Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/HU5SLcDiRDlRySpimyE640gHS5g.roa
File: HU5SLcDiRDlRySpimyE640gHS5g.roa (raw, json)
Hash identifier: XlQ+VytFnRL35mcoFc3wT+tuIa9heHlLJBbdI1tUe1E=
Subject key identifier: 1D:4E:52:2D:C0:E2:44:39:51:C9:2A:62:9B:21:3A:E3:48:07:4B:98
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03F4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HU5SLcDiRDlRySpimyE640gHS5g.roa
Signing time: Fri 31 May 2024 15:55:03 +0000
ROA not before: Fri 31 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1012 (0x3f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 31 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1D4E522DC0E2443951C92A629B213AE348074B98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:0c:68:72:16:27:86:2f:63:cf:80:d8:68:
dc:41:7d:1b:da:42:7d:32:fa:c9:f1:6e:3f:92:29:
b0:bc:a3:08:b1:1e:67:83:3f:a8:e7:cc:94:d1:20:
5a:c9:cb:33:41:b1:c3:6e:05:4f:e5:99:35:84:68:
56:8a:2f:9b:e5:ed:2f:7e:38:84:5b:ea:a2:76:6b:
2e:2d:50:e3:7b:74:6a:98:97:df:60:82:7b:db:9a:
4c:9e:60:ed:ff:72:c1:ad:91:d4:d1:0f:3e:5b:1c:
fb:37:46:35:41:5e:99:73:7c:c8:18:96:9c:dd:55:
4b:5c:c8:60:ff:43:90:ee:96:86:8a:eb:0f:5a:4e:
7e:f5:95:16:94:97:98:5f:e4:b4:4d:1d:98:f5:a2:
d7:03:92:8f:46:b6:d1:4c:78:fb:92:7a:a0:0e:ab:
2d:91:88:ed:c0:20:c8:7c:8e:ff:92:36:2f:8c:41:
d7:87:2e:ff:04:27:f9:9d:7a:ec:42:01:52:9e:3b:
b0:d1:73:aa:16:ef:fc:0e:ac:85:8d:0b:d2:a8:74:
99:50:26:73:40:6f:a8:2b:ea:35:4b:d0:4d:df:18:
c7:6e:4d:79:45:1f:d4:1c:b3:af:49:f5:99:e8:ff:
7c:4f:39:86:0c:40:b7:93:41:be:66:6d:35:07:25:
cf:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4E:52:2D:C0:E2:44:39:51:C9:2A:62:9B:21:3A:E3:48:07:4B:98
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/HU5SLcDiRDlRySpimyE640gHS5g.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:0c:c7:fa:34:b6:89:46:e8:eb:c9:c1:a9:02:9b:a7:ea:65:
c2:c3:53:32:e0:91:42:4e:5d:49:57:c1:62:7f:00:95:38:c0:
c8:26:30:2c:15:31:ec:94:08:8c:a8:47:b4:8a:bc:f9:4b:a8:
ff:88:cc:41:d2:c2:58:01:ca:03:70:83:3d:4f:5e:f4:90:f2:
bc:c1:dd:85:d0:cd:a3:92:0d:68:d2:f0:05:22:43:27:8e:80:
f8:b4:74:2d:ee:22:63:0f:a6:e5:73:fd:9d:14:4a:fe:77:1d:
46:9b:0c:99:42:56:70:b9:35:ff:a6:98:3b:54:32:83:8e:fc:
f6:c4:6c:d2:03:17:f4:6d:97:28:57:83:86:a4:5d:45:5f:d8:
17:03:27:25:a7:2a:8a:ff:ff:0f:d7:f1:2c:f7:b7:f8:b6:47:
0c:ca:47:af:f3:d4:e1:23:dd:2d:0b:52:19:91:2d:50:bd:b3:
12:34:48:79:73:76:22:65:56:0b:a5:15:7c:51:de:6a:09:fd:
45:5c:8e:43:5a:10:30:e5:c0:b8:16:f0:2b:fe:9a:e5:80:e2:
a8:b0:9c:9b:0b:23:fc:7d:ee:ee:5f:df:0d:22:3b:65:65:c1:
f7:8b:1e:27:5f:37:b3:54:5c:ce:ca:51:51:76:14:8f:16:3f:
6e:de:4a:01
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MzEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFENEU1MjJEQzBFMjQ0
Mzk1MUM5MkE2MjlCMjEzQUUzNDgwNzRCOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNPAxochYnhi9jz4DYaNxBfRvaQn0y+snxbj+SKbC8owixHmeD
P6jnzJTRIFrJyzNBscNuBU/lmTWEaFaKL5vl7S9+OIRb6qJ2ay4tUON7dGqYl99g
gnvbmkyeYO3/csGtkdTRDz5bHPs3RjVBXplzfMgYlpzdVUtcyGD/Q5DuloaK6w9a
Tn71lRaUl5hf5LRNHZj1otcDko9GttFMePuSeqAOqy2RiO3AIMh8jv+SNi+MQdeH
Lv8EJ/mdeuxCAVKeO7DRc6oW7/wOrIWNC9KodJlQJnNAb6gr6jVL0E3fGMduTXlF
H9Qcs69J9Zno/3xPOYYMQLeTQb5mbTUHJc/NAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUHU5SLcDiRDlRySpimyE640gHS5gwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0hVNVNMY0RpUkRsUnlT
cGlteUU2NDBnSFM1Zy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAK4Mx/o0tolG6OvJwakCm6fqZcLDUzLgkUJO
XUlXwWJ/AJU4wMgmMCwVMeyUCIyoR7SKvPlLqP+IzEHSwlgBygNwgz1PXvSQ8rzB
3YXQzaOSDWjS8AUiQyeOgPi0dC3uImMPpuVz/Z0USv53HUabDJlCVnC5Nf+mmDtU
MoOO/PbEbNIDF/RtlyhXg4akXUVf2BcDJyWnKor//w/X8Sz3t/i2RwzKR6/z1OEj
3S0LUhmRLVC9sxI0SHlzdiJlVgulFXxR3moJ/UVcjkNaEDDlwLgW8Cv+muWA4qiw
nJsLI/x97u5f3w0iO2VlwfeLHidfN7NUXM7KUVF2FI8WP27eSgE=
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:49:58 2024 by rpki-client on console-ams.rpki-client.org