Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ZyJa-0guYlRwfFvsWvFjy0sTxPY.roa
File: ZyJa-0guYlRwfFvsWvFjy0sTxPY.roa (raw, json)
Hash identifier: 8UXw3fBmg+lvW2OzyIOxGUfwXmp5h5KF7/Dd8pg5c58=
Subject key identifier: 67:22:5A:FB:48:2E:62:54:70:7C:5B:EC:5A:F1:63:CB:4B:13:C4:F6
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01AE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ZyJa-0guYlRwfFvsWvFjy0sTxPY.roa
Signing time: Wed 27 Mar 2024 23:55:03 +0000
ROA not before: Wed 27 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430 (0x1ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 27 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67225AFB482E6254707C5BEC5AF163CB4B13C4F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:28:69:c4:4d:13:a7:a6:31:4d:17:fa:61:ef:
68:d2:db:62:d4:ce:48:54:95:4c:09:22:41:58:44:
99:fa:b2:c2:cb:24:30:d0:6a:16:69:a8:d2:9b:b5:
9c:2e:0b:30:e4:b0:03:ef:43:e3:17:50:2f:5a:43:
07:cd:7d:6c:94:52:cb:15:99:05:30:2e:fe:e6:5c:
94:1e:87:69:49:5e:f3:8f:ab:63:ca:e8:cf:92:79:
b0:42:28:ac:db:a4:aa:2c:bc:c1:8a:1b:32:7b:ab:
73:4f:8e:1c:89:9d:bf:3e:3f:1e:4d:09:41:40:20:
a6:97:d3:6b:55:27:47:11:dc:84:c0:84:74:29:7a:
17:58:bb:a9:68:13:22:7e:b3:b0:00:10:e8:55:1d:
f0:a7:9a:cd:8e:94:23:23:42:94:0d:a5:fe:fb:84:
e1:13:05:07:7a:8c:79:ca:9d:b8:f4:be:33:0f:b6:
7d:96:4f:52:02:26:34:fb:0f:6e:59:ef:16:2c:d0:
77:cd:28:01:65:fb:88:cd:58:fd:e4:75:ba:c9:40:
45:d5:c4:54:4d:8e:cf:11:c9:6f:ad:e0:73:84:0a:
dc:bc:c1:50:64:1c:f8:47:8c:b7:a6:7d:d7:d4:24:
f3:02:a3:c8:d4:0f:fa:c5:51:f2:0e:b9:fa:e0:01:
2a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:22:5A:FB:48:2E:62:54:70:7C:5B:EC:5A:F1:63:CB:4B:13:C4:F6
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ZyJa-0guYlRwfFvsWvFjy0sTxPY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
30:87:fa:f8:ab:b6:e8:f1:a7:99:70:5f:47:73:11:90:66:86:
e2:b2:c2:eb:d2:89:ba:a3:4b:99:b1:5c:b1:24:fd:99:f3:61:
ad:82:03:8c:d6:65:19:32:64:4b:c9:ec:d6:b0:a7:17:46:ba:
92:ea:95:78:c0:ba:68:2b:4d:40:72:f7:9c:ec:14:fd:7e:9f:
db:56:99:31:50:ff:2e:ce:6c:5b:d7:3c:41:a4:02:ea:c7:45:
c8:fc:fc:ce:9a:06:48:f9:33:d4:fe:51:28:51:42:ec:3f:80:
f6:b3:62:6c:c7:ec:07:86:be:31:bb:5e:9a:55:c5:1d:c5:fd:
9e:83:51:57:db:54:96:de:bc:ab:26:23:45:ab:55:fd:0a:69:
f7:3f:0a:b9:db:93:86:7e:88:b8:68:38:e5:66:8c:bb:64:02:
82:97:23:57:5e:de:59:57:83:a3:4a:dc:32:b4:5d:50:be:50:
5f:d9:98:94:32:ff:e4:b7:84:a2:be:b4:54:5e:7a:ef:d5:d8:
ec:55:2a:c7:59:ff:3b:7b:15:98:df:d5:62:e0:c2:e0:50:ac:
f9:13:1a:91:de:cb:6e:7f:e2:a4:a2:f7:80:06:8a:52:b6:6d:
ea:e8:cb:f1:7b:44:5b:60:6f:41:ac:ca:b9:1c:f8:3b:07:eb:
ad:22:40:eb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjcy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY3MjI1QUZCNDgyRTYy
NTQ3MDdDNUJFQzVBRjE2M0NCNEIxM0M0RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5KGnETROnpjFNF/ph72jS22LUzkhUlUwJIkFYRJn6ssLLJDDQ
ahZpqNKbtZwuCzDksAPvQ+MXUC9aQwfNfWyUUssVmQUwLv7mXJQeh2lJXvOPq2PK
6M+SebBCKKzbpKosvMGKGzJ7q3NPjhyJnb8+Px5NCUFAIKaX02tVJ0cR3ITAhHQp
ehdYu6loEyJ+s7AAEOhVHfCnms2OlCMjQpQNpf77hOETBQd6jHnKnbj0vjMPtn2W
T1ICJjT7D25Z7xYs0HfNKAFl+4jNWP3kdbrJQEXVxFRNjs8RyW+t4HOECty8wVBk
HPhHjLemfdfUJPMCo8jUD/rFUfIOufrgASr/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUZyJa+0guYlRwfFvsWvFjy0sTxPYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1p5SmEtMGd1WWxSd2ZG
dnNXdkZqeTBzVHhQWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADCH+virtujxp5lwX0dzEZBmhuKywuvSibqj
S5mxXLEk/ZnzYa2CA4zWZRkyZEvJ7NawpxdGupLqlXjAumgrTUBy95zsFP1+n9tW
mTFQ/y7ObFvXPEGkAurHRcj8/M6aBkj5M9T+UShRQuw/gPazYmzH7AeGvjG7XppV
xR3F/Z6DUVfbVJbevKsmI0WrVf0Kafc/Crnbk4Z+iLhoOOVmjLtkAoKXI1de3llX
g6NK3DK0XVC+UF/ZmJQy/+S3hKK+tFReeu/V2OxVKsdZ/zt7FZjf1WLgwuBQrPkT
GpHey25/4qSi94AGilK2beroy/F7RFtgb0Gsyrkc+DsH660iQOs=
-----END CERTIFICATE-----
Generated at Thu Mar 28 05:04:45 2024 by rpki-client on console-ams.rpki-client.org