Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/UGYMDDNZ0bpXHb2eXwhjyA2LNSc.roa
File: UGYMDDNZ0bpXHb2eXwhjyA2LNSc.roa (raw, json)
Hash identifier: 7faUCO6sITcm0H6lLdDGqbMFb+mifcqDFxX3+A4yKvU=
Subject key identifier: 50:66:0C:0C:33:59:D1:BA:57:1D:BD:9E:5F:08:63:C8:0D:8B:35:27
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03AC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/UGYMDDNZ0bpXHb2eXwhjyA2LNSc.roa
Signing time: Thu 23 May 2024 15:55:03 +0000
ROA not before: Thu 23 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940 (0x3ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 23 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50660C0C3359D1BA571DBD9E5F0863C80D8B3527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:bf:6a:9a:ba:f9:ea:e5:9e:b2:51:63:2b:
30:ed:40:c1:82:ac:ee:62:51:a4:91:7a:fe:76:9f:
21:1c:1e:c5:59:56:a9:f4:b2:c2:a1:b2:fb:cd:0b:
6d:08:c9:4a:60:63:9e:30:b2:8d:2c:5d:cc:05:b4:
89:fe:1c:67:8b:de:3c:02:16:a3:b8:1c:09:58:bf:
ee:b0:85:a2:cb:03:80:3f:a6:1d:3a:da:21:89:7e:
9a:12:4c:18:64:13:a3:b1:88:0d:47:63:46:51:5f:
4e:7b:ab:16:18:c3:79:81:a8:9a:83:e3:52:a0:08:
3f:82:70:f3:b0:ca:34:a6:af:b3:3f:c6:fb:a6:9b:
36:40:84:89:ff:71:30:89:26:04:69:4f:44:aa:29:
0d:20:04:ce:b7:7c:35:86:81:51:96:ab:2c:16:29:
f8:80:93:6f:f3:98:bb:d9:ef:a9:a5:9a:a7:3f:b0:
f4:14:34:58:e8:02:7a:00:0c:17:e4:24:4c:88:52:
97:17:07:27:c5:7f:0a:5e:d3:ae:c1:44:c4:56:54:
04:4e:ff:4b:c4:60:5c:e1:24:57:c1:2f:4e:bb:55:
46:81:80:a6:7d:e8:f9:5f:70:6d:b1:81:c5:5a:e7:
df:8b:2d:e0:61:21:97:6d:d6:5e:35:ff:d6:28:bc:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:66:0C:0C:33:59:D1:BA:57:1D:BD:9E:5F:08:63:C8:0D:8B:35:27
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/UGYMDDNZ0bpXHb2eXwhjyA2LNSc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b3:9e:29:39:60:a0:eb:db:88:ff:38:b7:c2:17:22:ed:74:
f2:84:c2:f1:a8:61:b8:75:8c:bc:69:be:a7:a9:61:cb:1e:01:
c6:db:e4:59:65:05:cd:22:6b:e5:f1:c0:aa:1a:a4:9f:02:a2:
cb:3f:f3:cf:17:3b:46:44:d8:b0:e7:41:9e:8f:67:aa:e4:2f:
dc:24:e0:b7:e4:b4:e8:41:44:be:c8:62:26:01:8b:a5:c3:22:
c9:74:48:37:ac:28:13:c8:86:42:0f:88:43:6e:15:bd:8c:05:
47:06:6d:67:d9:ba:1b:44:0c:6c:f1:c3:6d:97:20:a0:2c:ac:
b5:14:e8:97:55:96:8d:66:12:0b:c1:18:29:e6:bd:b5:ab:65:
d4:ef:bd:b8:98:39:86:ea:92:98:08:23:ab:b7:4c:49:da:51:
c0:68:8d:a9:03:a0:b6:41:16:fc:f5:2e:eb:d1:1d:1c:be:58:
01:65:81:94:fb:ab:9d:38:9b:32:82:82:ea:2b:2f:01:2b:4c:
f3:29:c4:ab:a6:73:b2:93:ad:d1:8d:23:d8:0a:7a:8a:d8:07:
a6:77:e3:70:55:13:df:b2:65:07:cc:07:f2:52:fc:38:70:d5:
81:da:86:98:ea:f6:56:1e:d7:13:c1:be:a7:06:43:a9:b0:aa:
c4:52:f8:51
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MjMx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUwNjYwQzBDMzM1OUQx
QkE1NzFEQkQ5RTVGMDg2M0M4MEQ4QjM1MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqNb9qmrr56uWeslFjKzDtQMGCrO5iUaSRev52nyEcHsVZVqn0
ssKhsvvNC20IyUpgY54wso0sXcwFtIn+HGeL3jwCFqO4HAlYv+6whaLLA4A/ph06
2iGJfpoSTBhkE6OxiA1HY0ZRX057qxYYw3mBqJqD41KgCD+CcPOwyjSmr7M/xvum
mzZAhIn/cTCJJgRpT0SqKQ0gBM63fDWGgVGWqywWKfiAk2/zmLvZ76mlmqc/sPQU
NFjoAnoADBfkJEyIUpcXByfFfwpe067BRMRWVARO/0vEYFzhJFfBL067VUaBgKZ9
6PlfcG2xgcVa59+LLeBhIZdt1l41/9YovMUrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUUGYMDDNZ0bpXHb2eXwhjyA2LNScwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1VHWU1ERE5aMGJwWEhi
MmVYd2hqeUEyTE5TYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAImznik5YKDr24j/OLfCFyLtdPKEwvGoYbh1
jLxpvqepYcseAcbb5FllBc0ia+XxwKoapJ8Coss/888XO0ZE2LDnQZ6PZ6rkL9wk
4LfktOhBRL7IYiYBi6XDIsl0SDesKBPIhkIPiENuFb2MBUcGbWfZuhtEDGzxw22X
IKAsrLUU6JdVlo1mEgvBGCnmvbWrZdTvvbiYOYbqkpgII6u3TEnaUcBojakDoLZB
Fvz1LuvRHRy+WAFlgZT7q504mzKCguorLwErTPMpxKumc7KTrdGNI9gKeorYB6Z3
43BVE9+yZQfMB/JS/Dhw1YHahpjq9lYe1xPBvqcGQ6mwqsRS+FE=
-----END CERTIFICATE-----
Generated at Fri May 24 00:14:03 2024 by rpki-client on console-ams.rpki-client.org