Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/NbZClNiXBHGm9XDxkhE8rdtFzro.roa
File: NbZClNiXBHGm9XDxkhE8rdtFzro.roa (raw, json)
Hash identifier: yIIX4hdZXYdy3/mW0jYgDlvgrZaHIVkspQLpr3CUR+A=
Subject key identifier: 35:B6:42:94:D8:97:04:71:A6:F5:70:F1:92:11:3C:AD:DB:45:CE:BA
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 6A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NbZClNiXBHGm9XDxkhE8rdtFzro.roa
Signing time: Tue 20 Feb 2024 23:55:03 +0000
ROA not before: Tue 20 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106 (0x6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 20 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35B64294D8970471A6F570F192113CADDB45CEBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:54:8f:6c:af:b8:93:32:37:9a:cd:f6:52:52:
e8:d4:aa:79:f2:95:bb:a6:b9:29:a9:78:74:d3:ce:
f3:4b:17:6c:13:af:45:cf:16:73:8c:9d:c6:9f:ca:
a1:2f:0a:73:8a:3f:01:a4:f4:f9:54:2f:23:cb:6e:
70:16:ca:8b:26:8a:66:51:52:01:4a:9b:dc:a3:51:
3e:16:d8:b7:d8:02:1a:6c:5c:2f:28:8d:c7:df:54:
07:3c:2f:41:06:c0:3a:9b:00:e3:1b:ab:27:2e:2a:
43:40:a3:a1:57:ba:dd:29:33:06:42:96:36:59:7c:
3b:73:de:b2:0e:ac:83:91:80:f9:89:2a:27:16:88:
bb:53:8e:9d:dd:e2:2f:af:29:d0:79:44:00:4b:9b:
1c:56:4b:5d:b7:36:37:f0:95:3f:ca:1d:10:c6:84:
34:0e:d7:44:bd:8d:88:c8:4a:6a:64:a4:c6:24:02:
33:ec:78:e7:08:c8:db:38:7c:be:1b:87:f9:f9:12:
3c:4a:4c:bf:70:4b:c7:84:eb:34:5a:4c:1f:37:65:
7b:26:3d:03:76:90:a5:90:f7:3a:25:45:26:7c:b7:
9c:9c:69:d3:b3:4e:aa:14:29:c3:2c:d4:07:27:68:
a1:4b:08:db:ab:70:a8:fa:fc:1a:14:57:70:4b:e7:
48:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B6:42:94:D8:97:04:71:A6:F5:70:F1:92:11:3C:AD:DB:45:CE:BA
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NbZClNiXBHGm9XDxkhE8rdtFzro.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
84:59:f2:33:39:7f:a1:f0:32:72:5a:30:1c:7b:dd:e2:7b:1b:
97:09:a0:81:0c:da:f4:7b:97:61:4d:a3:13:ed:2b:a3:b0:31:
5d:6f:18:b6:15:be:f6:87:06:0a:e9:a4:33:7e:ed:69:12:77:
ca:c1:52:2f:df:f6:6f:13:3d:e2:c7:64:29:dd:16:49:03:62:
e6:a9:aa:64:c7:0b:74:68:c9:07:23:c8:20:2a:fe:10:28:d9:
ad:92:6b:f8:e2:28:9f:72:63:cf:23:65:49:da:49:3c:65:3b:
e8:52:ba:d5:04:07:0c:b2:06:7e:98:88:32:c3:b0:0c:a0:ba:
68:57:f9:da:ee:f1:0c:85:29:12:c9:45:1d:da:4b:a5:7b:6a:
e3:72:dc:ae:c3:a8:3e:e0:f2:85:2b:a4:6d:93:5c:dd:76:50:
1e:dc:b0:62:d1:d4:80:e1:bb:b6:c9:e8:ff:c3:55:c2:4b:66:
26:59:d1:17:4c:65:cb:59:02:d3:03:51:cd:ca:82:e1:71:a8:
b9:f6:b9:fe:44:54:59:1c:91:4e:f3:b5:de:4e:d1:e9:c3:8c:
ba:4d:4c:98:d4:96:cb:8f:9c:86:e9:c8:4a:84:6e:7a:ab:84:
f4:6c:3f:49:cd:cb:e1:8a:57:2b:db:a6:0b:7b:16:81:c0:61:
4c:1f:77:24
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIyMDIz
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVCNjQyOTREODk3MDQ3
MUE2RjU3MEYxOTIxMTNDQUREQjQ1Q0VCQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANFUj2yvuJMyN5rN9lJS6NSqefKVu6a5Kal4dNPO80sXbBOvRc8W
c4ydxp/KoS8Kc4o/AaT0+VQvI8tucBbKiyaKZlFSAUqb3KNRPhbYt9gCGmxcLyiN
x99UBzwvQQbAOpsA4xurJy4qQ0CjoVe63SkzBkKWNll8O3Pesg6sg5GA+YkqJxaI
u1OOnd3iL68p0HlEAEubHFZLXbc2N/CVP8odEMaENA7XRL2NiMhKamSkxiQCM+x4
5wjI2zh8vhuH+fkSPEpMv3BLx4TrNFpMHzdleyY9A3aQpZD3OiVFJny3nJxp07NO
qhQpwyzUBydooUsI26twqPr8GhRXcEvnSMkCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBQ1tkKU2JcEcab1cPGSETyt20XOujAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvTmJaQ2xOaVhCSEdtOVhE
eGtoRThyZHRGenJvLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAhFnyMzl/ofAyclowHHvd4nsblwmggQza9HuX
YU2jE+0ro7AxXW8YthW+9ocGCumkM37taRJ3ysFSL9/2bxM94sdkKd0WSQNi5qmq
ZMcLdGjJByPIICr+ECjZrZJr+OIon3JjzyNlSdpJPGU76FK61QQHDLIGfpiIMsOw
DKC6aFf52u7xDIUpEslFHdpLpXtq43LcrsOoPuDyhSukbZNc3XZQHtywYtHUgOG7
tsno/8NVwktmJlnRF0xly1kC0wNRzcqC4XGoufa5/kRUWRyRTvO13k7R6cOMuk1M
mNSWy4+chunISoRuequE9Gw/Sc3L4YpXK9umC3sWgcBhTB93JA==
-----END CERTIFICATE-----
Generated at Wed Feb 21 04:25:44 2024 by rpki-client on console-ams.rpki-client.org