Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/NTBmZIeThToLsU2vVyXNp_Vt0YM.roa
File: NTBmZIeThToLsU2vVyXNp_Vt0YM.roa (raw, json)
Hash identifier: OGsaM2X8RVeN1/8k8HafjlSNMcvcpOPxYHns2hlp9JM=
Subject key identifier: 35:30:66:64:87:93:85:3A:0B:B1:4D:AF:57:25:CD:A7:F5:6D:D1:83
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0103
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NTBmZIeThToLsU2vVyXNp_Vt0YM.roa
Signing time: Fri 08 Mar 2024 23:55:03 +0000
ROA not before: Fri 08 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 259 (0x103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 8 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=353066648793853A0BB14DAF5725CDA7F56DD183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:02:43:c2:ec:c2:ad:f5:ff:74:ef:29:86:9e:
6d:94:82:4d:e1:8c:04:67:c7:55:0d:af:6a:11:18:
9c:2a:1f:b8:f2:ef:a8:be:40:15:88:9a:4f:69:fa:
ff:7c:85:e5:09:4b:fe:42:34:34:c9:2e:7e:d1:92:
de:dc:73:5e:4a:47:f1:0f:65:01:f1:31:e7:04:d4:
5f:79:af:a3:8e:69:5f:b1:a0:07:f6:eb:f9:0a:88:
2d:1b:6b:8e:ff:de:fd:a5:2f:b3:2d:97:4f:2c:0f:
f1:2d:0a:8d:0c:4c:00:c4:3f:c7:87:4a:c7:5e:2e:
5e:ec:1d:79:31:70:d5:f6:dc:a7:52:9f:e4:0f:fc:
6b:7b:d9:f1:9b:d5:56:19:a7:e7:09:03:b7:fe:3e:
15:31:9e:77:de:bd:d6:ee:bd:b6:84:39:d7:4d:e3:
d5:ea:30:3c:b7:93:bd:c4:24:be:1a:1b:b6:c8:ff:
a4:57:f6:af:8c:82:69:4f:15:88:06:55:be:96:97:
fd:04:ad:23:74:d1:4e:c5:09:58:ba:09:94:0a:68:
76:21:61:1e:3d:93:b1:6d:48:37:e4:00:b1:c6:93:
f3:13:1b:5a:30:0d:3d:d8:fc:8c:e2:65:dd:e3:f8:
0c:04:1f:2e:08:a4:ba:74:f5:09:e2:43:a4:e6:54:
91:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:30:66:64:87:93:85:3A:0B:B1:4D:AF:57:25:CD:A7:F5:6D:D1:83
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NTBmZIeThToLsU2vVyXNp_Vt0YM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:df:39:31:cc:37:ea:01:bd:ed:9c:34:4e:98:3b:ee:b3:78:
89:e1:61:1d:14:c0:3f:81:e7:9b:1c:ce:39:2c:24:26:b5:46:
41:4c:bc:cf:e4:f2:08:08:c7:82:ea:a2:68:af:26:c0:e8:c8:
14:28:a7:ab:75:43:e8:46:23:1c:ac:bf:94:f7:ad:5c:77:61:
9e:97:fc:9e:d6:28:79:8a:90:5b:37:84:e8:e5:ee:1e:e6:a5:
2f:fb:b1:44:94:86:47:ee:d7:e6:5f:89:e3:c7:dd:d7:16:51:
3a:a6:ee:32:e0:15:27:6c:cd:93:d6:c9:21:6b:1e:af:3f:88:
01:ea:81:03:eb:2f:e2:42:4f:cb:cd:be:df:f4:0f:73:db:7e:
fe:f1:de:a0:dd:6b:a6:1b:f2:f2:1f:f5:10:6a:e2:d8:dc:e8:
2a:c9:3e:53:9e:f0:64:ea:b0:11:5d:89:1a:27:72:fb:2d:21:
79:f9:f2:65:d5:b2:ba:2a:b3:e4:d6:ca:43:b8:b1:37:3d:d4:
e0:ed:74:88:11:be:b6:58:67:9b:e5:0c:c6:61:43:5a:d1:9d:
51:5e:17:8c:67:13:6b:c8:3e:66:86:b2:2e:1b:02:db:a8:c2:
85:6e:8b:6a:93:58:6a:48:10:f2:67:27:4f:eb:b0:c6:0a:a5:
58:63:12:b2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM1MzA2NjY0ODc5Mzg1
M0EwQkIxNERBRjU3MjVDREE3RjU2REQxODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/AkPC7MKt9f907ymGnm2Ugk3hjARnx1UNr2oRGJwqH7jy76i+
QBWImk9p+v98heUJS/5CNDTJLn7Rkt7cc15KR/EPZQHxMecE1F95r6OOaV+xoAf2
6/kKiC0ba47/3v2lL7Mtl08sD/EtCo0MTADEP8eHSsdeLl7sHXkxcNX23KdSn+QP
/Gt72fGb1VYZp+cJA7f+PhUxnnfevdbuvbaEOddN49XqMDy3k73EJL4aG7bI/6RX
9q+MgmlPFYgGVb6Wl/0ErSN00U7FCVi6CZQKaHYhYR49k7FtSDfkALHGk/MTG1ow
DT3Y/IziZd3j+AwEHy4IpLp09QniQ6TmVJHfAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUNTBmZIeThToLsU2vVyXNp/Vt0YMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL05UQm1aSWVUaFRvTHNV
MnZWeVhOcF9WdDBZTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAE3fOTHMN+oBve2cNE6YO+6zeInhYR0UwD+B
55sczjksJCa1RkFMvM/k8ggIx4LqomivJsDoyBQop6t1Q+hGIxysv5T3rVx3YZ6X
/J7WKHmKkFs3hOjl7h7mpS/7sUSUhkfu1+ZfiePH3dcWUTqm7jLgFSdszZPWySFr
Hq8/iAHqgQPrL+JCT8vNvt/0D3Pbfv7x3qDda6Yb8vIf9RBq4tjc6CrJPlOe8GTq
sBFdiRoncvstIXn58mXVsroqs+TWykO4sTc91ODtdIgRvrZYZ5vlDMZhQ1rRnVFe
F4xnE2vIPmaGsi4bAtuowoVui2qTWGpIEPJnJ0/rsMYKpVhjErI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org