Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Ktqs5pQnmHPBiEk_igoUtWJzAIo.roa
File: Ktqs5pQnmHPBiEk_igoUtWJzAIo.roa (raw, json)
Hash identifier: Q5sb+s2K7ucq2sz3XhGDSurEDd4ILqJKwLREaTQhTYs=
Subject key identifier: 2A:DA:AC:E6:94:27:98:73:C1:88:49:3F:8A:0A:14:B5:62:73:00:8A
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03F1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Ktqs5pQnmHPBiEk_igoUtWJzAIo.roa
Signing time: Fri 31 May 2024 07:55:03 +0000
ROA not before: Fri 31 May 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1009 (0x3f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 31 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ADAACE694279873C188493F8A0A14B56273008A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6a:e2:ca:68:5a:83:ea:0f:c9:00:73:aa:54:
02:a2:ec:4e:91:0d:1f:f8:43:33:f1:3a:68:bb:62:
e1:49:f8:77:90:f5:b8:80:42:68:aa:15:0a:7b:5a:
00:7d:25:ea:69:77:82:df:e8:1b:66:10:01:31:b8:
4b:56:99:93:70:fd:6d:5e:a1:5c:13:73:22:85:66:
cc:fc:c1:8d:f5:db:da:67:32:2c:1b:69:52:23:fd:
5e:3f:c6:1b:05:a6:19:ce:06:e2:13:56:f4:0f:b7:
e6:0b:b3:e7:98:e0:59:00:5e:16:8e:b1:69:e9:46:
76:06:ef:97:59:38:cb:e4:c3:15:e2:0e:5d:99:b5:
63:8e:ab:16:83:f5:ed:5d:95:ec:54:2a:b5:b0:bd:
cd:7f:f5:b4:f3:14:98:09:ca:05:ab:53:64:fd:f0:
74:9b:74:b8:62:33:31:7f:56:2b:d4:0d:71:30:05:
ed:9f:7e:7a:64:6d:0b:c0:3c:5a:78:aa:39:39:1f:
90:4c:a7:94:ee:d5:2a:07:df:1c:39:10:3d:3d:eb:
3d:80:e5:2f:b1:4d:ad:05:7f:e2:a9:5f:86:2b:01:
8d:e3:be:38:1c:2a:b3:4d:4a:57:5e:fe:30:a3:8f:
10:23:f1:98:7e:20:60:17:b9:e4:6d:0f:45:15:20:
2d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DA:AC:E6:94:27:98:73:C1:88:49:3F:8A:0A:14:B5:62:73:00:8A
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Ktqs5pQnmHPBiEk_igoUtWJzAIo.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:62:9a:4e:0e:fd:50:77:09:3b:e7:17:56:0c:ad:f5:99:47:
1d:68:ee:28:fc:1a:12:2e:01:af:80:f5:df:06:8f:5b:6b:f6:
00:c7:9f:0f:af:01:3e:ed:fc:a0:3d:96:1f:e6:c5:9c:14:e7:
85:9e:cd:cc:59:1b:db:5c:39:32:22:dd:ea:53:5e:81:4f:c8:
15:6e:b6:b6:43:e1:f9:a9:88:64:0d:95:5a:ee:d7:4b:a7:6e:
3b:8f:35:5b:66:d2:f9:74:4e:6c:04:b8:41:e2:25:1b:d7:c5:
e5:f5:e4:94:9d:88:cd:77:89:64:8a:92:c9:0c:2b:bd:39:64:
da:ab:03:60:92:48:6f:79:c1:82:9c:17:1d:70:d5:b5:1b:23:
a9:06:39:bc:1d:d6:32:f7:08:8d:b3:e9:02:bb:ce:0d:11:39:
64:8a:f4:38:21:4e:c0:0e:86:4d:1b:dd:f2:cc:b9:64:fc:d0:
81:9d:70:5b:a1:57:22:a4:a1:e5:00:df:6a:8b:73:ae:8d:be:
3f:d0:9a:ca:42:b9:d4:43:7d:0f:65:5e:50:dd:fc:f8:2d:97:
36:d8:e8:a1:67:36:84:4c:58:f3:cb:bc:50:2d:6b:60:27:99:
72:b6:48:b3:65:01:f5:83:bd:1f:df:da:b0:44:49:f5:c2:82:
39:bc:04:69
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MzEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJBREFBQ0U2OTQyNzk4
NzNDMTg4NDkzRjhBMEExNEI1NjI3MzAwOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRauLKaFqD6g/JAHOqVAKi7E6RDR/4QzPxOmi7YuFJ+HeQ9biA
QmiqFQp7WgB9Jeppd4Lf6BtmEAExuEtWmZNw/W1eoVwTcyKFZsz8wY3129pnMiwb
aVIj/V4/xhsFphnOBuITVvQPt+YLs+eY4FkAXhaOsWnpRnYG75dZOMvkwxXiDl2Z
tWOOqxaD9e1dlexUKrWwvc1/9bTzFJgJygWrU2T98HSbdLhiMzF/VivUDXEwBe2f
fnpkbQvAPFp4qjk5H5BMp5Tu1SoH3xw5ED096z2A5S+xTa0Ff+KpX4YrAY3jvjgc
KrNNSlde/jCjjxAj8Zh+IGAXueRtD0UVIC2FAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUKtqs5pQnmHPBiEk/igoUtWJzAIowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0t0cXM1cFFubUhQQmlF
a19pZ29VdFdKekFJby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAK1imk4O/VB3CTvnF1YMrfWZRx1o7ij8GhIu
Aa+A9d8Gj1tr9gDHnw+vAT7t/KA9lh/mxZwU54WezcxZG9tcOTIi3epTXoFPyBVu
trZD4fmpiGQNlVru10unbjuPNVtm0vl0TmwEuEHiJRvXxeX15JSdiM13iWSKkskM
K705ZNqrA2CSSG95wYKcFx1w1bUbI6kGObwd1jL3CI2z6QK7zg0ROWSK9DghTsAO
hk0b3fLMuWT80IGdcFuhVyKkoeUA32qLc66Nvj/QmspCudRDfQ9lXlDd/PgtlzbY
6KFnNoRMWPPLvFAta2AnmXK2SLNlAfWDvR/f2rBESfXCgjm8BGk=
-----END CERTIFICATE-----
Generated at Fri May 31 15:43:27 2024 by rpki-client on console-ams.rpki-client.org