Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/UZLKvUGDpIKqvJwl-qTCJrOAR6E.roa
File: UZLKvUGDpIKqvJwl-qTCJrOAR6E.roa (raw, json)
Hash identifier: un8WaGiIS6x6fWRdYUpUtFGnnT11koyLcZXJib5nvhs=
Subject key identifier: 51:92:CA:BD:41:83:A4:82:AA:BC:9C:25:FA:A4:C2:26:B3:80:47:A1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01C6
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/UZLKvUGDpIKqvJwl-qTCJrOAR6E.roa
Signing time: Sat 30 Mar 2024 15:55:03 +0000
ROA not before: Sat 30 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Mar 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 454 (0x1c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 30 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5192CABD4183A482AABC9C25FAA4C226B38047A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e0:f8:46:cb:b4:1c:03:1a:79:a3:06:36:3f:
74:38:ae:7a:0d:29:d7:a3:49:0d:29:1f:f1:d6:e3:
75:5d:51:79:05:0f:24:b2:74:75:74:e8:14:d5:8b:
7e:e5:b3:65:23:ad:ee:63:d3:d6:6f:2f:12:e3:19:
79:59:cd:be:40:65:9a:b4:5e:d5:dc:17:c2:7d:b6:
ae:46:47:25:1f:28:9b:46:5f:70:2e:57:ff:5d:f3:
d6:a6:a4:dc:93:67:04:83:90:2c:c5:d3:06:da:f0:
21:ae:5b:af:6a:0e:6c:a4:7d:44:67:e7:d4:a2:77:
0f:7c:9f:39:b1:15:12:c4:db:da:aa:af:f2:58:c9:
e2:9a:e2:6d:4c:cd:25:e3:1b:d8:b2:ae:d1:20:13:
24:60:3f:38:e5:3f:d2:db:6d:81:48:1b:8f:69:7e:
7d:19:d2:9d:bf:37:9c:57:dc:25:b9:e8:9a:60:4a:
27:ef:65:62:d5:25:cd:08:18:4a:22:a0:af:51:15:
74:ba:68:10:90:34:09:57:33:35:87:49:85:ad:a2:
fc:ea:fa:bd:75:f8:ea:12:09:fb:04:f6:e9:af:82:
1e:49:51:4f:cc:f2:e8:44:77:ce:b6:f5:37:83:45:
50:d8:43:48:bc:21:63:b1:17:3f:76:35:00:30:5c:
b7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:92:CA:BD:41:83:A4:82:AA:BC:9C:25:FA:A4:C2:26:B3:80:47:A1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/UZLKvUGDpIKqvJwl-qTCJrOAR6E.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:c2:8e:9d:f5:a9:24:c9:cd:97:b1:77:f6:d5:e2:8e:d5:56:
de:5b:73:93:4e:f7:90:3a:95:72:49:1f:ff:f6:3c:3f:3d:1b:
76:df:06:09:12:34:a2:12:24:74:79:69:83:b0:97:84:9b:a5:
60:b6:99:bc:57:04:2f:4c:5e:49:b1:5c:90:45:4b:3f:37:94:
31:97:e3:8d:1e:ce:a0:72:33:18:99:40:1e:4b:8d:db:33:8f:
b0:da:5e:fe:c9:34:1a:32:44:b5:0f:bb:9d:80:74:0f:af:07:
6d:0a:fc:61:cb:3a:a1:63:50:49:30:d8:ca:85:b8:20:a3:87:
33:72:51:d1:8f:5b:97:4d:03:23:04:36:88:e1:9c:a7:f8:85:
41:16:c7:01:67:2e:cc:52:0f:bc:fd:46:0e:b6:d6:6e:88:28:
71:26:b9:08:87:2b:29:73:29:7c:0b:31:eb:c9:3e:6a:e1:71:
8f:0e:21:57:cd:e2:0b:47:ee:b4:1d:08:b1:d4:3e:e3:c7:7c:
ec:91:4e:bc:59:61:c3:5e:e5:5b:3b:80:5a:16:71:7c:cd:ef:
36:a5:03:1c:f8:d1:29:79:71:b0:e4:d6:26:0b:c5:3c:22:50:
f7:86:95:b0:c9:34:df:f9:67:12:be:37:e1:ce:8b:14:b6:fc:
19:42:f4:f9
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAcYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMzAx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUxOTJDQUJENDE4M0E0
ODJBQUJDOUMyNUZBQTRDMjI2QjM4MDQ3QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD04PhGy7QcAxp5owY2P3Q4rnoNKdejSQ0pH/HW43VdUXkFDySy
dHV06BTVi37ls2Ujre5j09ZvLxLjGXlZzb5AZZq0XtXcF8J9tq5GRyUfKJtGX3Au
V/9d89ampNyTZwSDkCzF0wba8CGuW69qDmykfURn59Sidw98nzmxFRLE29qqr/JY
yeKa4m1MzSXjG9iyrtEgEyRgPzjlP9LbbYFIG49pfn0Z0p2/N5xX3CW56JpgSifv
ZWLVJc0IGEoioK9RFXS6aBCQNAlXMzWHSYWtovzq+r11+OoSCfsE9umvgh5JUU/M
8uhEd8629TeDRVDYQ0i8IWOxFz92NQAwXLdDAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUUZLKvUGDpIKqvJwl+qTCJrOAR6EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1VaTEt2VUdEcElLcXZK
d2wtcVRDSnJPQVI2RS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAH3Cjp31qSTJzZexd/bV4o7VVt5bc5NO95A6
lXJJH//2PD89G3bfBgkSNKISJHR5aYOwl4SbpWC2mbxXBC9MXkmxXJBFSz83lDGX
440ezqByMxiZQB5Ljdszj7DaXv7JNBoyRLUPu52AdA+vB20K/GHLOqFjUEkw2MqF
uCCjhzNyUdGPW5dNAyMENojhnKf4hUEWxwFnLsxSD7z9Rg621m6IKHEmuQiHKylz
KXwLMevJPmrhcY8OIVfN4gtH7rQdCLHUPuPHfOyRTrxZYcNe5Vs7gFoWcXzN7zal
Axz40Sl5cbDk1iYLxTwiUPeGlbDJNN/5ZxK+N+HOixS2/BlC9Pk=
-----END CERTIFICATE-----
Generated at Sat Mar 30 22:27:16 2024 by rpki-client on console-ams.rpki-client.org