Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/b0eUONM47BqwBkWw4iJg9tKaAtc.roa
File: b0eUONM47BqwBkWw4iJg9tKaAtc.roa (raw, json)
Hash identifier: QLn3zkxHnePT6PsPzBDZW17f8RfwoY4K6uG33fMNDRY=
Subject key identifier: 6F:47:94:38:D3:38:EC:1A:B0:06:45:B0:E2:22:60:F6:D2:9A:02:D7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03AF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/b0eUONM47BqwBkWw4iJg9tKaAtc.roa
Signing time: Thu 23 May 2024 23:55:03 +0000
ROA not before: Thu 23 May 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943 (0x3af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 23 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6F479438D338EC1AB00645B0E22260F6D29A02D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7c:ba:cf:67:60:c5:49:ce:80:6f:22:8d:12:
7a:74:3a:1a:d0:cf:a8:ef:ac:71:e3:83:aa:cc:cf:
cf:9f:9f:a9:60:aa:95:de:99:b0:2c:ca:73:81:7c:
34:81:4b:58:79:e6:99:f8:eb:0a:bb:38:4f:ae:df:
3b:3e:90:0c:73:e1:22:b5:2c:b8:9d:fd:24:c4:d7:
68:aa:3d:cd:22:51:28:2b:25:31:e7:f1:33:f0:13:
d8:a7:9c:fe:5d:78:b8:38:4a:40:a7:8e:9c:13:ea:
68:28:ac:59:c1:dc:08:1b:bc:68:7e:98:a4:41:ae:
df:01:68:b0:65:e2:a9:da:9c:aa:8e:3b:e1:0d:e4:
f1:c2:ca:81:89:16:ec:9f:33:d4:2f:76:13:de:cc:
69:2d:ca:a0:7f:ce:87:ed:54:d2:af:8b:6b:4e:6a:
a9:8b:f1:f1:07:57:2c:e5:b2:d2:4b:7a:0c:ef:f8:
e6:0d:1c:f9:38:2c:54:e0:98:0e:4b:f7:37:c9:67:
77:81:89:62:14:19:e8:80:89:e2:42:9f:97:db:bb:
cd:2b:59:93:b6:ca:b9:62:cd:66:25:3c:ee:ee:37:
14:a3:bc:0a:c6:74:d1:7d:d8:04:5b:b8:d1:5d:c9:
42:91:fb:83:b3:69:aa:d2:f7:5e:76:fe:5b:1b:61:
31:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:47:94:38:D3:38:EC:1A:B0:06:45:B0:E2:22:60:F6:D2:9A:02:D7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/b0eUONM47BqwBkWw4iJg9tKaAtc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
82:45:77:cd:fa:07:0f:aa:8d:4e:53:73:f3:e3:0d:85:b7:04:
7e:36:45:95:e8:ef:18:29:b6:11:ac:69:03:62:26:13:57:f6:
c2:e9:5f:8d:f4:8f:37:97:de:cd:9a:fc:af:d4:7b:fb:26:a0:
f5:d3:ce:20:44:1b:3b:ef:6c:d4:b4:06:e5:aa:f4:75:b8:cd:
93:b4:00:b0:8c:77:e8:1b:aa:a4:7a:60:73:65:39:fd:f2:a0:
b6:c0:e8:ff:90:df:41:81:5b:d6:b3:38:15:d7:cd:8c:2a:b2:
f3:0d:30:99:08:88:7e:ab:38:13:11:41:a6:d4:d9:c2:d4:e1:
b4:7f:ea:0e:d6:e2:6e:5b:80:06:10:53:4e:38:a2:2d:1c:66:
a2:1b:75:94:39:c5:6c:26:3c:34:18:e6:9a:c8:9f:6e:99:0c:
4c:4d:d4:e5:c0:45:e3:f6:fe:f8:77:7a:4d:39:3c:22:6b:59:
4c:16:15:cf:3b:f5:a9:ab:d4:3d:9e:fe:c5:3e:4b:ad:13:e8:
c9:92:67:86:dd:a9:7b:e8:a7:84:b0:6f:1b:b3:ee:2e:5c:c2:
6b:14:a4:e1:55:50:73:cf:b1:6d:fe:74:e9:11:d1:f6:1b:a2:
35:3b:48:09:0a:51:17:6a:c0:39:f6:2c:0d:0a:5b:fa:f4:ac:
7e:32:9a:07
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MjMy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZGNDc5NDM4RDMzOEVD
MUFCMDA2NDVCMEUyMjI2MEY2RDI5QTAyRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGfLrPZ2DFSc6AbyKNEnp0OhrQz6jvrHHjg6rMz8+fn6lgqpXe
mbAsynOBfDSBS1h55pn46wq7OE+u3zs+kAxz4SK1LLid/STE12iqPc0iUSgrJTHn
8TPwE9innP5deLg4SkCnjpwT6mgorFnB3AgbvGh+mKRBrt8BaLBl4qnanKqOO+EN
5PHCyoGJFuyfM9QvdhPezGktyqB/zoftVNKvi2tOaqmL8fEHVyzlstJLegzv+OYN
HPk4LFTgmA5L9zfJZ3eBiWIUGeiAieJCn5fbu80rWZO2yrlizWYlPO7uNxSjvArG
dNF92ARbuNFdyUKR+4OzaarS9152/lsbYTHPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUb0eUONM47BqwBkWw4iJg9tKaAtcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2IwZVVPTk00N0Jxd0Jr
V3c0aUpnOXRLYUF0Yy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIJFd836Bw+qjU5Tc/PjDYW3BH42RZXo7xgp
thGsaQNiJhNX9sLpX430jzeX3s2a/K/Ue/smoPXTziBEGzvvbNS0BuWq9HW4zZO0
ALCMd+gbqqR6YHNlOf3yoLbA6P+Q30GBW9azOBXXzYwqsvMNMJkIiH6rOBMRQabU
2cLU4bR/6g7W4m5bgAYQU044oi0cZqIbdZQ5xWwmPDQY5prIn26ZDExN1OXAReP2
/vh3ek05PCJrWUwWFc879amr1D2e/sU+S60T6MmSZ4bdqXvop4Swbxuz7i5cwmsU
pOFVUHPPsW3+dOkR0fYbojU7SAkKURdqwDn2LA0KW/r0rH4ymgc=
-----END CERTIFICATE-----
Generated at Fri May 24 07:42:32 2024 by rpki-client on console-ams.rpki-client.org