Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/_gyyKuvZp3DkIGRL2U8GL-203EA.roa
File: _gyyKuvZp3DkIGRL2U8GL-203EA.roa (raw, json)
Hash identifier: vCb9m2/nnDUB+axB0OT31jvgmQ7JwQ/5FmlWTela9J0=
Subject key identifier: FE:0C:B2:2A:EB:D9:A7:70:E4:20:64:4B:D9:4F:06:2F:ED:B4:DC:40
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0109
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/_gyyKuvZp3DkIGRL2U8GL-203EA.roa
Signing time: Sat 09 Mar 2024 15:55:03 +0000
ROA not before: Sat 09 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265 (0x109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 9 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=FE0CB22AEBD9A770E420644BD94F062FEDB4DC40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e2:99:6a:90:b9:ee:b5:85:0a:7b:79:c9:ea:
c5:85:8d:ca:7f:b9:c1:ab:eb:3c:a8:65:b2:31:d6:
68:3f:6d:72:58:e8:42:92:34:57:3c:ea:41:7c:0b:
fd:76:a2:7e:32:64:d0:e3:be:a7:0c:2e:e1:1b:c4:
7c:55:7b:2e:cf:4c:f2:a7:09:d1:65:a7:b8:4f:d7:
fb:8c:14:23:8b:da:4a:1a:36:38:1b:72:c5:be:79:
4e:9b:a4:55:04:11:dd:d6:03:d0:36:fd:58:2b:6e:
f4:fb:27:f0:7b:e0:4a:a4:f9:7e:c1:cc:cf:11:38:
da:1f:64:56:7f:07:f6:8e:cb:8b:83:cc:5c:23:aa:
b0:09:8d:7b:77:bb:a7:32:38:2e:be:4d:3b:b1:c7:
c5:cc:5d:62:53:01:2f:8b:c9:56:3b:8b:0c:56:22:
a0:12:27:b8:dd:23:39:0a:83:9b:a0:0f:76:39:b3:
f3:c1:66:67:6c:ef:57:d3:13:42:02:da:bd:df:77:
f7:e3:e3:e9:35:77:17:90:73:9d:04:0f:27:69:ed:
18:98:e9:5c:b5:06:e2:bf:bb:80:40:0d:a2:e9:28:
7e:7e:a9:0a:7c:b7:08:07:c3:dd:0e:27:4b:b1:34:
9b:dc:54:b3:96:39:aa:a7:c9:83:cf:d5:48:d1:b9:
1f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:0C:B2:2A:EB:D9:A7:70:E4:20:64:4B:D9:4F:06:2F:ED:B4:DC:40
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/_gyyKuvZp3DkIGRL2U8GL-203EA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:65:2e:37:0f:f0:b9:09:f1:b0:c2:5d:73:36:b6:29:8c:ea:
b3:9d:53:62:65:5e:54:41:d4:dc:28:5e:8a:92:d8:76:b7:72:
a8:6a:be:74:2b:06:e5:ae:0e:19:14:46:a0:bc:8c:ad:40:35:
19:53:ba:4a:c5:62:17:d1:6f:62:1b:d0:f3:50:71:97:aa:f4:
0a:e4:3c:87:ee:34:46:bd:c0:1c:80:16:99:2e:4f:91:25:01:
8f:75:27:24:ed:f0:ad:62:95:81:98:f3:d6:3f:d3:45:4b:9e:
0a:ab:7f:c6:18:ed:24:af:0f:e9:8f:ef:77:d2:9f:8f:cb:48:
d9:b6:2f:bd:86:65:52:3f:12:c0:a4:1b:ab:9e:2e:38:66:a1:
45:1a:70:a6:b9:04:7d:20:79:1b:1f:24:23:87:ad:e8:54:37:
06:b3:35:ec:37:09:4a:7a:49:d3:58:9f:f6:f0:f9:02:a3:ec:
1b:db:9a:11:fe:65:51:e8:38:91:36:b1:d5:c7:4e:41:97:42:
16:36:15:8a:e1:d4:e3:c7:6e:3b:a2:0f:c1:b8:63:f2:4e:db:
c7:f8:1a:54:98:12:83:72:19:fb:98:8b:dd:82:df:10:c1:e9:
3d:a2:0a:84:c0:09:0d:40:64:7a:5a:a6:99:48:10:0d:5a:9c:
89:42:e9:c5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDkx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEZFMENCMjJBRUJEOUE3
NzBFNDIwNjQ0QkQ5NEYwNjJGRURCNERDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ4plqkLnutYUKe3nJ6sWFjcp/ucGr6zyoZbIx1mg/bXJY6EKS
NFc86kF8C/12on4yZNDjvqcMLuEbxHxVey7PTPKnCdFlp7hP1/uMFCOL2koaNjgb
csW+eU6bpFUEEd3WA9A2/VgrbvT7J/B74Eqk+X7BzM8RONofZFZ/B/aOy4uDzFwj
qrAJjXt3u6cyOC6+TTuxx8XMXWJTAS+LyVY7iwxWIqASJ7jdIzkKg5ugD3Y5s/PB
Zmds71fTE0IC2r3fd/fj4+k1dxeQc50EDydp7RiY6Vy1BuK/u4BADaLpKH5+qQp8
twgHw90OJ0uxNJvcVLOWOaqnyYPP1UjRuR+rAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU/gyyKuvZp3DkIGRL2U8GL+203EAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL19neXlLdXZacDNEa0lH
UkwyVThHTC0yMDNFQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALJlLjcP8LkJ8bDCXXM2timM6rOdU2JlXlRB
1NwoXoqS2Ha3cqhqvnQrBuWuDhkURqC8jK1ANRlTukrFYhfRb2Ib0PNQcZeq9Ark
PIfuNEa9wByAFpkuT5ElAY91JyTt8K1ilYGY89Y/00VLngqrf8YY7SSvD+mP73fS
n4/LSNm2L72GZVI/EsCkG6ueLjhmoUUacKa5BH0geRsfJCOHrehUNwazNew3CUp6
SdNYn/bw+QKj7BvbmhH+ZVHoOJE2sdXHTkGXQhY2FYrh1OPHbjuiD8G4Y/JO28f4
GlSYEoNyGfuYi92C3xDB6T2iCoTACQ1AZHpapplIEA1anIlC6cU=
-----END CERTIFICATE-----
Generated at Sat Mar 9 20:40:54 2024 by rpki-client on console-ams.rpki-client.org