Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/GJI5CNRgKDUy0_BbYeTHEFMw7mg.roa
File: GJI5CNRgKDUy0_BbYeTHEFMw7mg.roa (raw, json)
Hash identifier: 5xLnV63UefbmMOnFq+LHIVFLWdGzHBlJZrieXkuZzK0=
Subject key identifier: 18:92:39:08:D4:60:28:35:32:D3:F0:5B:61:E4:C7:10:53:30:EE:68
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: C4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/GJI5CNRgKDUy0_BbYeTHEFMw7mg.roa
Signing time: Fri 01 Mar 2024 23:55:03 +0000
ROA not before: Fri 01 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196 (0xc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 1 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18923908D460283532D3F05B61E4C7105330EE68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:d0:d8:1d:bd:a6:90:04:b5:46:50:0a:e3:
db:d1:67:69:f6:c5:1a:4f:e0:9a:1b:5e:71:b6:ed:
a3:ca:08:be:5c:02:8e:31:a7:71:a0:b5:a6:23:c9:
8b:29:0d:69:26:31:78:57:8e:8d:fc:a6:c0:bb:60:
da:a2:d9:46:9f:ff:80:97:60:66:18:f9:5a:61:c5:
cf:90:de:f3:95:fe:ba:a9:87:d1:82:ab:4a:24:83:
fa:b9:c2:5a:82:b2:12:87:c8:8f:83:e2:64:c4:63:
af:09:cf:6e:ed:eb:a5:83:6b:65:69:f3:e7:17:df:
eb:b9:7e:14:07:d1:7c:67:0d:32:53:e1:d4:c4:a1:
76:28:6a:98:a3:3d:ff:6a:82:57:43:2c:d7:d5:cc:
e8:99:46:f7:7b:fe:54:60:6e:eb:b3:7b:ee:bf:37:
c1:22:a1:43:bd:0a:23:be:67:7b:32:4d:89:7d:dc:
6b:6b:b5:c4:be:98:63:71:78:0b:2a:49:ac:e9:62:
54:73:ae:c9:51:2f:9a:56:ef:2b:9d:b2:ab:33:28:
f4:00:60:5f:d6:08:af:44:0a:a0:ce:b1:25:48:ae:
c4:1c:20:b8:73:27:03:16:3b:8d:37:53:fd:6b:00:
b8:ad:70:9c:fa:aa:27:01:b2:ba:4c:c1:52:84:7b:
5a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:92:39:08:D4:60:28:35:32:D3:F0:5B:61:E4:C7:10:53:30:EE:68
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/GJI5CNRgKDUy0_BbYeTHEFMw7mg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b7:bd:9d:1e:0d:83:58:48:77:b6:97:11:39:76:c9:3e:ba:
c3:4b:9a:f6:31:85:69:c2:1b:18:2a:e2:ff:2d:94:f5:b2:3d:
02:d5:3c:8b:68:e8:dc:c5:f2:ad:1e:6d:8f:47:8f:bf:b0:c1:
10:da:63:4b:c1:cb:42:69:60:14:64:c3:60:f2:aa:c8:b0:af:
1a:b7:6f:a8:c5:72:73:35:9e:08:76:05:11:b2:de:73:78:6a:
1d:de:dd:a2:13:05:7d:98:b3:47:d7:8c:ef:d8:9c:69:47:6e:
44:38:bf:0f:4b:f6:96:7d:fa:a6:9b:af:71:1d:54:cb:57:6d:
f4:3c:04:42:06:77:b1:43:aa:2d:31:9b:98:ff:db:16:6f:77:
c8:23:72:4d:f4:15:32:2a:f9:a0:c5:63:5f:c8:59:f2:06:ca:
98:76:fe:42:13:e1:92:a0:61:91:fe:61:b8:00:dd:4f:2e:35:
f6:5e:53:a4:6a:a7:46:6e:ad:e3:35:28:bf:15:41:3e:b3:fa:
6c:57:9f:cc:cd:85:57:13:7c:88:1c:e8:16:62:52:a5:b4:cb:
6b:cf:fe:4f:35:5c:36:10:03:dd:1e:1e:05:61:ee:58:1b:ed:
38:75:cf:03:50:98:8f:ed:8d:7a:d8:d1:c7:c5:7a:ba:36:9f:
14:cd:f6:19
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDEy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDE4OTIzOTA4RDQ2MDI4
MzUzMkQzRjA1QjYxRTRDNzEwNTMzMEVFNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC959DYHb2mkAS1RlAK49vRZ2n2xRpP4JobXnG27aPKCL5cAo4x
p3GgtaYjyYspDWkmMXhXjo38psC7YNqi2Uaf/4CXYGYY+Vphxc+Q3vOV/rqph9GC
q0okg/q5wlqCshKHyI+D4mTEY68Jz27t66WDa2Vp8+cX3+u5fhQH0XxnDTJT4dTE
oXYoapijPf9qgldDLNfVzOiZRvd7/lRgbuuze+6/N8EioUO9CiO+Z3syTYl93Gtr
tcS+mGNxeAsqSazpYlRzrslRL5pW7yudsqszKPQAYF/WCK9ECqDOsSVIrsQcILhz
JwMWO403U/1rALitcJz6qicBsrpMwVKEe1o7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUGJI5CNRgKDUy0/BbYeTHEFMw7mgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0dKSTVDTlJnS0RVeTBf
QmJZZVRIRUZNdzdtZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADK3vZ0eDYNYSHe2lxE5dsk+usNLmvYxhWnC
Gxgq4v8tlPWyPQLVPIto6NzF8q0ebY9Hj7+wwRDaY0vBy0JpYBRkw2Dyqsiwrxq3
b6jFcnM1ngh2BRGy3nN4ah3e3aITBX2Ys0fXjO/YnGlHbkQ4vw9L9pZ9+qabr3Ed
VMtXbfQ8BEIGd7FDqi0xm5j/2xZvd8gjck30FTIq+aDFY1/IWfIGyph2/kIT4ZKg
YZH+YbgA3U8uNfZeU6Rqp0ZureM1KL8VQT6z+mxXn8zNhVcTfIgc6BZiUqW0y2vP
/k81XDYQA90eHgVh7lgb7Th1zwNQmI/tjXrY0cfFero2nxTN9hk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org