Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/WEQz1uUz1hyZke3h0-ePX4WDB3U.roa
File: WEQz1uUz1hyZke3h0-ePX4WDB3U.roa (raw, json)
Hash identifier: DvVMGSBuiVs/yrDXNnFAcpGn11dNTs3cdc3G6i27Vcs=
Subject key identifier: 58:44:33:D6:E5:33:D6:1C:99:91:ED:E1:D3:E7:8F:5F:85:83:07:75
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 64
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WEQz1uUz1hyZke3h0-ePX4WDB3U.roa
Signing time: Tue 20 Feb 2024 07:55:02 +0000
ROA not before: Tue 20 Feb 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100 (0x64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 20 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=584433D6E533D61C9991EDE1D3E78F5F85830775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:b1:52:83:78:42:96:16:c8:6c:06:36:e1:
90:9b:7d:0b:16:bb:e5:d2:d3:18:92:da:26:70:fc:
99:35:52:28:4d:d0:dc:21:7c:1d:02:dc:c0:8f:d2:
22:80:89:79:3a:a0:a1:c8:be:ea:92:69:fd:aa:7b:
ea:a7:74:71:0d:95:05:89:16:ae:c2:c9:38:f1:f4:
f2:d7:71:4d:af:8c:c9:97:93:64:2f:59:4a:5c:98:
53:2c:ae:a6:4e:98:27:9d:81:be:a4:ac:0f:fe:e5:
09:31:5b:91:23:b0:6c:41:51:ee:26:a8:54:fe:b6:
c4:eb:21:bb:c2:d4:27:af:ac:0b:31:37:b7:12:f6:
e3:50:2d:d6:0d:90:f6:6a:7c:72:23:46:2a:0f:37:
83:c2:56:0a:02:09:18:e3:7b:5a:c4:b8:8c:df:ac:
60:f8:7f:ca:b5:81:ca:95:6c:43:66:5d:63:4c:91:
14:d2:fa:8d:b5:62:97:e6:c5:81:7a:34:1a:51:c9:
d6:85:c0:31:61:5a:41:d7:e0:ce:03:5a:78:e2:36:
cc:24:f0:82:33:d8:df:c1:aa:49:de:ae:3d:6b:90:
70:3e:f9:ec:f0:85:cb:fe:f6:a4:82:b1:ee:e4:ba:
ab:0d:f8:b2:5e:3f:99:e0:65:18:be:1e:75:91:49:
dc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:44:33:D6:E5:33:D6:1C:99:91:ED:E1:D3:E7:8F:5F:85:83:07:75
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WEQz1uUz1hyZke3h0-ePX4WDB3U.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
70:69:9f:64:5e:69:96:8f:70:f9:cc:b6:33:6f:7b:e7:89:c7:
79:bc:83:e6:e8:b2:54:13:3c:05:dd:2b:bc:fc:b3:d4:d8:70:
6b:4d:62:db:30:0e:eb:a4:e3:6c:e1:f7:78:a1:ff:de:42:54:
d7:ac:69:ef:70:fd:80:57:e2:30:7c:c8:9e:ac:8d:dc:3c:3d:
7a:c6:33:a6:87:62:54:10:36:88:ba:1f:c5:7a:2e:93:ff:2e:
98:2d:62:40:c1:30:72:52:2f:43:ba:26:22:02:54:05:b7:76:
63:88:3e:47:8f:19:a4:5c:96:db:eb:20:9e:b1:8a:e9:3c:d0:
e1:8c:2d:fb:01:dd:66:d2:1b:db:b2:30:f6:5e:9b:13:80:c7:
d3:0e:7f:13:00:9e:db:3d:75:ba:37:b3:d3:4b:95:35:3b:2c:
ba:24:ce:f7:e5:cf:2b:22:07:9d:a3:b5:fa:fb:08:26:02:f8:
1b:fc:99:88:f9:ab:09:60:1e:98:e1:51:a9:25:3a:1d:12:d9:
cd:3b:eb:5e:f8:c5:29:1d:75:69:9e:c2:f1:b9:b7:ee:0d:e4:
ac:da:72:3f:3d:75:ee:7d:93:0a:d9:dc:a3:66:2c:4c:c9:b3:
5e:e6:d0:aa:5f:f0:da:3d:9e:05:fe:86:cc:16:4c:62:4e:c5:
2b:f8:2c:84
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIyMDA3
NTUwMloXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg0NDMzRDZFNTMzRDYx
Qzk5OTFFREUxRDNFNzhGNUY4NTgzMDc3NTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALOMsVKDeEKWFshsBjbhkJt9Cxa75dLTGJLaJnD8mTVSKE3Q3CF8
HQLcwI/SIoCJeTqgoci+6pJp/ap76qd0cQ2VBYkWrsLJOPH08tdxTa+MyZeTZC9Z
SlyYUyyupk6YJ52BvqSsD/7lCTFbkSOwbEFR7iaoVP62xOshu8LUJ6+sCzE3txL2
41At1g2Q9mp8ciNGKg83g8JWCgIJGON7WsS4jN+sYPh/yrWBypVsQ2ZdY0yRFNL6
jbVil+bFgXo0GlHJ1oXAMWFaQdfgzgNaeOI2zCTwgjPY38GqSd6uPWuQcD757PCF
y/72pIKx7uS6qw34sl4/meBlGL4edZFJ3AkCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBRYRDPW5TPWHJmR7eHT549fhYMHdTAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvV0VRejF1VXoxaHlaa2Uz
aDAtZVBYNFdEQjNVLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAcGmfZF5plo9w+cy2M29754nHebyD5uiyVBM8
Bd0rvPyz1Nhwa01i2zAO66TjbOH3eKH/3kJU16xp73D9gFfiMHzInqyN3Dw9esYz
podiVBA2iLofxXouk/8umC1iQMEwclIvQ7omIgJUBbd2Y4g+R48ZpFyW2+sgnrGK
6TzQ4Ywt+wHdZtIb27Iw9l6bE4DH0w5/EwCe2z11ujez00uVNTssuiTO9+XPKyIH
naO1+vsIJgL4G/yZiPmrCWAemOFRqSU6HRLZzTvrXvjFKR11aZ7C8bm37g3krNpy
Pz117n2TCtnco2YsTMmzXubQql/w2j2eBf6GzBZMYk7FK/gshA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org