Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/SiUOAlSTIuJLjaVb7WR6IhNHKLQ.roa
File: SiUOAlSTIuJLjaVb7WR6IhNHKLQ.roa (raw, json)
Hash identifier: nhzLGdUD4PeujFb6ogZk2AGHJW9Eunn3Gflc97mf8Vs=
Subject key identifier: 4A:25:0E:02:54:93:22:E2:4B:8D:A5:5B:ED:64:7A:22:13:47:28:B4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 9D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/SiUOAlSTIuJLjaVb7WR6IhNHKLQ.roa
Signing time: Mon 26 Feb 2024 15:55:04 +0000
ROA not before: Mon 26 Feb 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157 (0x9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 26 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4A250E02549322E24B8DA55BED647A22134728B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f6:f2:6e:46:d6:23:bd:12:cf:32:ad:de:f3:
84:84:58:ca:01:f0:18:3c:5d:cc:92:7e:8a:c0:2c:
20:1b:8f:19:fd:d1:0f:c8:01:c9:aa:68:5e:39:db:
2a:fc:6a:cd:c8:a6:f7:86:e8:74:9b:1d:73:cd:f1:
b5:80:5b:ec:97:b7:0d:e8:df:29:04:13:c0:e3:70:
70:50:e2:60:e5:d4:a2:b4:15:0b:22:15:fc:5d:16:
1c:88:68:a3:84:37:c7:5d:49:dc:9d:c3:39:11:8d:
d0:3b:24:30:a2:b2:88:0f:e1:c9:a8:c1:5f:c6:06:
c7:c8:20:be:57:91:8c:ed:4b:77:64:c6:64:8d:87:
d9:7d:bf:1c:7c:13:49:e9:8b:e4:c4:64:df:f4:26:
01:66:c3:e5:a7:4c:b0:78:30:a0:8d:cb:8e:52:4b:
cb:20:1c:d4:ff:70:41:37:13:f2:3f:e5:b5:1d:41:
42:3f:0a:ea:2f:a5:49:3b:b3:7c:78:90:19:fe:1b:
fc:7e:2b:1d:c6:57:a1:3d:ba:45:86:e4:b6:6d:70:
c8:97:40:3d:b3:ba:75:7c:a2:56:7d:89:d8:f0:3a:
60:96:7e:6b:ef:fe:f1:ae:0f:4b:ba:29:b5:71:bf:
ce:d4:d1:2f:a7:42:ca:09:e0:f1:52:d1:33:ec:92:
26:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:25:0E:02:54:93:22:E2:4B:8D:A5:5B:ED:64:7A:22:13:47:28:B4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/SiUOAlSTIuJLjaVb7WR6IhNHKLQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f4:19:53:06:06:31:5c:97:29:a3:4b:d3:e7:b7:23:e6:7d:
0d:9e:43:4c:b4:6e:af:e1:8e:78:e2:5e:6e:d2:84:cc:89:21:
c3:66:38:6e:df:96:a8:cb:40:d4:d7:e2:80:65:f0:9b:f4:12:
de:c7:f4:c9:b1:ad:8b:db:21:55:a7:02:8f:60:71:a9:fe:59:
03:bf:15:f1:6b:39:58:b7:f5:44:e0:fb:6e:57:ca:0b:ae:20:
06:ce:5d:f8:d4:56:2e:93:b6:a2:42:6c:eb:e3:bd:0a:bc:e4:
79:3e:98:48:ee:77:9e:cf:d3:f5:69:d1:19:10:a5:39:88:6c:
b2:80:d6:d3:d4:59:1a:68:d5:be:b3:d4:ee:1c:1d:a2:0f:6d:
9f:d3:a4:cb:da:c0:96:1e:af:57:98:22:69:88:db:3e:e0:f8:
7f:b8:d4:e0:ff:17:fd:c3:3e:9c:e3:65:07:cd:b4:70:d4:09:
c8:fb:d6:75:8c:0f:4d:bd:c8:98:9d:94:15:13:7d:e8:32:ec:
20:89:a4:ee:0a:3a:4d:db:4e:a1:cb:52:62:01:da:51:da:5d:
70:41:71:61:35:47:54:85:44:17:06:d7:bb:81:7f:58:31:01:
44:2a:80:e6:6e:8e:30:8a:b8:89:5e:bc:79:9a:ea:20:c5:93:
03:54:07:9a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAJ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAyMjYx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRBMjUwRTAyNTQ5MzIy
RTI0QjhEQTU1QkVENjQ3QTIyMTM0NzI4QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP9vJuRtYjvRLPMq3e84SEWMoB8Bg8XcySforALCAbjxn90Q/I
AcmqaF452yr8as3IpveG6HSbHXPN8bWAW+yXtw3o3ykEE8DjcHBQ4mDl1KK0FQsi
FfxdFhyIaKOEN8ddSdydwzkRjdA7JDCisogP4cmowV/GBsfIIL5XkYztS3dkxmSN
h9l9vxx8E0npi+TEZN/0JgFmw+WnTLB4MKCNy45SS8sgHNT/cEE3E/I/5bUdQUI/
CuovpUk7s3x4kBn+G/x+Kx3GV6E9ukWG5LZtcMiXQD2zunV8olZ9idjwOmCWfmvv
/vGuD0u6KbVxv87U0S+nQsoJ4PFS0TPskiZPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUSiUOAlSTIuJLjaVb7WR6IhNHKLQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1NpVU9BbFNUSXVKTGph
VmI3V1I2SWhOSEtMUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABr0GVMGBjFclymjS9PntyPmfQ2eQ0y0bq/h
jnjiXm7ShMyJIcNmOG7flqjLQNTX4oBl8Jv0Et7H9MmxrYvbIVWnAo9gcan+WQO/
FfFrOVi39UTg+25XyguuIAbOXfjUVi6TtqJCbOvjvQq85Hk+mEjud57P0/Vp0RkQ
pTmIbLKA1tPUWRpo1b6z1O4cHaIPbZ/TpMvawJYer1eYImmI2z7g+H+41OD/F/3D
PpzjZQfNtHDUCcj71nWMD029yJidlBUTfegy7CCJpO4KOk3bTqHLUmIB2lHaXXBB
cWE1R1SFRBcG17uBf1gxAUQqgOZujjCKuIlevHma6iDFkwNUB5o=
-----END CERTIFICATE-----
Generated at Mon Feb 26 22:58:26 2024 by rpki-client on console-ams.rpki-client.org