Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ab5kKVWxjAMkNSdVUT0JKSk6XAI.roa
File: ab5kKVWxjAMkNSdVUT0JKSk6XAI.roa (raw, json)
Hash identifier: Jrv6WsS2v8wnWpwwuarEWzc5OnNaDmqyY/yUDwEieQE=
Subject key identifier: 69:BE:64:29:55:B1:8C:03:24:35:27:55:51:3D:09:29:29:3A:5C:02
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0172
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ab5kKVWxjAMkNSdVUT0JKSk6XAI.roa
Signing time: Thu 21 Mar 2024 07:55:03 +0000
ROA not before: Thu 21 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 370 (0x172)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 21 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69BE642955B18C0324352755513D0929293A5C02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a0:f0:bf:cb:9e:30:88:87:0e:b8:56:f5:7b:
82:7e:94:92:98:2b:dd:7e:eb:84:de:cf:6d:00:0b:
7c:b0:1d:fb:29:94:0e:9e:9e:37:b5:4e:ca:7c:c4:
5e:80:a5:44:62:9d:c6:da:23:50:b1:5a:82:78:b8:
90:da:a1:1e:83:20:2d:bc:31:63:71:32:e7:7e:8c:
1b:c2:71:3f:38:2c:0c:22:50:60:cc:74:1c:8b:0c:
88:24:57:8c:75:c5:8e:4a:6c:67:10:19:df:3b:d9:
b3:bc:d2:87:a1:82:eb:20:75:2d:ac:a0:45:34:2d:
83:53:82:f8:dd:94:eb:e3:c5:32:ed:fc:8f:32:38:
1f:71:15:66:4b:7f:4e:b8:1d:1c:a4:01:ce:72:b6:
97:d5:5c:83:db:7d:83:86:b5:90:92:e8:82:45:d4:
0d:1e:93:ef:54:26:c9:99:53:fe:a9:89:99:2b:b9:
ea:9d:dd:e3:e6:c0:35:42:70:5f:bb:6d:d2:d1:46:
f6:3a:9d:3c:b1:28:76:0d:cb:26:33:52:bc:00:b3:
74:19:7a:a5:6f:15:1b:9d:5b:f0:26:a3:ce:f7:13:
b6:25:b8:78:23:b2:2b:cb:5c:cb:e9:05:0a:77:b5:
ca:d0:d4:15:36:4b:d2:60:ea:98:c6:2c:39:4c:0a:
16:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BE:64:29:55:B1:8C:03:24:35:27:55:51:3D:09:29:29:3A:5C:02
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ab5kKVWxjAMkNSdVUT0JKSk6XAI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a6:2b:87:fd:05:17:4b:7e:8a:c4:81:57:c3:52:1b:a5:8b:
1e:53:e6:fb:ec:9a:83:33:1d:02:1f:1a:bd:b0:41:72:b3:e2:
66:ff:c1:4d:4f:df:50:c0:10:76:54:ee:96:11:5a:b4:10:03:
4f:72:f1:94:7b:48:58:eb:8b:42:e4:af:06:23:c2:b3:8d:c4:
a0:fd:3e:65:ca:a6:c0:95:a9:5b:43:85:02:af:3e:cb:06:25:
69:82:55:cc:47:4c:38:d3:52:ce:ba:60:a6:78:04:59:86:c2:
82:e6:08:de:d6:6a:4a:d3:93:2e:f8:3a:40:fc:21:f3:25:c1:
b2:fa:4d:b5:80:96:c6:0d:13:05:fd:cb:67:52:4d:4b:f3:3c:
54:77:a8:37:6a:6f:11:56:32:75:43:14:0a:03:ae:ef:d9:26:
e4:04:93:52:b1:40:24:9c:0b:fd:77:18:39:df:be:91:27:fe:
fe:1a:c1:5f:e5:a2:7b:4b:c5:f2:e2:5f:d2:11:27:8b:e4:2d:
d3:79:69:c6:68:0b:c3:93:38:f1:4f:cd:d3:29:79:bf:17:cb:
90:38:d2:d6:d8:ad:48:75:10:af:b8:f0:9a:ca:cc:a0:2e:8b:
c1:51:fa:96:d4:18:a0:22:f1:b6:92:66:b0:76:3a:9d:71:bd:
e2:3b:63:8f
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY5QkU2NDI5NTVCMThD
MDMyNDM1Mjc1NTUxM0QwOTI5MjkzQTVDMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSoPC/y54wiIcOuFb1e4J+lJKYK91+64Tez20AC3ywHfsplA6e
nje1Tsp8xF6ApURincbaI1CxWoJ4uJDaoR6DIC28MWNxMud+jBvCcT84LAwiUGDM
dByLDIgkV4x1xY5KbGcQGd872bO80oehgusgdS2soEU0LYNTgvjdlOvjxTLt/I8y
OB9xFWZLf064HRykAc5ytpfVXIPbfYOGtZCS6IJF1A0ek+9UJsmZU/6piZkrueqd
3ePmwDVCcF+7bdLRRvY6nTyxKHYNyyYzUrwAs3QZeqVvFRudW/Amo873E7YluHgj
sivLXMvpBQp3tcrQ1BU2S9Jg6pjGLDlMChZ7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUab5kKVWxjAMkNSdVUT0JKSk6XAIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2FiNWtLVld4akFNa05T
ZFZVVDBKS1NrNlhBSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALymK4f9BRdLforEgVfDUhulix5T5vvsmoMz
HQIfGr2wQXKz4mb/wU1P31DAEHZU7pYRWrQQA09y8ZR7SFjri0LkrwYjwrONxKD9
PmXKpsCVqVtDhQKvPssGJWmCVcxHTDjTUs66YKZ4BFmGwoLmCN7WakrTky74OkD8
IfMlwbL6TbWAlsYNEwX9y2dSTUvzPFR3qDdqbxFWMnVDFAoDru/ZJuQEk1KxQCSc
C/13GDnfvpEn/v4awV/lontLxfLiX9IRJ4vkLdN5acZoC8OTOPFPzdMpeb8Xy5A4
0tbYrUh1EK+48JrKzKAui8FR+pbUGKAi8baSZrB2Op1xveI7Y48=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org