Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/MBfpjsrOaaDJQAUjlrpjz-U4PSI.roa
File: MBfpjsrOaaDJQAUjlrpjz-U4PSI.roa (raw, json)
Hash identifier: 0N/0wZ0vN5DVshTzvnk1v+JII/2I6DBnmp08vkVvrvU=
Subject key identifier: 30:17:E9:8E:CA:CE:69:A0:C9:40:05:23:96:BA:63:CF:E5:38:3D:22
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 06CA
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MBfpjsrOaaDJQAUjlrpjz-U4PSI.roa
Signing time: Tue 20 Aug 2024 07:55:04 +0000
ROA not before: Tue 20 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1738 (0x6ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 20 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3017E98ECACE69A0C940052396BA63CFE5383D22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:76:95:56:7c:fe:72:c0:95:e9:a9:b5:ff:
40:60:e9:d2:71:ae:0a:63:84:7d:df:9c:08:c5:f6:
de:fe:7f:d7:59:f8:7d:ec:a7:5b:a6:84:0f:f4:0c:
d1:98:15:3d:1c:10:8f:6f:ca:3b:d7:72:fb:fa:36:
40:86:3d:74:54:e1:38:b4:2d:6a:83:6f:a0:fb:16:
ba:84:88:51:3e:b6:3e:6c:81:eb:b8:9b:9e:7f:8c:
2c:ef:09:85:d8:33:44:46:31:21:2d:33:ae:9e:a9:
54:1b:30:45:5d:bd:0d:dc:e3:cc:56:16:da:a8:0d:
86:db:94:84:d5:1f:a3:b3:b2:33:b0:87:d0:1f:2f:
0d:12:d3:80:30:23:5c:db:01:c6:26:75:63:db:e3:
ba:11:4b:a5:bd:8a:9b:96:4a:d9:05:7b:43:e5:93:
b7:76:16:c6:40:eb:22:f5:41:eb:be:a2:84:fa:36:
f3:b9:76:01:86:e4:71:c9:96:c5:31:93:55:8c:79:
2d:67:b9:43:ab:61:25:f6:ec:8f:96:b9:0a:39:91:
51:96:03:b9:62:19:b3:32:ef:67:e9:50:31:a3:53:
b4:78:ff:12:2c:e7:16:76:48:86:26:dd:3a:d2:09:
31:d4:c5:e7:e2:74:49:bf:ea:f1:e4:2e:fe:b5:79:
63:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:17:E9:8E:CA:CE:69:A0:C9:40:05:23:96:BA:63:CF:E5:38:3D:22
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MBfpjsrOaaDJQAUjlrpjz-U4PSI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:8e:40:89:32:cf:6e:c4:ba:f0:b8:b6:67:98:0a:82:42:4c:
d2:65:60:66:c0:6d:77:df:0b:4a:0f:58:f2:95:e8:ac:4d:23:
41:fa:9a:b6:60:3c:58:e5:06:15:d0:4a:04:f3:b1:bd:e8:1a:
23:1d:9b:99:c4:6a:6c:bb:db:13:7f:2e:69:d9:60:2b:a9:aa:
df:45:24:7f:8d:35:f9:51:29:d1:97:3f:81:14:88:16:2a:b3:
60:06:5c:38:66:09:42:b5:39:26:ec:fe:82:5b:0b:4e:1d:9c:
97:17:96:d3:62:e2:09:6e:23:93:6a:95:ef:1b:2b:e6:2e:ba:
0d:ed:aa:67:ce:5b:47:3d:fd:a4:0a:eb:a2:f5:71:d1:80:09:
86:ae:34:35:ee:14:7f:ea:51:f6:e6:75:de:0b:a1:c5:20:14:
1d:be:5b:03:5f:68:ac:d1:8d:d4:5b:cd:0a:ab:18:c3:85:7f:
64:fd:c5:2b:25:0d:1d:d7:9b:0f:e5:30:8a:3e:6e:8f:ae:7e:
e7:8e:5e:ed:ae:48:e8:90:5e:d5:c1:df:ad:19:47:70:f1:de:
47:d5:9e:02:c9:56:c5:a4:68:6b:22:e3:c1:4a:a0:b1:26:b9:
2c:be:dd:8c:27:f8:84:ad:0e:34:b0:95:7f:ae:0e:eb:2a:0f:
49:ff:98:10
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjAw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDMwMTdFOThFQ0FDRTY5
QTBDOTQwMDUyMzk2QkE2M0NGRTUzODNEMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC71HaVVnz+csCV6am1/0Bg6dJxrgpjhH3fnAjF9t7+f9dZ+H3s
p1umhA/0DNGYFT0cEI9vyjvXcvv6NkCGPXRU4Ti0LWqDb6D7FrqEiFE+tj5sgeu4
m55/jCzvCYXYM0RGMSEtM66eqVQbMEVdvQ3c48xWFtqoDYbblITVH6OzsjOwh9Af
Lw0S04AwI1zbAcYmdWPb47oRS6W9ipuWStkFe0Plk7d2FsZA6yL1Qeu+ooT6NvO5
dgGG5HHJlsUxk1WMeS1nuUOrYSX27I+WuQo5kVGWA7liGbMy72fpUDGjU7R4/xIs
5xZ2SIYm3TrSCTHUxefidEm/6vHkLv61eWNZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUMBfpjsrOaaDJQAUjlrpjz+U4PSIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL01CZnBqc3JPYWFESlFB
VWpscnBqei1VNFBTSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJ6OQIkyz27EuvC4tmeYCoJCTNJlYGbAbXff
C0oPWPKV6KxNI0H6mrZgPFjlBhXQSgTzsb3oGiMdm5nEamy72xN/LmnZYCupqt9F
JH+NNflRKdGXP4EUiBYqs2AGXDhmCUK1OSbs/oJbC04dnJcXltNi4gluI5Nqle8b
K+Yuug3tqmfOW0c9/aQK66L1cdGACYauNDXuFH/qUfbmdd4LocUgFB2+WwNfaKzR
jdRbzQqrGMOFf2T9xSslDR3Xmw/lMIo+bo+ufueOXu2uSOiQXtXB360ZR3Dx3kfV
ngLJVsWkaGsi48FKoLEmuSy+3Ywn+IStDjSwlX+uDusqD0n/mBA=
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:11 2024 by rpki-client on console-ams.rpki-client.org