Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Lf9aAcHGPNWNSkD3dX2fermt1nc.roa
File: Lf9aAcHGPNWNSkD3dX2fermt1nc.roa (raw, json)
Hash identifier: CjSQW88UJ1YsgbQUOQxM1cbfTQZxf1ppqmWXtlXNomg=
Subject key identifier: 2D:FF:5A:01:C1:C6:3C:D5:8D:4A:40:F7:75:7D:9F:7A:B9:AD:D6:77
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: F1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Lf9aAcHGPNWNSkD3dX2fermt1nc.roa
Signing time: Wed 06 Mar 2024 23:55:03 +0000
ROA not before: Wed 06 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241 (0xf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 6 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2DFF5A01C1C63CD58D4A40F7757D9F7AB9ADD677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:1e:e4:dc:62:c5:66:07:b1:6c:38:c8:4c:
d2:e6:39:35:a4:27:21:b1:28:22:5d:c3:4f:9d:22:
e1:94:fa:f1:44:a6:3e:d0:92:e3:aa:03:17:6d:35:
19:45:79:4c:6c:03:71:30:b1:d8:82:16:f2:e5:61:
70:c8:8a:83:ea:ce:f6:9e:96:b5:7d:51:33:18:6f:
39:ff:93:a9:40:43:a1:d0:61:3d:2a:1d:8a:47:89:
13:72:18:b6:ea:12:ba:8a:8a:c2:7c:8b:17:76:b4:
78:5e:39:07:c8:47:9c:77:ed:aa:15:c6:58:44:be:
75:d2:b7:d1:11:f5:d6:6f:d3:ed:5b:30:46:86:6b:
15:b3:10:af:f0:d2:e4:24:03:4e:6b:24:75:b8:15:
99:e2:6e:50:f1:50:13:f1:bf:90:0a:6b:5f:71:87:
c5:96:5d:22:6f:68:e7:c8:d6:2c:4c:08:36:6f:d8:
ac:e2:cb:3a:08:cd:7e:93:ba:10:10:0c:8a:45:fb:
6e:99:59:94:71:90:2a:e9:b7:40:61:44:4b:fb:70:
33:68:5d:9b:b1:e2:b6:5f:a0:d0:3a:93:56:f6:5f:
53:f4:7d:43:1d:02:f0:3b:f0:3a:b3:5c:7f:6a:d4:
9f:7b:a3:c3:69:70:ed:5c:8c:a3:e6:d8:ed:08:7e:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FF:5A:01:C1:C6:3C:D5:8D:4A:40:F7:75:7D:9F:7A:B9:AD:D6:77
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Lf9aAcHGPNWNSkD3dX2fermt1nc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:a4:4d:13:a0:9f:93:b2:59:be:f7:62:10:92:e8:03:31:a1:
60:eb:97:51:0f:2f:39:32:a7:a0:7a:98:12:e1:63:6b:3c:cc:
14:3b:3f:99:ad:25:16:99:7c:5e:37:c1:97:22:a6:fb:be:b1:
11:4c:5a:d0:70:0c:26:0b:ed:f7:d4:c7:0a:c9:63:19:ae:eb:
9a:69:a0:02:67:62:a9:2f:d4:76:a8:a7:50:f3:df:d2:87:b5:
d2:e4:67:53:58:ba:e6:7e:ff:e2:65:2e:c5:81:81:ba:44:c7:
9d:60:93:f7:bd:c4:fc:62:6f:07:cc:a6:2d:87:79:0d:e2:14:
0e:b3:a0:74:ca:45:25:a9:ab:05:2d:7a:16:05:78:f9:c8:d8:
64:ee:82:ed:5e:0b:3c:7e:69:d0:5c:fd:0f:c9:09:c2:98:a4:
89:22:a6:95:be:f3:72:b3:ba:cf:e2:6d:fa:86:e7:ab:9c:3e:
23:e8:56:34:49:15:70:9b:5f:18:d8:84:cc:f4:1a:88:70:42:
8c:16:e2:a9:a6:85:d5:23:01:8a:00:ee:53:c8:b9:42:2e:0d:
2a:45:d5:95:9e:e2:f6:e8:b4:0f:49:9e:5a:fa:d9:89:43:4f:
df:70:4b:56:c7:37:68:72:87:37:ce:0e:71:ce:25:d7:17:c0:
6c:00:2b:cc
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDYy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJERkY1QTAxQzFDNjND
RDU4RDRBNDBGNzc1N0Q5RjdBQjlBREQ2NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaex7k3GLFZgexbDjITNLmOTWkJyGxKCJdw0+dIuGU+vFEpj7Q
kuOqAxdtNRlFeUxsA3EwsdiCFvLlYXDIioPqzvaelrV9UTMYbzn/k6lAQ6HQYT0q
HYpHiRNyGLbqErqKisJ8ixd2tHheOQfIR5x37aoVxlhEvnXSt9ER9dZv0+1bMEaG
axWzEK/w0uQkA05rJHW4FZniblDxUBPxv5AKa19xh8WWXSJvaOfI1ixMCDZv2Kzi
yzoIzX6TuhAQDIpF+26ZWZRxkCrpt0BhREv7cDNoXZux4rZfoNA6k1b2X1P0fUMd
AvA78DqzXH9q1J97o8NpcO1cjKPm2O0IfjWrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQULf9aAcHGPNWNSkD3dX2fermt1ncwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0xmOWFBY0hHUE5XTlNr
RDNkWDJmZXJtdDFuYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD6kTROgn5OyWb73YhCS6AMxoWDrl1EPLzky
p6B6mBLhY2s8zBQ7P5mtJRaZfF43wZcipvu+sRFMWtBwDCYL7ffUxwrJYxmu65pp
oAJnYqkv1Haop1Dz39KHtdLkZ1NYuuZ+/+JlLsWBgbpEx51gk/e9xPxibwfMpi2H
eQ3iFA6zoHTKRSWpqwUtehYFePnI2GTugu1eCzx+adBc/Q/JCcKYpIkippW+83Kz
us/ibfqG56ucPiPoVjRJFXCbXxjYhMz0GohwQowW4qmmhdUjAYoA7lPIuUIuDSpF
1ZWe4vbotA9Jnlr62YlDT99wS1bHN2hyhzfODnHOJdcXwGwAK8w=
-----END CERTIFICATE-----
Generated at Thu Mar 7 04:52:00 2024 by rpki-client on console-ams.rpki-client.org