Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/KN6B3-r6SgrbRTPAkvsHnBSxUMU.roa
File: KN6B3-r6SgrbRTPAkvsHnBSxUMU.roa (raw, json)
Hash identifier: GB9PeUPn03xf8WAUBg5V9yFUt4FBuinZkAlhnTfUQA0=
Subject key identifier: 28:DE:81:DF:EA:FA:4A:0A:DB:45:33:C0:92:FB:07:9C:14:B1:50:C5
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01E4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/KN6B3-r6SgrbRTPAkvsHnBSxUMU.roa
Signing time: Tue 02 Apr 2024 23:55:03 +0000
ROA not before: Tue 02 Apr 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 484 (0x1e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 2 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28DE81DFEAFA4A0ADB4533C092FB079C14B150C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1a:00:5a:41:f2:f1:14:0a:6a:4a:90:19:92:
ac:58:be:b6:cb:e9:d2:34:81:b1:2c:84:b9:bf:fa:
91:df:64:6d:ed:3f:67:0e:d3:91:28:ec:c7:ce:83:
69:9a:36:7b:d1:98:16:9f:8d:8c:19:d8:ea:eb:49:
94:01:a7:58:4f:75:66:5e:c0:74:d3:ca:fa:1d:83:
a6:43:19:82:c4:a8:46:fb:dd:34:88:31:de:9d:c4:
1d:47:50:51:5c:3c:69:f0:ca:50:84:a0:cb:83:5b:
e7:4a:96:dd:63:d3:eb:2d:6a:c7:fe:97:56:38:4b:
60:46:33:fa:11:72:8f:bc:18:72:98:1a:3f:b6:ae:
4b:d4:27:57:6e:09:7f:a9:ce:dd:64:30:63:f4:6d:
a3:08:0a:88:16:69:e7:3b:81:a2:d8:d3:44:91:59:
12:a0:54:49:45:f9:a3:a9:51:10:2c:a7:c7:86:a9:
60:ab:58:17:4a:6e:5c:0a:f5:71:8b:51:8d:79:05:
6d:25:95:ad:ab:0e:4a:5c:51:05:06:8f:ab:36:9a:
48:e2:28:10:7f:ad:3d:b1:c9:c3:78:d9:60:7a:64:
7e:97:e6:08:48:75:14:18:fb:97:7f:bc:7b:14:68:
f4:e7:3a:b6:34:f8:d4:b8:a8:a7:32:91:13:77:ae:
47:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DE:81:DF:EA:FA:4A:0A:DB:45:33:C0:92:FB:07:9C:14:B1:50:C5
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/KN6B3-r6SgrbRTPAkvsHnBSxUMU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
42:8e:7c:de:66:47:69:08:f7:de:51:7b:f3:c3:e4:d1:04:b9:
da:a5:60:c8:a4:7c:16:9f:56:85:66:8a:0e:68:52:03:8b:b4:
97:00:fe:2b:1b:36:fc:b5:04:c2:d0:2d:d6:cd:fb:88:e8:28:
fc:f5:3a:b2:1a:c4:dc:c6:1c:5f:0e:1e:3a:79:79:93:a5:de:
c4:db:fb:3b:89:f7:70:a5:09:59:d7:9f:8c:db:c7:ae:3f:3e:
a8:35:b9:7d:d7:26:73:24:67:a8:c9:e7:8d:b6:df:37:1f:cb:
30:73:9c:41:0c:02:b0:42:b4:f4:fd:14:0f:ee:70:09:78:47:
17:67:89:15:6b:f8:8a:fa:58:d2:c9:06:b6:ae:5a:0e:d0:29:
95:b0:b8:d0:00:f2:54:b2:80:c8:11:04:ce:3e:a1:f9:a1:5a:
6b:fa:0b:10:3f:a7:21:02:e4:16:07:e5:06:72:af:70:ce:49:
0b:5b:fd:21:5c:1e:d4:56:df:fd:a2:14:22:f7:ce:82:7b:f4:
ce:f6:d5:96:5c:de:51:87:07:90:28:78:e3:15:67:8b:b5:47:
3e:9e:15:d4:f9:d1:53:13:80:95:15:bd:4b:01:09:a5:da:6b:
45:18:7a:78:5c:7f:b3:d7:0f:c7:da:08:93:0e:80:41:ed:da:
f8:99:7e:19
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAeQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI4REU4MURGRUFGQTRB
MEFEQjQ1MzNDMDkyRkIwNzlDMTRCMTUwQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPGgBaQfLxFApqSpAZkqxYvrbL6dI0gbEshLm/+pHfZG3tP2cO
05Eo7MfOg2maNnvRmBafjYwZ2OrrSZQBp1hPdWZewHTTyvodg6ZDGYLEqEb73TSI
Md6dxB1HUFFcPGnwylCEoMuDW+dKlt1j0+stasf+l1Y4S2BGM/oRco+8GHKYGj+2
rkvUJ1duCX+pzt1kMGP0baMICogWaec7gaLY00SRWRKgVElF+aOpURAsp8eGqWCr
WBdKblwK9XGLUY15BW0lla2rDkpcUQUGj6s2mkjiKBB/rT2xycN42WB6ZH6X5ghI
dRQY+5d/vHsUaPTnOrY0+NS4qKcykRN3rkf3AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUKN6B3+r6SgrbRTPAkvsHnBSxUMUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0tONkIzLXI2U2dyYlJU
UEFrdnNIbkJTeFVNVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEKOfN5mR2kI995Re/PD5NEEudqlYMikfBaf
VoVmig5oUgOLtJcA/isbNvy1BMLQLdbN+4joKPz1OrIaxNzGHF8OHjp5eZOl3sTb
+zuJ93ClCVnXn4zbx64/Pqg1uX3XJnMkZ6jJ54223zcfyzBznEEMArBCtPT9FA/u
cAl4RxdniRVr+Ir6WNLJBrauWg7QKZWwuNAA8lSygMgRBM4+ofmhWmv6CxA/pyEC
5BYH5QZyr3DOSQtb/SFcHtRW3/2iFCL3zoJ79M721ZZc3lGHB5AoeOMVZ4u1Rz6e
FdT50VMTgJUVvUsBCaXaa0UYenhcf7PXD8faCJMOgEHt2viZfhk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org