Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/_zijB4dn8gb3TWsWslrfQhLujJk.roa
File: _zijB4dn8gb3TWsWslrfQhLujJk.roa (raw, json)
Hash identifier: aitlvd6jFnjMG7+dQVLKVp1QmtXV8vABq3W5/WtUD6k=
Subject key identifier: FF:38:A3:07:87:67:F2:06:F7:4D:6B:16:B2:5A:DF:42:12:EE:8C:99
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 013C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/_zijB4dn8gb3TWsWslrfQhLujJk.roa
Signing time: Fri 15 Mar 2024 07:55:03 +0000
ROA not before: Fri 15 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316 (0x13c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 15 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=FF38A3078767F206F74D6B16B25ADF4212EE8C99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:70:fc:7d:fd:e1:37:a0:06:5a:dd:4e:28:84:
21:d9:33:b4:55:97:41:04:72:4e:6d:5c:aa:63:35:
d7:ac:eb:c7:1c:84:aa:36:62:01:84:cc:47:66:cd:
1e:a2:c0:66:0e:12:82:a1:49:4d:07:88:79:c4:16:
fd:2f:cf:95:52:3f:c3:e5:3e:b1:4a:9e:81:51:d1:
b6:fe:17:ee:94:18:fc:de:6f:01:3c:7b:d0:d1:47:
82:f9:05:d1:12:2f:83:71:64:1a:5f:1f:7c:1f:1f:
93:64:c0:be:96:ca:80:63:42:5f:19:47:75:33:45:
e7:fb:2a:9c:f7:13:ff:2f:bb:22:cd:82:2b:50:85:
06:43:ec:65:67:35:7a:45:4b:be:e5:f0:fd:03:51:
68:7a:34:00:a4:e9:6c:11:26:60:ab:5a:cb:da:df:
8e:25:b0:90:27:d2:68:f6:d4:34:43:a9:79:25:3a:
6b:d7:e0:66:80:89:b9:17:cd:5c:26:29:1c:be:02:
cd:ad:05:cb:47:3b:f7:be:05:e6:b0:fd:29:ee:f9:
b6:4c:bc:07:f2:6f:eb:69:5a:b4:55:e1:9d:0b:b7:
62:26:c7:73:6d:65:4b:3a:48:b6:1e:b7:0a:9e:ae:
b5:e2:93:1d:09:db:56:70:01:9d:d6:b5:3b:f5:4d:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:38:A3:07:87:67:F2:06:F7:4D:6B:16:B2:5A:DF:42:12:EE:8C:99
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/_zijB4dn8gb3TWsWslrfQhLujJk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:ba:5c:c6:55:70:55:81:25:6a:d4:3c:cf:b4:d5:34:2e:f7:
52:77:35:59:fd:af:9d:04:79:3c:3e:ed:03:f6:8b:7d:49:44:
a3:27:9b:13:4b:34:cf:21:00:23:91:b6:93:1e:75:f0:2e:80:
77:46:df:05:49:ab:c9:85:d2:b9:eb:3f:50:e0:23:75:24:87:
46:61:1c:ef:b0:4c:b0:db:8b:27:28:ac:b6:8b:d7:ac:86:d0:
b2:3c:b5:47:c1:b5:f4:02:3d:22:cd:1c:bd:d9:6d:9d:82:13:
dc:ca:19:85:21:68:f5:8a:4a:7b:e6:1a:e7:b7:4e:4b:c8:01:
dc:95:99:4f:4a:05:95:77:7f:32:a8:4e:d3:39:53:ee:18:69:
18:47:61:9a:3e:06:f1:7d:9e:98:46:80:5e:ae:4b:a4:35:d3:
9c:62:66:51:9a:2b:e8:83:b8:5b:7d:e2:c4:17:f5:e3:65:d4:
83:18:f6:ee:53:96:d9:21:30:00:75:2e:8c:b5:d5:8e:93:2c:
93:c4:00:04:c1:49:9f:8e:21:a1:24:6d:8f:60:6d:91:27:91:
a0:cf:f0:6e:67:52:79:c3:b5:94:67:52:fa:89:3b:76:a1:37:
35:cb:44:61:b1:b1:cb:6a:01:4b:9e:b7:c7:1f:9a:79:82:a3:
e7:92:f9:c8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICATwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTUw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEZGMzhBMzA3ODc2N0Yy
MDZGNzRENkIxNkIyNUFERjQyMTJFRThDOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTcPx9/eE3oAZa3U4ohCHZM7RVl0EEck5tXKpjNdes68cchKo2
YgGEzEdmzR6iwGYOEoKhSU0HiHnEFv0vz5VSP8PlPrFKnoFR0bb+F+6UGPzebwE8
e9DRR4L5BdESL4NxZBpfH3wfH5NkwL6WyoBjQl8ZR3UzRef7Kpz3E/8vuyLNgitQ
hQZD7GVnNXpFS77l8P0DUWh6NACk6WwRJmCrWsva344lsJAn0mj21DRDqXklOmvX
4GaAibkXzVwmKRy+As2tBctHO/e+Beaw/Snu+bZMvAfyb+tpWrRV4Z0Lt2Imx3Nt
ZUs6SLYetwqerrXikx0J21ZwAZ3WtTv1TbZZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU/zijB4dn8gb3TWsWslrfQhLujJkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL196aWpCNGRuOGdiM1RX
c1dzbHJmUWhMdWpKay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMS6XMZVcFWBJWrUPM+01TQu91J3NVn9r50E
eTw+7QP2i31JRKMnmxNLNM8hACORtpMedfAugHdG3wVJq8mF0rnrP1DgI3Ukh0Zh
HO+wTLDbiycorLaL16yG0LI8tUfBtfQCPSLNHL3ZbZ2CE9zKGYUhaPWKSnvmGue3
TkvIAdyVmU9KBZV3fzKoTtM5U+4YaRhHYZo+BvF9nphGgF6uS6Q105xiZlGaK+iD
uFt94sQX9eNl1IMY9u5TltkhMAB1Loy11Y6TLJPEAATBSZ+OIaEkbY9gbZEnkaDP
8G5nUnnDtZRnUvqJO3ahNzXLRGGxsctqAUuet8cfmnmCo+eS+cg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org