Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/WH7iOuEEnN8lgO6_evnKQSldCEs.roa
File: WH7iOuEEnN8lgO6_evnKQSldCEs.roa (raw, json)
Hash identifier: Dy4VHAu7nPDJmo5qm8XBYEpx7NNiqaChznavrGykxmg=
Subject key identifier: 58:7E:E2:3A:E1:04:9C:DF:25:80:EE:BF:7A:F9:CA:41:29:5D:08:4B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0106
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WH7iOuEEnN8lgO6_evnKQSldCEs.roa
Signing time: Sat 09 Mar 2024 07:55:03 +0000
ROA not before: Sat 09 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 262 (0x106)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 9 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=587EE23AE1049CDF2580EEBF7AF9CA41295D084B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0f:36:16:ee:c4:b3:0b:5c:e3:63:fa:3a:3b:
e2:37:8b:29:ee:17:1d:b3:f0:d3:35:f3:6b:73:00:
0f:7c:b5:b1:ad:f0:b0:54:30:8c:aa:dd:53:f0:ef:
37:56:6b:54:87:14:25:1b:51:16:dd:29:f3:26:98:
87:9d:7d:fe:53:42:cd:1c:e4:60:19:28:bb:cf:10:
4b:b9:e9:1b:ce:33:f1:06:9a:0a:1d:e6:dc:7c:d1:
5f:94:00:2a:d7:2c:60:5e:4d:fa:a0:e7:69:08:2a:
cc:a2:ee:48:19:4a:a6:46:a9:19:dc:64:16:3d:87:
fc:34:49:18:8a:f2:68:0b:25:7b:09:ec:c2:78:c9:
77:14:7f:62:98:07:ce:4e:75:63:db:5b:dc:92:f7:
f0:7e:de:f6:57:49:39:f1:c4:e8:9e:b4:f5:98:5b:
60:df:1b:f5:f0:b0:4f:66:a0:76:64:79:95:3c:79:
af:9b:eb:6b:d7:bd:73:74:1e:f6:60:44:38:2a:c2:
e1:9d:e2:13:09:b7:6d:03:c9:42:4f:bc:95:22:19:
3d:60:d2:36:65:d3:40:96:7d:97:95:39:71:e3:37:
05:80:5d:07:92:a3:3e:5f:09:89:d8:2b:e3:b1:21:
bf:f0:e2:9b:f7:bb:05:e8:b6:98:75:7c:c1:08:80:
75:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7E:E2:3A:E1:04:9C:DF:25:80:EE:BF:7A:F9:CA:41:29:5D:08:4B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WH7iOuEEnN8lgO6_evnKQSldCEs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
73:45:6e:ce:3b:e9:d4:bc:b9:09:04:6d:e9:3e:7a:81:e5:12:
00:ac:6f:8c:a7:e5:6f:fd:99:aa:e7:8f:dc:38:a8:40:62:6d:
e4:76:2f:2f:0a:96:02:19:1e:41:56:b0:e3:e7:24:29:d1:45:
d1:8e:34:b2:a3:bb:1c:c1:90:74:69:17:b7:83:54:50:a2:c8:
b4:6c:fb:c4:ac:f2:2f:4a:da:b1:51:22:39:dd:ec:60:d5:06:
e8:be:3a:39:44:2f:1d:5b:ef:13:3b:8e:15:b2:60:10:32:49:
6a:46:f4:7d:4f:7e:3e:d9:ef:a1:0f:f6:c4:7f:a9:a5:db:b5:
8c:8c:53:db:30:21:c4:05:bd:ea:57:a6:86:a6:93:8b:ca:60:
fb:bd:9f:2f:31:09:8e:b7:f2:39:62:73:d5:3a:8e:fa:48:5a:
f1:00:00:f2:d7:53:97:bd:04:ac:48:79:0b:2c:d6:bb:4a:c1:
d4:9d:67:3b:b2:1a:24:81:33:8b:05:01:b3:e8:e1:9e:f5:7f:
17:7e:44:4f:69:7e:fd:59:ab:fd:02:e1:98:a5:bf:9a:04:69:
af:ed:1f:d2:93:1d:54:2b:3c:35:1d:3f:08:8c:bc:43:c9:23:
df:07:66:90:ea:67:e1:fe:1d:55:fd:8a:65:4a:18:03:f8:03:
6b:94:ad:ff
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDkw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU4N0VFMjNBRTEwNDlD
REYyNTgwRUVCRjdBRjlDQTQxMjk1RDA4NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIDzYW7sSzC1zjY/o6O+I3iynuFx2z8NM182tzAA98tbGt8LBU
MIyq3VPw7zdWa1SHFCUbURbdKfMmmIedff5TQs0c5GAZKLvPEEu56RvOM/EGmgod
5tx80V+UACrXLGBeTfqg52kIKsyi7kgZSqZGqRncZBY9h/w0SRiK8mgLJXsJ7MJ4
yXcUf2KYB85OdWPbW9yS9/B+3vZXSTnxxOietPWYW2DfG/XwsE9moHZkeZU8ea+b
62vXvXN0HvZgRDgqwuGd4hMJt20DyUJPvJUiGT1g0jZl00CWfZeVOXHjNwWAXQeS
oz5fCYnYK+OxIb/w4pv3uwXotph1fMEIgHW7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUWH7iOuEEnN8lgO6/evnKQSldCEswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1dIN2lPdUVFbk44bGdP
Nl9ldm5LUVNsZENFcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHNFbs476dS8uQkEbek+eoHlEgCsb4yn5W/9
marnj9w4qEBibeR2Ly8KlgIZHkFWsOPnJCnRRdGONLKjuxzBkHRpF7eDVFCiyLRs
+8Ss8i9K2rFRIjnd7GDVBui+OjlELx1b7xM7jhWyYBAySWpG9H1Pfj7Z76EP9sR/
qaXbtYyMU9swIcQFvepXpoamk4vKYPu9ny8xCY638jlic9U6jvpIWvEAAPLXU5e9
BKxIeQss1rtKwdSdZzuyGiSBM4sFAbPo4Z71fxd+RE9pfv1Zq/0C4Zilv5oEaa/t
H9KTHVQrPDUdPwiMvEPJI98HZpDqZ+H+HVX9imVKGAP4A2uUrf8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org