Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/XA2FiBpCFXxRD9GDk-D3Pt2eqXE.roa
File: XA2FiBpCFXxRD9GDk-D3Pt2eqXE.roa (raw, json)
Hash identifier: pBrN/38yKS+yh15TcEeOM5vqF7uHvcm9jI+Id5u4afQ=
Subject key identifier: 5C:0D:85:88:1A:42:15:7C:51:0F:D1:83:93:E0:F7:3E:DD:9E:A9:71
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 017E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XA2FiBpCFXxRD9GDk-D3Pt2eqXE.roa
Signing time: Fri 22 Mar 2024 15:55:03 +0000
ROA not before: Fri 22 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 382 (0x17e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 22 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5C0D85881A42157C510FD18393E0F73EDD9EA971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:89:53:42:37:69:26:8e:9f:a5:60:f6:39:eb:
50:53:7f:c4:1c:bf:b6:6f:5b:69:63:52:46:28:ce:
fb:34:c3:4e:32:bc:63:1c:59:32:65:b5:55:d7:b7:
85:59:48:c7:1d:29:3b:d1:f6:a2:89:d4:5b:64:18:
0a:73:0b:3d:b4:fc:f4:42:20:a1:1c:d4:18:66:2c:
45:82:15:4f:56:76:83:d3:56:e3:f3:19:69:a3:7a:
7a:50:98:2e:96:49:ce:94:a5:70:3f:70:97:c2:e1:
e9:cc:8d:59:e0:fd:02:86:89:5f:72:68:f4:83:0e:
e7:14:84:68:3c:20:37:07:3b:19:10:2e:78:3c:18:
3e:99:47:4d:44:d3:7c:c6:78:ef:d2:42:64:0e:39:
f2:04:2d:a0:c6:8c:27:41:11:05:e2:13:45:5c:f3:
82:24:8d:2f:f9:7c:0f:10:da:0a:bc:2e:7e:3e:55:
ac:80:a9:e3:22:19:34:06:17:19:0c:a6:d3:90:4d:
40:e7:40:48:6d:3a:46:62:fe:98:aa:56:3d:55:0a:
69:e4:d1:f5:9d:98:83:67:80:16:f0:87:ac:f2:a9:
72:55:2c:22:84:f6:b2:59:fd:1f:b9:ab:57:38:bc:
eb:45:12:f7:d3:28:62:4f:a1:8b:7c:3a:2c:d5:e6:
d4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0D:85:88:1A:42:15:7C:51:0F:D1:83:93:E0:F7:3E:DD:9E:A9:71
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XA2FiBpCFXxRD9GDk-D3Pt2eqXE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
22:71:b8:18:95:c8:13:a5:b9:eb:45:71:31:48:f3:6f:6a:ac:
e0:81:d4:42:13:e7:58:cc:d2:ec:7b:30:17:30:a6:0f:5d:34:
b5:d7:2e:f6:05:5f:f1:6d:dd:04:d6:d6:58:18:11:50:8f:d6:
65:bf:d3:c1:7f:47:c0:eb:78:55:89:3f:6d:e0:71:e7:d1:95:
95:4d:08:31:79:f2:d0:ba:39:43:25:de:89:ce:3e:9c:bf:d2:
60:83:4b:f2:03:21:81:fd:95:d9:15:fe:cd:db:09:75:ff:c3:
41:5e:c8:87:1e:8f:1d:91:e5:13:47:c9:39:1f:39:7a:b7:a4:
6e:64:1d:0b:fd:50:a1:05:6a:34:71:44:3a:05:fa:3f:eb:9c:
54:81:22:49:e1:eb:05:4d:a2:07:9c:ff:15:4e:5c:4b:46:e9:
d7:a8:f2:5d:01:88:bd:52:99:98:7e:69:19:41:9c:1a:7c:4e:
02:6a:a0:08:06:6d:52:7d:be:b3:54:dd:fa:56:d8:65:23:78:
6e:17:8b:99:e0:83:4a:79:86:c7:b7:d8:16:32:be:97:c8:84:
d9:3a:5c:c7:58:f2:0c:88:da:ff:a8:0b:33:10:92:0e:bd:75:
5b:46:3e:cc:0b:9c:12:0b:bf:70:c5:32:d1:39:5b:61:4e:2b:
f5:5e:f3:f1
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVDMEQ4NTg4MUE0MjE1
N0M1MTBGRDE4MzkzRTBGNzNFREQ5RUE5NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7iVNCN2kmjp+lYPY561BTf8Qcv7ZvW2ljUkYozvs0w04yvGMc
WTJltVXXt4VZSMcdKTvR9qKJ1FtkGApzCz20/PRCIKEc1BhmLEWCFU9WdoPTVuPz
GWmjenpQmC6WSc6UpXA/cJfC4enMjVng/QKGiV9yaPSDDucUhGg8IDcHOxkQLng8
GD6ZR01E03zGeO/SQmQOOfIELaDGjCdBEQXiE0Vc84IkjS/5fA8Q2gq8Ln4+VayA
qeMiGTQGFxkMptOQTUDnQEhtOkZi/piqVj1VCmnk0fWdmINngBbwh6zyqXJVLCKE
9rJZ/R+5q1c4vOtFEvfTKGJPoYt8OizV5tRdAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUXA2FiBpCFXxRD9GDk+D3Pt2eqXEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1hBMkZpQnBDRlh4UkQ5
R0RrLUQzUHQyZXFYRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACJxuBiVyBOluetFcTFI829qrOCB1EIT51jM
0ux7MBcwpg9dNLXXLvYFX/Ft3QTW1lgYEVCP1mW/08F/R8DreFWJP23gcefRlZVN
CDF58tC6OUMl3onOPpy/0mCDS/IDIYH9ldkV/s3bCXX/w0FeyIcejx2R5RNHyTkf
OXq3pG5kHQv9UKEFajRxRDoF+j/rnFSBIknh6wVNogec/xVOXEtG6deo8l0BiL1S
mZh+aRlBnBp8TgJqoAgGbVJ9vrNU3fpW2GUjeG4Xi5ngg0p5hse32BYyvpfIhNk6
XMdY8gyI2v+oCzMQkg69dVtGPswLnBILv3DFMtE5W2FOK/Ve8/E=
-----END CERTIFICATE-----
Generated at Fri Mar 22 23:52:03 2024 by rpki-client on console-ams.rpki-client.org