Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/LY66Bad-GGWbj4eO0DIC_JBmJy8.roa
File: LY66Bad-GGWbj4eO0DIC_JBmJy8.roa (raw, json)
Hash identifier: /jhUwG1JbBPYHXzUZ0nuU+2SArVp0NTi0+Ocf01eGxI=
Subject key identifier: 2D:8E:BA:05:A7:7E:18:65:9B:8F:87:8E:D0:32:02:FC:90:66:27:2F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: A6
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LY66Bad-GGWbj4eO0DIC_JBmJy8.roa
Signing time: Tue 27 Feb 2024 15:55:03 +0000
ROA not before: Tue 27 Feb 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166 (0xa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 27 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2D8EBA05A77E18659B8F878ED03202FC9066272F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3c:e5:71:96:6a:a5:45:ad:74:04:e0:5e:95:
d7:10:14:ee:8d:0a:31:ca:d0:b6:b9:cb:d3:a8:8f:
b5:80:68:89:66:22:77:77:8a:8a:39:ef:d1:e6:d6:
5a:a3:57:23:63:ba:46:0d:81:db:a4:ce:e0:f5:31:
f9:f1:02:f9:55:3e:2c:e6:98:3d:82:6c:a7:18:74:
ea:a6:47:1e:40:53:3c:af:79:ce:0f:64:03:fa:07:
8b:12:b1:82:23:63:ac:67:00:2b:a4:13:a6:db:f7:
1f:6a:ef:3d:67:1d:3f:d6:ef:d7:27:2c:9d:0b:9b:
dd:39:a3:91:b7:c2:fd:3d:75:5d:26:c2:fd:73:b9:
84:5a:3f:2d:4f:d4:53:37:41:8d:e6:da:04:7d:37:
c9:87:45:2d:2b:0a:62:19:74:ee:d8:3a:91:7e:78:
7e:07:f0:0c:b4:7c:12:b7:0b:b6:13:3b:2e:e0:f0:
38:78:2f:a9:96:78:ba:7c:07:9c:83:c0:44:be:49:
54:e6:d2:28:3a:7c:fe:d1:c6:9e:8d:04:b6:6f:96:
a4:82:fd:12:7b:e6:76:b0:df:89:77:50:98:49:c3:
11:6f:bd:56:e5:0b:43:e8:d3:7c:96:f4:8c:69:43:
86:22:69:b9:4a:76:2b:d1:4a:11:d9:0d:cc:27:76:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8E:BA:05:A7:7E:18:65:9B:8F:87:8E:D0:32:02:FC:90:66:27:2F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/LY66Bad-GGWbj4eO0DIC_JBmJy8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:09:33:80:1b:6b:10:94:dd:9b:ca:1b:00:bd:df:cd:ca:7d:
dd:6e:90:2c:e2:5b:18:1a:30:86:0e:22:6c:87:08:29:45:97:
86:45:04:0c:f6:67:d6:9c:08:87:5c:00:11:cb:53:c8:4a:3f:
ed:b8:4e:24:10:80:97:c2:46:c0:38:e3:56:43:63:91:54:a4:
b0:86:d6:24:a2:1a:65:db:9e:6f:b3:32:93:70:1e:76:58:9e:
69:c1:57:79:8f:ce:64:e0:8f:ed:cf:4a:18:2a:39:d8:71:ba:
5c:6a:29:54:99:d5:54:45:22:21:df:5a:fa:36:fd:ac:89:5c:
44:14:73:c2:80:6b:b1:23:b3:b9:43:47:cb:8a:c8:bf:59:3b:
bb:77:eb:27:4a:01:a8:02:ab:85:d4:f3:03:fb:43:37:fa:ed:
28:a2:3f:b4:7e:8d:2d:4a:72:24:ce:97:51:99:1a:2c:af:9a:
28:3f:37:6b:b7:09:c3:6e:a1:7a:c4:c7:d3:89:48:6b:86:a9:
8a:8b:9c:10:e3:77:ab:d4:d7:08:a6:5d:d0:99:b4:05:8d:1a:
5e:e8:27:41:d9:bd:9a:12:0e:92:8a:be:d4:e2:76:0c:99:7d:
57:8e:2a:bc:67:32:15:12:0b:d4:1d:1b:59:68:9e:1a:97:60:
c6:05:dd:7e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAyMjcx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJEOEVCQTA1QTc3RTE4
NjU5QjhGODc4RUQwMzIwMkZDOTA2NjI3MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqPOVxlmqlRa10BOBeldcQFO6NCjHK0La5y9Ooj7WAaIlmInd3
ioo579Hm1lqjVyNjukYNgdukzuD1MfnxAvlVPizmmD2CbKcYdOqmRx5AUzyvec4P
ZAP6B4sSsYIjY6xnACukE6bb9x9q7z1nHT/W79cnLJ0Lm905o5G3wv09dV0mwv1z
uYRaPy1P1FM3QY3m2gR9N8mHRS0rCmIZdO7YOpF+eH4H8Ay0fBK3C7YTOy7g8Dh4
L6mWeLp8B5yDwES+SVTm0ig6fP7Rxp6NBLZvlqSC/RJ75naw34l3UJhJwxFvvVbl
C0Po03yW9IxpQ4YiablKdivRShHZDcwndiohAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQULY66Bad+GGWbj4eO0DIC/JBmJy8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0xZNjZCYWQtR0dXYmo0
ZU8wRElDX0pCbUp5OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAE0JM4AbaxCU3ZvKGwC9383Kfd1ukCziWxga
MIYOImyHCClFl4ZFBAz2Z9acCIdcABHLU8hKP+24TiQQgJfCRsA441ZDY5FUpLCG
1iSiGmXbnm+zMpNwHnZYnmnBV3mPzmTgj+3PShgqOdhxulxqKVSZ1VRFIiHfWvo2
/ayJXEQUc8KAa7Ejs7lDR8uKyL9ZO7t36ydKAagCq4XU8wP7Qzf67SiiP7R+jS1K
ciTOl1GZGiyvmig/N2u3CcNuoXrEx9OJSGuGqYqLnBDjd6vU1wimXdCZtAWNGl7o
J0HZvZoSDpKKvtTidgyZfVeOKrxnMhUSC9QdG1lonhqXYMYF3X4=
-----END CERTIFICATE-----
Generated at Wed Feb 28 01:00:56 2024 by rpki-client on console-ams.rpki-client.org