Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/MV9fhAQww3DTo40t4M-PqRRePvw.roa
File: MV9fhAQww3DTo40t4M-PqRRePvw.roa (raw, json)
Hash identifier: 5HDQtYWf1C18tKbx3fRBmMpENrFgx57oymFgNFazET4=
Subject key identifier: 31:5F:5F:84:04:30:C3:70:D3:A3:8D:2D:E0:CF:8F:A9:14:5E:3E:FC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 7C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MV9fhAQww3DTo40t4M-PqRRePvw.roa
Signing time: Thu 22 Feb 2024 23:55:03 +0000
ROA not before: Thu 22 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124 (0x7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 22 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=315F5F840430C370D3A38D2DE0CF8FA9145E3EFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3a:85:fc:28:7f:df:cf:df:b7:0e:f7:30:4f:
8d:00:e4:99:26:51:2c:1e:55:ed:0e:c0:5e:bc:30:
55:96:6c:88:6a:29:e3:3c:d5:99:0e:e8:9a:92:02:
42:e7:5d:62:39:e3:3c:c5:cf:71:30:03:36:a0:20:
29:6e:c2:33:1e:ae:92:6c:dc:1f:d7:a4:e0:07:0d:
e6:50:7f:1d:3a:fc:f4:62:fa:0d:5a:bd:94:44:1e:
d7:b5:15:10:72:49:e3:ac:1d:7a:09:8a:dd:b3:1e:
ae:36:e7:84:4b:e6:78:35:51:e6:4f:25:52:07:b8:
b5:b3:a3:87:d4:3b:a5:4d:14:09:09:b2:70:fe:47:
bb:85:c4:66:83:1a:d5:2e:7a:61:60:7b:11:cc:fd:
c3:b4:34:d6:20:5c:74:97:98:08:08:14:d0:30:e1:
da:83:08:4d:84:99:b7:be:22:09:f7:c3:16:52:4e:
0d:cd:ee:65:32:90:42:ad:9f:b6:16:22:a2:95:52:
fa:10:bb:3a:d9:4d:c5:89:f5:d8:f6:bd:4c:7a:35:
63:4b:8b:4b:33:81:fb:18:15:83:49:a8:c7:5a:da:
c7:2d:95:6b:11:c6:65:8b:a9:ea:32:b4:7a:31:b7:
8e:95:66:de:5b:a5:57:b2:62:f3:ba:b5:b0:95:64:
be:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5F:5F:84:04:30:C3:70:D3:A3:8D:2D:E0:CF:8F:A9:14:5E:3E:FC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/MV9fhAQww3DTo40t4M-PqRRePvw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:13:3f:ce:62:e1:10:2d:c0:cd:6a:e4:bc:35:17:ad:c2:61:
a5:22:9d:4e:74:e2:f8:6e:13:1d:87:b3:13:cd:41:64:9c:46:
37:fe:f1:27:37:5c:ad:30:e9:78:13:94:40:db:04:58:c5:8d:
51:16:d2:17:c0:b2:44:2a:b7:95:9e:97:80:c1:c1:97:be:28:
4b:13:d0:d1:95:48:38:4e:75:fb:8f:1a:ee:89:8e:be:bd:85:
92:5d:bb:81:51:44:d2:b5:e4:ce:07:8c:ed:e3:e9:c1:7c:18:
85:e5:e5:99:26:66:ad:19:95:07:d5:15:ae:64:43:88:fd:aa:
d6:32:da:2a:35:49:87:0d:3e:bd:7f:48:cf:f7:da:14:42:dd:
41:0e:cb:9c:37:8b:bf:be:d7:e4:02:a4:13:f6:bf:6f:8b:b5:
64:6f:08:3f:7b:77:dc:02:93:de:f9:38:41:1f:79:c8:f5:eb:
d8:5c:a8:38:8e:08:39:62:ed:59:ac:6f:85:c0:03:38:d6:2b:
70:1f:c0:92:e8:a4:e2:d8:59:08:e1:4e:9c:f1:1f:d1:38:91:
57:7d:7d:e3:1c:4b:da:46:43:e3:82:4c:15:11:3e:03:22:f4:
80:07:a7:c9:65:1f:58:8e:1c:90:7c:a0:8f:c4:4a:0e:77:20:
5c:b4:09:5b
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIyMjIz
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE1RjVGODQwNDMwQzM3
MEQzQTM4RDJERTBDRjhGQTkxNDVFM0VGQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJQ6hfwof9/P37cO9zBPjQDkmSZRLB5V7Q7AXrwwVZZsiGop4zzV
mQ7ompICQuddYjnjPMXPcTADNqAgKW7CMx6ukmzcH9ek4AcN5lB/HTr89GL6DVq9
lEQe17UVEHJJ46wdegmK3bMerjbnhEvmeDVR5k8lUge4tbOjh9Q7pU0UCQmycP5H
u4XEZoMa1S56YWB7Ecz9w7Q01iBcdJeYCAgU0DDh2oMITYSZt74iCffDFlJODc3u
ZTKQQq2fthYiopVS+hC7OtlNxYn12Pa9THo1Y0uLSzOB+xgVg0mox1raxy2VaxHG
ZYup6jK0ejG3jpVm3lulV7Ji87q1sJVkvksCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBQxX1+EBDDDcNOjjS3gz4+pFF4+/DAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvTVY5ZmhBUXd3M0RUbzQw
dDRNLVBxUlJlUHZ3LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAthM/zmLhEC3AzWrkvDUXrcJhpSKdTnTi+G4T
HYezE81BZJxGN/7xJzdcrTDpeBOUQNsEWMWNURbSF8CyRCq3lZ6XgMHBl74oSxPQ
0ZVIOE51+48a7omOvr2Fkl27gVFE0rXkzgeM7ePpwXwYheXlmSZmrRmVB9UVrmRD
iP2q1jLaKjVJhw0+vX9Iz/faFELdQQ7LnDeLv77X5AKkE/a/b4u1ZG8IP3t33AKT
3vk4QR95yPXr2FyoOI4IOWLtWaxvhcADONYrcB/Akuik4thZCOFOnPEf0TiRV319
4xxL2kZD44JMFRE+AyL0gAenyWUfWI4ckHygj8RKDncgXLQJWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org