Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/E2zDVPCOtiyyxVvwxASB1D0q2uM.roa
File: E2zDVPCOtiyyxVvwxASB1D0q2uM.roa (raw, json)
Hash identifier: Z2OYKQ/JiaFlkcNjApCPcNSqOX8PzIN+QKml4+XwL84=
Subject key identifier: 13:6C:C3:54:F0:8E:B6:2C:B2:C5:5B:F0:C4:04:81:D4:3D:2A:DA:E3
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 017B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/E2zDVPCOtiyyxVvwxASB1D0q2uM.roa
Signing time: Fri 22 Mar 2024 07:55:02 +0000
ROA not before: Fri 22 Mar 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 379 (0x17b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 22 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=136CC354F08EB62CB2C55BF0C40481D43D2ADAE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5c:f9:89:1c:9b:91:53:63:af:45:03:4a:fd:
01:f1:1e:16:d0:b5:7f:59:5f:e8:e0:27:f8:93:e7:
5a:92:c3:01:66:28:73:5c:f8:fe:0f:20:7f:0a:5f:
37:8a:0d:04:5d:0c:91:10:91:2e:fa:3d:9c:be:8d:
a9:25:ae:41:5c:3e:91:a1:b7:21:78:7c:6f:34:63:
30:70:79:55:38:bf:d7:f2:4b:58:a4:8c:b1:f0:83:
d4:a2:c0:62:8b:c8:5b:e1:3a:b8:fd:86:4f:31:17:
3b:5d:62:19:4c:1d:64:9c:54:cf:d1:c8:49:aa:d0:
65:97:c1:b4:ce:c6:68:90:0a:64:98:1d:e0:ce:a2:
65:1e:c6:f4:eb:fe:3d:14:21:0e:91:76:03:44:c2:
28:9f:24:87:08:0a:25:22:69:3a:ad:7d:0a:a3:f6:
28:76:29:b1:88:10:e1:db:77:27:66:85:13:70:c4:
bd:a1:58:59:25:66:1f:7b:ab:03:da:93:08:05:02:
c4:c8:dc:15:e8:39:30:c0:bf:7a:cd:1d:81:c6:18:
db:91:ae:0b:21:c6:78:e5:b2:33:c3:2a:97:c7:d6:
3d:20:07:7a:7a:9c:b2:90:86:0e:4b:4e:fa:c5:80:
b1:3b:d9:13:3a:15:6c:a1:56:47:74:75:87:7d:d4:
94:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6C:C3:54:F0:8E:B6:2C:B2:C5:5B:F0:C4:04:81:D4:3D:2A:DA:E3
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/E2zDVPCOtiyyxVvwxASB1D0q2uM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:2c:50:c7:84:3d:bb:12:ed:4e:96:4f:44:05:3e:66:6a:41:
7b:35:4d:c4:c0:93:4f:37:7b:ea:27:51:8a:1a:ac:a0:2c:90:
d6:f8:b6:f2:dc:2c:64:66:f4:6e:a8:b9:2d:28:73:2b:b5:8a:
44:fb:0e:d6:cf:28:13:99:5c:37:6b:64:29:54:ad:24:33:f6:
d7:8e:65:aa:ba:f8:74:c5:b7:48:3a:80:56:47:4b:ba:c3:f7:
f8:59:5f:c8:4a:e0:40:7c:04:27:9a:77:b0:fb:df:4e:65:98:
f9:49:87:c2:a0:c8:5a:39:db:07:9f:c6:7d:c3:1b:f6:7e:4d:
f4:ae:52:c7:46:2c:b6:cf:90:90:8d:e7:2f:74:86:6b:b8:48:
34:17:11:41:cb:8a:0d:ef:28:55:ac:3b:de:1f:b9:57:b8:b9:
ca:86:ba:a0:fa:87:4d:33:37:04:fd:7b:76:f8:2d:fc:4e:39:
ec:2f:40:8b:fd:31:72:7e:b0:cb:cb:a7:3b:bf:ea:6d:84:a7:
15:15:bb:74:22:3b:fe:43:5c:62:0a:7e:f7:e4:e6:00:51:15:
db:f2:d1:7d:fa:96:00:9a:29:72:17:18:52:ac:84:ac:55:47:
e1:7e:ba:20:45:e4:06:6f:93:10:79:76:8d:e9:c4:2c:74:75:
4a:c8:f3:4b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjIw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDEzNkNDMzU0RjA4RUI2
MkNCMkM1NUJGMEM0MDQ4MUQ0M0QyQURBRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaXPmJHJuRU2OvRQNK/QHxHhbQtX9ZX+jgJ/iT51qSwwFmKHNc
+P4PIH8KXzeKDQRdDJEQkS76PZy+jaklrkFcPpGhtyF4fG80YzBweVU4v9fyS1ik
jLHwg9SiwGKLyFvhOrj9hk8xFztdYhlMHWScVM/RyEmq0GWXwbTOxmiQCmSYHeDO
omUexvTr/j0UIQ6RdgNEwiifJIcICiUiaTqtfQqj9ih2KbGIEOHbdydmhRNwxL2h
WFklZh97qwPakwgFAsTI3BXoOTDAv3rNHYHGGNuRrgshxnjlsjPDKpfH1j0gB3p6
nLKQhg5LTvrFgLE72RM6FWyhVkd0dYd91JTjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUE2zDVPCOtiyyxVvwxASB1D0q2uMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0UyekRWUENPdGl5eXhW
dnd4QVNCMUQwcTJ1TS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAC0sUMeEPbsS7U6WT0QFPmZqQXs1TcTAk083
e+onUYoarKAskNb4tvLcLGRm9G6ouS0ocyu1ikT7DtbPKBOZXDdrZClUrSQz9teO
Zaq6+HTFt0g6gFZHS7rD9/hZX8hK4EB8BCead7D7305lmPlJh8KgyFo52wefxn3D
G/Z+TfSuUsdGLLbPkJCN5y90hmu4SDQXEUHLig3vKFWsO94fuVe4ucqGuqD6h00z
NwT9e3b4LfxOOewvQIv9MXJ+sMvLpzu/6m2EpxUVu3QiO/5DXGIKfvfk5gBRFdvy
0X36lgCaKXIXGFKshKxVR+F+uiBF5AZvkxB5do3pxCx0dUrI80s=
-----END CERTIFICATE-----
Generated at Fri Mar 22 16:08:00 2024 by rpki-client on console-ams.rpki-client.org