Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/OnQrsiNcDi8VFrJORQ_dscTN5Cc.roa
File: OnQrsiNcDi8VFrJORQ_dscTN5Cc.roa (raw, json)
Hash identifier: OvsDw/o0SLfHKhmlbpERSzayYZ4iv5bvGrtz1X/cfqQ=
Subject key identifier: 3A:74:2B:B2:23:5C:0E:2F:15:16:B2:4E:45:0F:DD:B1:C4:CD:E4:27
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 28
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OnQrsiNcDi8VFrJORQ_dscTN5Cc.roa
Signing time: Tue 13 Feb 2024 15:55:02 +0000
ROA not before: Tue 13 Feb 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 13 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3A742BB2235C0E2F1516B24E450FDDB1C4CDE427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:de:1d:e1:a9:a3:39:13:a5:9e:38:d3:8d:74:
e8:33:36:23:da:74:59:f2:5e:1d:3e:45:43:51:b3:
de:a3:81:ec:5f:d8:f1:35:1f:6f:18:1b:d9:e5:34:
e9:a7:61:35:cb:1a:5c:4d:24:83:fc:0b:db:8f:64:
dd:6c:5b:e8:e0:e3:88:44:b1:b4:12:d3:86:9d:39:
40:68:5b:9f:ec:83:f1:d3:09:aa:56:08:b2:1d:79:
b0:63:6c:1f:8a:a0:d3:e6:17:d7:01:71:b9:dd:05:
35:9f:8e:89:d1:85:e4:9c:d1:07:9f:b0:24:fa:2e:
21:7e:d4:c1:70:3f:b5:2a:92:46:ef:3f:2c:06:d1:
95:3a:a0:5a:e6:2f:7d:a3:f1:c7:f9:2c:6d:7c:8b:
41:62:41:bc:86:61:e7:3e:7e:2c:7a:8b:80:c1:ba:
46:25:9a:a8:d3:9c:3d:6d:47:31:dc:4c:02:6a:f1:
b8:4e:5b:9b:24:d9:49:d2:44:60:2d:72:86:3e:9d:
ce:7a:4d:91:bb:8d:65:c1:f2:0d:3b:14:03:25:61:
91:31:b1:99:2d:35:43:3b:2d:e4:ca:07:d4:13:d4:
cd:84:3f:30:ef:2a:08:61:06:1a:2b:c6:50:40:0f:
a4:8b:fc:10:82:9c:13:c7:1d:25:2d:a3:f7:95:79:
eb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:74:2B:B2:23:5C:0E:2F:15:16:B2:4E:45:0F:DD:B1:C4:CD:E4:27
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/OnQrsiNcDi8VFrJORQ_dscTN5Cc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
59:bd:c5:44:74:e7:f3:86:79:7b:aa:0c:97:92:21:8d:d7:85:
b7:ce:40:18:6a:f5:8e:b7:bc:36:4b:f1:5d:e5:de:9b:c6:e3:
06:62:58:d6:30:82:bf:58:75:52:46:fa:a3:31:d7:33:2c:52:
8f:7e:1d:e1:53:c3:d4:55:92:5c:70:66:f6:e9:41:47:8c:56:
b5:86:30:1e:99:e9:4b:03:c1:a6:2e:1c:b7:7a:b6:75:fb:56:
45:11:7a:9b:54:71:34:95:04:5b:91:1a:0f:31:e8:c2:2a:7a:
ea:d9:c6:b5:27:43:be:fc:c6:3e:31:0e:b1:5a:d0:74:1c:65:
8f:17:3b:03:ee:1c:7e:ad:ed:91:0a:42:67:8c:ec:f7:0e:3d:
ae:bc:cf:56:92:2b:39:80:64:24:dd:bc:37:94:fa:d0:38:61:
3f:c6:34:fa:ab:c7:4b:1e:7b:a7:62:49:30:20:c7:fd:78:37:
eb:dc:ff:3f:2e:ad:85:2b:f0:3e:d0:51:61:1d:e8:38:9a:91:
84:e8:3d:eb:3e:11:5f:d0:59:2c:6e:6c:c9:f2:02:72:f7:f1:
f4:38:b5:48:01:34:cf:06:15:4a:c3:09:11:bb:98:0f:9f:e2:
25:19:9b:f6:fa:51:21:86:fd:7a:8a:20:8e:6f:bd:81:3a:28:
9f:91:0d:21
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMzE1
NTUwMloXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM0E3NDJCQjIyMzVDMEUy
RjE1MTZCMjRFNDUwRkREQjFDNENERTQyNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN/eHeGpozkTpZ4404106DM2I9p0WfJeHT5FQ1Gz3qOB7F/Y8TUf
bxgb2eU06adhNcsaXE0kg/wL249k3Wxb6ODjiESxtBLThp05QGhbn+yD8dMJqlYI
sh15sGNsH4qg0+YX1wFxud0FNZ+OidGF5JzRB5+wJPouIX7UwXA/tSqSRu8/LAbR
lTqgWuYvfaPxx/ksbXyLQWJBvIZh5z5+LHqLgMG6RiWaqNOcPW1HMdxMAmrxuE5b
myTZSdJEYC1yhj6dznpNkbuNZcHyDTsUAyVhkTGxmS01Qzst5MoH1BPUzYQ/MO8q
CGEGGivGUEAPpIv8EIKcE8cdJS2j95V56ysCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBQ6dCuyI1wOLxUWsk5FD92xxM3kJzAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvT25RcnNpTmNEaThWRnJK
T1JRX2RzY1RONUNjLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAWb3FRHTn84Z5e6oMl5IhjdeFt85AGGr1jre8
NkvxXeXem8bjBmJY1jCCv1h1Ukb6ozHXMyxSj34d4VPD1FWSXHBm9ulBR4xWtYYw
HpnpSwPBpi4ct3q2dftWRRF6m1RxNJUEW5EaDzHowip66tnGtSdDvvzGPjEOsVrQ
dBxljxc7A+4cfq3tkQpCZ4zs9w49rrzPVpIrOYBkJN28N5T60DhhP8Y0+qvHSx57
p2JJMCDH/Xg369z/Py6thSvwPtBRYR3oOJqRhOg96z4RX9BZLG5syfICcvfx9Di1
SAE0zwYVSsMJEbuYD5/iJRmb9vpRIYb9eoogjm+9gToon5ENIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org