Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/HLb6IBiU_4wpvR6dHYomEpyWBWw.roa
File: HLb6IBiU_4wpvR6dHYomEpyWBWw.roa (raw, json)
Hash identifier: wL1ZuRG1fb4PZiXyvkwGYxScd5kCZ8ETPHpp3dNboaU=
Subject key identifier: 1C:B6:FA:20:18:94:FF:8C:29:BD:1E:9D:1D:8A:26:12:9C:96:05:6C
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03FD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HLb6IBiU_4wpvR6dHYomEpyWBWw.roa
Signing time: Sat 01 Jun 2024 15:55:03 +0000
ROA not before: Sat 01 Jun 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1021 (0x3fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 1 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1CB6FA201894FF8C29BD1E9D1D8A26129C96056C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:76:c5:e4:51:c8:03:4e:40:c7:a7:5a:2a:91:
b7:59:ad:c9:42:82:62:54:86:2b:66:45:3c:0f:12:
8a:b5:fc:cf:49:a2:74:17:f8:5b:9f:ee:ac:1f:f9:
a9:f8:d6:c0:7a:c2:e4:9b:7f:15:ee:ab:62:1e:a2:
39:67:b1:3f:65:b2:4d:ec:03:07:b2:94:20:61:9b:
ca:e0:8b:69:e7:36:7b:6c:07:98:93:bb:74:49:a2:
fd:00:75:cb:5c:bd:39:7d:9f:fa:82:75:3e:43:d7:
05:c8:73:37:8a:55:ff:15:e6:b1:e5:ca:29:2a:28:
0f:c5:69:d2:25:70:1f:ed:0d:b6:57:99:2c:82:68:
09:59:f0:48:55:1b:69:8f:67:5e:0c:79:d9:c5:f6:
90:a9:8f:f0:2c:ec:63:71:f4:b6:77:4d:27:31:76:
9c:33:8d:67:23:89:77:90:df:fe:f4:c7:b8:7f:9e:
d9:95:33:bb:77:d2:dc:32:2e:53:e7:0a:7d:b9:21:
e2:c3:97:ab:12:0e:27:fe:7c:b6:dd:dd:55:a4:87:
ad:c2:e5:3e:46:9e:a4:4d:bb:e1:ad:78:18:36:28:
04:2c:64:67:14:22:28:f5:57:ad:2e:1f:1a:51:46:
83:c6:68:f3:77:c0:dc:5f:01:4c:89:de:78:75:0c:
56:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B6:FA:20:18:94:FF:8C:29:BD:1E:9D:1D:8A:26:12:9C:96:05:6C
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HLb6IBiU_4wpvR6dHYomEpyWBWw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5f:36:bc:3c:03:79:2a:50:d1:dc:4e:7f:26:c9:3b:ea:be:
2c:be:ea:6e:78:37:6f:db:37:7f:4f:55:5b:f4:58:b9:11:d6:
d6:af:e5:b7:5c:8f:bc:ec:ff:fa:52:ba:c4:d3:1e:88:9f:f7:
fe:35:47:aa:3b:5c:b7:6f:12:51:a4:da:36:88:36:b2:1e:2b:
1e:66:89:6a:9c:fa:52:94:6f:d7:00:80:06:fa:b8:9d:2c:fc:
9a:5b:aa:f1:42:9f:2b:c4:fd:6e:cd:c3:58:e8:9a:24:91:26:
0a:24:56:c6:ce:ef:35:26:89:6c:8b:ce:f7:9a:22:fe:4a:28:
69:fc:f9:db:42:06:d5:f1:8d:b5:a9:f6:6f:d7:8f:99:20:c8:
ed:51:87:d7:c8:08:94:e1:5d:2d:69:ab:44:98:97:38:9e:bb:
ff:60:51:2d:df:3d:6d:c4:7e:c4:da:b6:76:e5:1f:04:65:4b:
a4:23:7a:98:e8:14:8b:b2:c3:e0:d9:2e:83:54:ed:7e:0d:0d:
4f:98:36:f3:ef:69:ee:25:82:a5:20:75:3b:b0:59:da:3f:7f:
45:16:da:26:55:cd:3b:7f:1f:c6:3e:c7:e4:6a:a4:a3:a4:1e:
80:a5:d7:ce:2c:d3:0e:f1:98:e2:d5:4f:97:71:97:09:ef:96:
bb:7c:34:0d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFDQjZGQTIwMTg5NEZG
OEMyOUJEMUU5RDFEOEEyNjEyOUM5NjA1NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRdsXkUcgDTkDHp1oqkbdZrclCgmJUhitmRTwPEoq1/M9JonQX
+Fuf7qwf+an41sB6wuSbfxXuq2IeojlnsT9lsk3sAweylCBhm8rgi2nnNntsB5iT
u3RJov0AdctcvTl9n/qCdT5D1wXIczeKVf8V5rHlyikqKA/FadIlcB/tDbZXmSyC
aAlZ8EhVG2mPZ14MednF9pCpj/As7GNx9LZ3TScxdpwzjWcjiXeQ3/70x7h/ntmV
M7t30twyLlPnCn25IeLDl6sSDif+fLbd3VWkh63C5T5GnqRNu+GteBg2KAQsZGcU
Iij1V60uHxpRRoPGaPN3wNxfAUyJ3nh1DFZZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUHLb6IBiU/4wpvR6dHYomEpyWBWwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0hMYjZJQmlVXzR3cHZS
NmRIWW9tRXB5V0JXdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJ5fNrw8A3kqUNHcTn8myTvqviy+6m54N2/b
N39PVVv0WLkR1tav5bdcj7zs//pSusTTHoif9/41R6o7XLdvElGk2jaINrIeKx5m
iWqc+lKUb9cAgAb6uJ0s/JpbqvFCnyvE/W7Nw1jomiSRJgokVsbO7zUmiWyLzvea
Iv5KKGn8+dtCBtXxjbWp9m/Xj5kgyO1Rh9fICJThXS1pq0SYlzieu/9gUS3fPW3E
fsTatnblHwRlS6QjepjoFIuyw+DZLoNU7X4NDU+YNvPvae4lgqUgdTuwWdo/f0UW
2iZVzTt/H8Y+x+RqpKOkHoCl184s0w7xmOLVT5dxlwnvlrt8NA0=
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:26:12 2024 by rpki-client on console-ams.rpki-client.org