Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/OFhP9fchw5OpkFS6D5Z3fYHGkc0.roa
File: OFhP9fchw5OpkFS6D5Z3fYHGkc0.roa (raw, json)
Hash identifier: WOvx6uwmT9lP0cc247MWSsDeTd9V8i9vLinGbtAp5QA=
Subject key identifier: 38:58:4F:F5:F7:21:C3:93:A9:90:54:BA:0F:96:77:7D:81:C6:91:CD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01BD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OFhP9fchw5OpkFS6D5Z3fYHGkc0.roa
Signing time: Fri 29 Mar 2024 15:55:03 +0000
ROA not before: Fri 29 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445 (0x1bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 29 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38584FF5F721C393A99054BA0F96777D81C691CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cb:10:fb:8e:7f:6c:74:a5:1d:b8:88:cf:41:
c5:d0:69:97:a4:66:9a:04:a5:10:30:65:0d:2a:3a:
2f:5d:3f:6d:f3:05:09:21:8e:0e:90:56:96:e0:7e:
e3:64:4c:18:cc:a7:81:7e:45:a3:83:e5:b4:05:76:
80:1c:d1:f8:63:05:9e:72:38:0d:ba:e7:57:62:e5:
f0:79:4d:24:16:e8:1d:0a:48:f0:ba:20:55:8f:52:
22:0f:4f:c6:a6:85:e7:76:c1:b2:6c:2a:86:6d:cd:
cf:30:6c:0a:e3:97:1d:6b:00:c8:b4:72:84:15:db:
ff:bd:22:cd:69:75:e9:86:84:3f:25:95:4e:8f:26:
c0:50:3d:59:44:7b:ad:77:e0:4d:d4:09:60:d7:87:
ea:84:cb:1a:15:fc:51:a4:30:01:0a:af:51:e3:4c:
29:c5:a4:fd:0d:ec:ae:c3:e3:b0:87:02:9c:4d:26:
06:ca:6c:16:bc:f6:15:aa:f2:ac:99:20:ca:e7:c6:
d2:8f:c6:81:09:3b:4b:68:4f:c9:4c:52:ec:1e:07:
8f:d2:15:81:60:27:c1:2d:74:0e:22:9f:63:74:bc:
d7:93:61:e3:fa:ba:33:de:4c:32:ee:17:d8:93:2e:
5d:83:ff:69:d7:71:f5:25:49:7d:43:f9:58:55:f3:
d8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:58:4F:F5:F7:21:C3:93:A9:90:54:BA:0F:96:77:7D:81:C6:91:CD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OFhP9fchw5OpkFS6D5Z3fYHGkc0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:de:dd:c0:4b:99:50:22:cb:30:53:40:a5:b0:b9:e2:64:43:
0a:50:dc:7c:06:bd:39:2e:84:b3:93:28:a3:3b:6c:60:54:4b:
c2:54:a0:12:ef:58:b4:fd:c1:02:3e:b9:54:82:fe:ac:ef:4c:
99:b3:15:aa:9a:ee:13:5c:42:f7:9e:8d:5d:b2:d1:03:ef:b4:
e8:72:d9:22:09:12:27:39:3a:38:36:fd:55:ac:aa:c2:de:d9:
b1:7f:ca:c1:c0:48:44:37:d8:12:9a:03:77:3e:01:2b:9e:b3:
2e:ff:4d:33:77:ec:3f:8d:b5:05:1f:75:8a:64:ad:e1:64:e2:
97:69:ea:97:71:ae:bc:16:b7:a4:a0:c1:a8:7e:3f:c9:6e:bb:
5b:0f:9b:78:ca:f1:66:0b:b6:14:eb:ed:e1:67:7c:4b:fb:dd:
df:0a:69:d9:5c:b9:de:f4:b9:cd:35:5b:be:e0:eb:30:01:19:
e5:59:64:6d:a6:17:b9:8a:5d:27:6a:a7:8a:2f:dd:81:ce:ad:
cd:54:4a:5e:f2:7f:9e:2a:a2:91:9e:6f:db:82:98:1a:e1:e5:
c4:5a:59:d6:21:42:8f:14:80:4b:d1:88:4b:f9:70:69:d6:0b:
42:41:5b:35:20:ad:b3:d2:36:c9:d3:f3:b1:63:fe:40:e5:7c:
ab:de:9c:32
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjkx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM4NTg0RkY1RjcyMUMz
OTNBOTkwNTRCQTBGOTY3NzdEODFDNjkxQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfyxD7jn9sdKUduIjPQcXQaZekZpoEpRAwZQ0qOi9dP23zBQkh
jg6QVpbgfuNkTBjMp4F+RaOD5bQFdoAc0fhjBZ5yOA2651di5fB5TSQW6B0KSPC6
IFWPUiIPT8amhed2wbJsKoZtzc8wbArjlx1rAMi0coQV2/+9Is1pdemGhD8llU6P
JsBQPVlEe6134E3UCWDXh+qEyxoV/FGkMAEKr1HjTCnFpP0N7K7D47CHApxNJgbK
bBa89hWq8qyZIMrnxtKPxoEJO0toT8lMUuweB4/SFYFgJ8EtdA4in2N0vNeTYeP6
ujPeTDLuF9iTLl2D/2nXcfUlSX1D+VhV89hhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUOFhP9fchw5OpkFS6D5Z3fYHGkc0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL09GaFA5ZmNodzVPcGtG
UzZENVozZllIR2tjMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAG3e3cBLmVAiyzBTQKWwueJkQwpQ3HwGvTku
hLOTKKM7bGBUS8JUoBLvWLT9wQI+uVSC/qzvTJmzFaqa7hNcQveejV2y0QPvtOhy
2SIJEic5Ojg2/VWsqsLe2bF/ysHASEQ32BKaA3c+ASuesy7/TTN37D+NtQUfdYpk
reFk4pdp6pdxrrwWt6Sgwah+P8luu1sPm3jK8WYLthTr7eFnfEv73d8Kadlcud70
uc01W77g6zABGeVZZG2mF7mKXSdqp4ov3YHOrc1USl7yf54qopGeb9uCmBrh5cRa
WdYhQo8UgEvRiEv5cGnWC0JBWzUgrbPSNsnT87Fj/kDlfKvenDI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org