Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/VN1i1CjFpf1HQZqO04ti-GmkJJM.roa
File: VN1i1CjFpf1HQZqO04ti-GmkJJM.roa (raw, json)
Hash identifier: sRUllPSJHJvIcr98Ew7uDLrfuh75hYS5XypykhK369Q=
Subject key identifier: 54:DD:62:D4:28:C5:A5:FD:47:41:9A:8E:D3:8B:62:F8:69:A4:24:93
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0181
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/VN1i1CjFpf1HQZqO04ti-GmkJJM.roa
Signing time: Fri 22 Mar 2024 23:55:03 +0000
ROA not before: Fri 22 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385 (0x181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 22 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54DD62D428C5A5FD47419A8ED38B62F869A42493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b8:51:b3:59:bf:24:fb:dd:6e:b6:c9:50:a9:
84:c5:64:98:3a:cf:4e:18:60:5f:39:33:84:dc:80:
8c:55:ed:c7:05:5e:b7:bf:fb:f0:d4:31:8f:b6:41:
e6:1a:91:10:33:c7:70:66:d4:c7:b8:31:ce:23:2d:
86:3c:31:11:55:01:ac:8a:55:bc:03:fd:d3:13:47:
07:70:a4:52:5b:7b:3b:a9:af:ce:f9:21:fa:4d:42:
cb:d5:3e:1a:f8:b3:29:ec:f2:af:eb:cb:6a:d6:3d:
c0:92:bf:82:99:ce:9d:22:3b:f8:56:5e:62:4a:68:
80:a4:03:65:52:46:54:eb:17:42:63:6e:b0:82:41:
58:9e:41:6a:9a:0a:d5:db:1b:81:fc:2b:21:77:5f:
a1:06:12:89:1c:3b:d6:32:f9:78:cb:60:49:fe:c0:
17:d5:5f:27:b6:15:b9:0a:91:16:be:58:9a:25:f6:
a0:73:76:44:93:b4:95:d5:be:79:96:68:93:16:18:
8b:d7:18:e9:40:bc:93:3a:6b:65:87:3a:17:a5:69:
11:dd:a0:2f:65:d1:5b:54:3a:d5:33:ec:64:8c:3c:
3b:ca:66:9d:b5:ab:7b:9d:54:6c:c6:fb:44:fa:44:
5e:2e:6b:c0:13:ce:cb:7a:25:cb:ae:0e:46:ad:a7:
1b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DD:62:D4:28:C5:A5:FD:47:41:9A:8E:D3:8B:62:F8:69:A4:24:93
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/VN1i1CjFpf1HQZqO04ti-GmkJJM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:66:9b:26:c9:dd:96:d1:bb:ff:13:96:21:d7:8a:c1:43:1a:
d9:fa:02:a9:ca:62:7f:f3:cc:16:1a:24:ca:70:70:8d:08:84:
d0:0e:eb:0a:a5:14:49:8d:84:b4:e1:4e:f2:5d:5b:51:0f:52:
90:4e:e1:44:17:48:69:02:7c:67:96:24:66:12:a1:5d:e4:79:
2f:06:58:38:03:07:84:ed:00:d6:5b:81:91:9a:f9:fb:9d:c0:
29:0e:33:1e:7a:9d:cf:e5:6b:e4:33:85:9a:75:29:1d:42:ad:
87:d2:2c:dd:59:31:92:c6:7c:8f:fd:87:25:26:a3:06:10:4b:
7d:f0:d4:35:08:dd:7f:9f:2f:80:80:e0:5c:35:d3:6d:ef:b8:
24:ca:f8:b0:a2:a0:ea:dc:c4:f0:4f:42:2f:bc:ee:45:45:1f:
3b:3b:6d:48:d4:7d:e3:c4:4f:c1:90:12:64:6a:8b:0c:12:ff:
9e:23:ef:cc:c8:86:15:65:cc:28:51:37:91:0b:a7:ab:bf:58:
63:e9:73:ca:b9:f1:6d:42:ae:e0:2b:44:fb:84:f1:23:22:dd:
16:3d:e0:85:4f:85:ab:4f:03:f5:2a:ef:e4:84:9b:7c:60:e9:
8c:e0:9c:c8:39:af:9c:69:00:30:44:99:51:1c:4f:29:26:89:
b0:87:75:66
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU0REQ2MkQ0MjhDNUE1
RkQ0NzQxOUE4RUQzOEI2MkY4NjlBNDI0OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTuFGzWb8k+91utslQqYTFZJg6z04YYF85M4TcgIxV7ccFXre/
+/DUMY+2QeYakRAzx3Bm1Me4Mc4jLYY8MRFVAayKVbwD/dMTRwdwpFJbezupr875
IfpNQsvVPhr4syns8q/ry2rWPcCSv4KZzp0iO/hWXmJKaICkA2VSRlTrF0JjbrCC
QVieQWqaCtXbG4H8KyF3X6EGEokcO9Yy+XjLYEn+wBfVXye2FbkKkRa+WJol9qBz
dkSTtJXVvnmWaJMWGIvXGOlAvJM6a2WHOhelaRHdoC9l0VtUOtUz7GSMPDvKZp21
q3udVGzG+0T6RF4ua8ATzst6JcuuDkatpxs7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUVN1i1CjFpf1HQZqO04ti+GmkJJMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1ZOMWkxQ2pGcGYxSFFa
cU8wNHRpLUdta0pKTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANRmmybJ3ZbRu/8TliHXisFDGtn6AqnKYn/z
zBYaJMpwcI0IhNAO6wqlFEmNhLThTvJdW1EPUpBO4UQXSGkCfGeWJGYSoV3keS8G
WDgDB4TtANZbgZGa+fudwCkOMx56nc/la+QzhZp1KR1CrYfSLN1ZMZLGfI/9hyUm
owYQS33w1DUI3X+fL4CA4Fw1023vuCTK+LCioOrcxPBPQi+87kVFHzs7bUjUfePE
T8GQEmRqiwwS/54j78zIhhVlzChRN5ELp6u/WGPpc8q58W1CruArRPuE8SMi3RY9
4IVPhatPA/Uq7+SEm3xg6YzgnMg5r5xpADBEmVEcTykmibCHdWY=
-----END CERTIFICATE-----
Generated at Sat Mar 23 05:07:10 2024 by rpki-client on console-ams.rpki-client.org