Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Y9_OJnoOC3eXq6AcQCL1eAOt8tE.roa
File: Y9_OJnoOC3eXq6AcQCL1eAOt8tE.roa (raw, json)
Hash identifier: SM+u+Vvo7Q02WhqbZsT11q5AhMuYRXgsPfbZ0V899uM=
Subject key identifier: 63:DF:CE:26:7A:0E:0B:77:97:AB:A0:1C:40:22:F5:78:03:AD:F2:D1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01BA
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Y9_OJnoOC3eXq6AcQCL1eAOt8tE.roa
Signing time: Fri 29 Mar 2024 07:55:03 +0000
ROA not before: Fri 29 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 442 (0x1ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 29 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63DFCE267A0E0B7797ABA01C4022F57803ADF2D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4d:80:9b:0e:0e:85:a4:8c:4f:97:c7:ac:0d:
ed:de:5c:4e:de:24:5f:d3:4e:f5:69:d7:26:31:57:
e2:73:23:38:08:dd:84:46:36:f8:08:6c:82:7d:a4:
ed:61:d7:f2:84:3e:0f:5d:21:e2:e1:5c:63:73:fb:
81:3a:9c:40:a9:89:e0:92:f8:93:b2:62:a9:a4:69:
a3:52:12:81:ac:c2:d8:3c:7e:fe:d8:69:d5:e2:bb:
37:68:42:47:af:6a:83:ed:30:c6:75:41:03:64:94:
9e:b3:9f:ac:12:b2:a7:db:61:de:8e:f1:35:b5:ec:
3e:77:9e:63:eb:c3:da:c0:4d:f6:04:33:72:cc:cb:
9e:eb:8e:f8:0d:27:28:e4:04:18:6e:79:e4:49:a9:
49:7f:6f:ee:00:0f:6b:61:9f:21:95:cf:59:6b:a5:
02:d7:8d:dc:7e:3b:c1:77:d7:00:fa:37:5c:b9:e7:
c6:d0:40:48:f2:34:18:84:dc:f9:6c:fa:88:29:3a:
38:88:20:2a:33:76:15:3e:ac:80:39:ec:a9:3c:5f:
11:49:1a:e8:48:fd:01:7d:e9:3b:f4:46:ec:90:47:
3a:36:5e:07:be:d4:ae:b0:04:ed:9f:6b:5d:1f:49:
95:41:a2:43:3b:3b:cb:05:90:93:f8:ca:fe:2b:8d:
69:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DF:CE:26:7A:0E:0B:77:97:AB:A0:1C:40:22:F5:78:03:AD:F2:D1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Y9_OJnoOC3eXq6AcQCL1eAOt8tE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
91:3a:2c:c2:98:14:5c:41:a2:18:f7:55:b8:f7:8f:10:0c:8c:
33:10:54:6d:48:2b:70:93:d6:4c:5a:51:48:5d:c5:5f:f2:c3:
7b:59:11:78:8d:11:a2:79:e5:53:df:92:f2:b5:ac:34:04:1f:
75:8b:3f:5a:14:a4:43:ed:c7:1b:40:a9:98:38:af:e6:88:03:
b4:05:e4:84:1a:fd:1e:a6:df:60:44:f1:64:d0:17:b6:fe:39:
26:10:6e:7f:69:be:68:2d:bd:c1:9c:a4:28:d6:eb:4f:89:ff:
35:54:41:cd:b5:c1:56:f2:d1:99:c1:3a:68:80:99:f6:2a:c2:
5c:e1:d2:cb:64:3a:14:58:62:42:d6:7a:ad:8d:f4:e0:d6:49:
7a:94:24:f5:9d:16:23:b9:e0:a6:e2:fb:2b:51:02:36:70:f0:
80:b9:37:24:3e:b2:9b:b8:31:60:9f:69:47:b3:c3:fa:1a:9d:
b0:56:ec:e4:1f:4e:37:2e:b2:08:24:2c:81:db:f8:44:70:11:
66:2a:71:ad:fc:b7:0c:1a:9c:eb:b3:a0:5e:04:81:b3:b4:0b:
3f:c4:58:cd:fd:55:39:63:c5:5d:93:e1:07:3c:38:eb:1d:90:
f4:25:55:4e:72:44:8c:d9:ef:d5:a1:4b:1d:f3:34:1e:69:33:
41:eb:47:be
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjkw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYzREZDRTI2N0EwRTBC
Nzc5N0FCQTAxQzQwMjJGNTc4MDNBREYyRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDTYCbDg6FpIxPl8esDe3eXE7eJF/TTvVp1yYxV+JzIzgI3YRG
NvgIbIJ9pO1h1/KEPg9dIeLhXGNz+4E6nECpieCS+JOyYqmkaaNSEoGswtg8fv7Y
adXiuzdoQkevaoPtMMZ1QQNklJ6zn6wSsqfbYd6O8TW17D53nmPrw9rATfYEM3LM
y57rjvgNJyjkBBhueeRJqUl/b+4AD2thnyGVz1lrpQLXjdx+O8F31wD6N1y558bQ
QEjyNBiE3Pls+ogpOjiIICozdhU+rIA57Kk8XxFJGuhI/QF96Tv0RuyQRzo2Xge+
1K6wBO2fa10fSZVBokM7O8sFkJP4yv4rjWkjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUY9/OJnoOC3eXq6AcQCL1eAOt8tEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1k5X09Kbm9PQzNlWHE2
QWNRQ0wxZUFPdDh0RS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJE6LMKYFFxBohj3Vbj3jxAMjDMQVG1IK3CT
1kxaUUhdxV/yw3tZEXiNEaJ55VPfkvK1rDQEH3WLP1oUpEPtxxtAqZg4r+aIA7QF
5IQa/R6m32BE8WTQF7b+OSYQbn9pvmgtvcGcpCjW60+J/zVUQc21wVby0ZnBOmiA
mfYqwlzh0stkOhRYYkLWeq2N9ODWSXqUJPWdFiO54Kbi+ytRAjZw8IC5NyQ+spu4
MWCfaUezw/oanbBW7OQfTjcusggkLIHb+ERwEWYqca38twwanOuzoF4EgbO0Cz/E
WM39VTljxV2T4Qc8OOsdkPQlVU5yRIzZ79WhSx3zNB5pM0HrR74=
-----END CERTIFICATE-----
Generated at Fri Mar 29 15:34:29 2024 by rpki-client on console-ams.rpki-client.org