b0:89:bc:65:b8:ff:62:af:09:bc:d2:3e:32:0b:da:
5a:ca:95:07:b8:8d:85:f8:28:11:22:98:9f:56:7c:
5e:a4:87:8f:0f:3a:11:a6:82:06:d8:8f:2a:6b:fb:
ac:8a:04:32:61:65:b0:8b:9b:5f:89:7c:49:40:60:
5f:71:da:6c:20:41:67:7d:e7:33:1f:30:1d:9f:6c:
9a:a2:9e:d0:02:8c:bc:c4:98:d0:af:ed:43:f5:f6:
5f:30:9c:e0:1a:c2:32:eb:a5:85:c6:a4:96:37:dd:
75:d5:5c:9a:91:56:4c:49:4e:74:2d:c0:40:1c:0f:
68:04:ef:a8:a0:0e:39:06:8c:91:ab:7e:cd:e2:f0:
fe:9e:6e:34:32:0b:d5:6e:9f:ab:6d:1b:9d:30:fe:
02:63:5c:b7:bf:76:f6:4f:db:ce:82:a7:be:87:e4:
b8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:44:E5:C0:AD:BE:34:81:68:EF:E9:D6:D1:5F:60:CB:13:2C:77:4E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/D0TlwK2-NIFo7-nW0V9gyxMsd04.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c5:28:f3:a7:c9:e1:5e:b9:88:4d:e9:3b:fb:5f:93:b9:06:
c5:7d:e8:14:f7:12:50:b9:72:3a:f3:59:17:44:71:d2:5d:a0:
0c:97:aa:3a:12:79:e2:58:02:23:6a:34:f6:33:d4:28:ae:53:
cc:e1:fa:68:8d:14:5a:9f:26:82:58:4a:14:a2:e8:11:96:6a:
80:9a:77:ba:b4:a3:9f:d8:15:9b:a1:6a:be:36:eb:f1:2e:23:
72:fc:79:6f:6c:bb:42:a8:2f:ae:8c:be:18:d5:e7:98:26:c8:
2f:67:18:a3:43:f3:b9:80:42:1f:d1:7b:4a:9c:38:be:63:42:
57:a9:6d:3f:37:69:86:36:ef:8d:06:a5:c3:bb:37:ea:82:5a:
39:9c:0a:70:bd:e6:20:2e:96:a9:2f:79:bc:3a:c1:bd:6f:08:
8e:ca:8f:bb:f6:b2:b1:52:9e:12:83:5c:4f:ad:c3:84:0d:f1:
b8:6e:58:5f:47:f9:80:f0:0d:a0:32:5d:e3:37:34:7e:8f:eb:
96:3b:aa:e8:b3:6e:46:9d:5d:68:ee:9d:a4:46:ab:42:4d:ad:
33:a3:c2:48:b4:ab:a1:8d:32:52:8b:a4:88:96:42:f3:22:52:
81:7a:f7:98:5c:7e:81:b8:61:b6:30:c8:45:0b:e0:d3:72:6c:
71:8b:83:97
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIyMTA3
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMEY0NEU1QzBBREJFMzQ4
MTY4RUZFOUQ2RDE1RjYwQ0IxMzJDNzc0RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMvXs3MpgvGt3+k09dw9LPqyqQi3jYf7pMGdWcJlP0VprvE00Pm5
BAleluOc8DGBJli8lNgVoT6BsM+Z5u7FvMLbOzyS93SZF8WD05zdGsTmBrDewrzQ
6f7EsIm8Zbj/Yq8JvNI+MgvaWsqVB7iNhfgoESKYn1Z8XqSHjw86EaaCBtiPKmv7
rIoEMmFlsIubX4l8SUBgX3HabCBBZ33nMx8wHZ9smqKe0AKMvMSY0K/tQ/X2XzCc
4BrCMuulhcakljfdddVcmpFWTElOdC3AQBwPaATvqKAOOQaMkat+zeLw/p5uNDIL
1W6fq20bnTD+AmNct7929k/bzoKnvofkuJMCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBQPROXArb40gWjv6dbRX2DLEyx3TjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvRDBUbHdLMi1OSUZvNy1u
VzBWOWd5eE1zZDA0LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEACMUo86fJ4V65iE3pO/tfk7kGxX3oFPcSULly
OvNZF0Rx0l2gDJeqOhJ54lgCI2o09jPUKK5TzOH6aI0UWp8mglhKFKLoEZZqgJp3
urSjn9gVm6Fqvjbr8S4jcvx5b2y7Qqgvroy+GNXnmCbIL2cYo0PzuYBCH9F7Spw4
vmNCV6ltPzdphjbvjQalw7s36oJaOZwKcL3mIC6WqS95vDrBvW8IjsqPu/aysVKe
EoNcT63DhA3xuG5YX0f5gPANoDJd4zc0fo/rljuq6LNuRp1daO6dpEarQk2tM6PC
SLSroY0yUoukiJZC8yJSgXr3mFx+gbhhtjDIRQvg03JscYuDlw==
-----END CERTIFICATE-----
Generated at Wed Feb 21 16:10:51 2024 by rpki-client on console-ams.rpki-client.org