Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/IfYuXeOFWKrEuN5nB5YCoIH3c4o.roa
File: IfYuXeOFWKrEuN5nB5YCoIH3c4o.roa (raw, json)
Hash identifier: yNMRC3/rMrt+Y6l8nXnCTw8cwhjhZUraRq2JLUpFokM=
Subject key identifier: 21:F6:2E:5D:E3:85:58:AA:C4:B8:DE:67:07:96:02:A0:81:F7:73:8A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 02EC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/IfYuXeOFWKrEuN5nB5YCoIH3c4o.roa
Signing time: Thu 02 May 2024 07:55:03 +0000
ROA not before: Thu 02 May 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 748 (0x2ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 2 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21F62E5DE38558AAC4B8DE67079602A081F7738A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3a:26:71:a7:81:22:ef:3f:26:52:3a:4e:7c:
57:c4:19:14:ff:6f:76:d7:ef:48:65:a3:c2:c3:40:
e7:61:cc:f1:ea:9d:d1:be:17:88:b8:95:10:fb:c0:
59:ef:bd:04:de:86:61:0a:c5:2a:d3:ae:33:30:66:
24:7d:b7:28:f9:3e:4f:29:0e:47:4e:e1:29:cd:a0:
cc:02:75:9a:85:50:ee:f9:4d:9f:e4:30:14:94:80:
0b:96:f8:eb:3c:5f:75:a8:2c:76:01:31:5e:cd:fd:
26:f9:41:cd:5a:ad:47:17:f4:d1:8f:a0:24:f5:df:
19:bb:e5:88:14:b2:c7:b1:29:d3:a9:a2:8b:3c:bf:
d4:6a:b7:43:27:b8:09:27:a2:54:20:51:23:ec:77:
a6:cc:51:cc:25:79:9e:f1:f2:5e:0a:68:e4:8d:57:
5a:0e:e7:dd:06:cc:7a:3c:d6:16:8f:a1:5e:75:ac:
d4:e2:ce:85:5c:d6:27:46:9e:08:95:a0:79:8c:66:
b3:1f:82:14:72:9f:ab:52:34:32:44:87:08:7a:d9:
72:e2:8e:2f:fe:2f:56:92:a8:a4:83:df:4f:24:ea:
40:06:88:6f:7c:5a:a2:5f:ef:4c:06:b9:84:34:e3:
0c:2b:49:e1:73:46:e1:fe:69:bc:b4:3d:c4:c5:d4:
90:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F6:2E:5D:E3:85:58:AA:C4:B8:DE:67:07:96:02:A0:81:F7:73:8A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/IfYuXeOFWKrEuN5nB5YCoIH3c4o.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6a:cc:e4:82:a6:c6:3f:4c:1b:a1:3c:e7:bf:0c:50:d3:43:
4e:42:db:42:30:83:a9:45:98:cf:86:86:55:37:08:00:a5:cf:
45:b0:47:0a:2a:73:88:d8:b1:98:ca:dd:c0:82:99:e8:0a:1c:
ee:47:b4:aa:48:74:c7:3f:ec:b3:61:82:ce:ad:9e:44:81:ab:
96:23:90:84:ed:c7:51:6f:68:24:e2:f7:d1:b9:84:3c:8b:dd:
7c:8a:1d:c2:50:2a:68:73:99:27:ea:83:3b:ae:d2:20:84:85:
07:81:a7:e1:2e:d1:02:1f:1d:3f:0a:a6:75:e3:f4:ba:32:be:
af:30:48:5f:20:00:27:c5:bf:5d:02:e8:22:c3:ca:bc:b1:f7:
11:86:87:4d:e1:85:c7:55:d6:79:bf:46:19:46:d8:c5:90:8d:
dc:d2:6c:83:fa:c5:4f:20:10:2b:16:18:d8:2b:ae:34:31:16:
fd:46:9c:40:9a:ce:57:9d:c4:2e:d2:3e:96:b6:5a:a8:c3:c9:
25:35:05:0e:f1:96:ad:82:8f:13:24:d9:b0:f9:04:ca:69:51:
79:6f:fd:1c:07:86:de:9f:7d:7a:c1:53:91:59:04:a1:07:4d:
eb:77:c5:2c:06:0a:87:25:81:f9:e5:3c:94:ba:b3:f6:97:1f:
b5:75:6d:8c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAuwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDIw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIxRjYyRTVERTM4NTU4
QUFDNEI4REU2NzA3OTYwMkEwODFGNzczOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJOiZxp4Ei7z8mUjpOfFfEGRT/b3bX70hlo8LDQOdhzPHqndG+
F4i4lRD7wFnvvQTehmEKxSrTrjMwZiR9tyj5Pk8pDkdO4SnNoMwCdZqFUO75TZ/k
MBSUgAuW+Os8X3WoLHYBMV7N/Sb5Qc1arUcX9NGPoCT13xm75YgUssexKdOpoos8
v9Rqt0MnuAknolQgUSPsd6bMUcwleZ7x8l4KaOSNV1oO590GzHo81haPoV51rNTi
zoVc1idGngiVoHmMZrMfghRyn6tSNDJEhwh62XLiji/+L1aSqKSD308k6kAGiG98
WqJf70wGuYQ04wwrSeFzRuH+aby0PcTF1JAHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUIfYuXeOFWKrEuN5nB5YCoIH3c4owHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0lmWXVYZU9GV0tyRXVO
NW5CNVlDb0lIM2M0by5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD1qzOSCpsY/TBuhPOe/DFDTQ05C20Iwg6lF
mM+GhlU3CAClz0WwRwoqc4jYsZjK3cCCmegKHO5HtKpIdMc/7LNhgs6tnkSBq5Yj
kITtx1FvaCTi99G5hDyL3XyKHcJQKmhzmSfqgzuu0iCEhQeBp+Eu0QIfHT8KpnXj
9Loyvq8wSF8gACfFv10C6CLDyryx9xGGh03hhcdV1nm/RhlG2MWQjdzSbIP6xU8g
ECsWGNgrrjQxFv1GnECazledxC7SPpa2WqjDySU1BQ7xlq2CjxMk2bD5BMppUXlv
/RwHht6ffXrBU5FZBKEHTet3xSwGCoclgfnlPJS6s/aXH7V1bYw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org