Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/cpA6LicCqU2bjsquqvJA1PV7txM.roa
File: cpA6LicCqU2bjsquqvJA1PV7txM.roa (raw, json)
Hash identifier: kxyjsF2BSUq1GjLdLsIuYQY/x90l01ML9IiHDF7OnNg=
Subject key identifier: 72:90:3A:2E:27:02:A9:4D:9B:8E:CA:AE:AA:F2:40:D4:F5:7B:B7:13
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0325
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cpA6LicCqU2bjsquqvJA1PV7txM.roa
Signing time: Wed 08 May 2024 15:55:03 +0000
ROA not before: Wed 08 May 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 805 (0x325)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 8 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72903A2E2702A94D9B8ECAAEAAF240D4F57BB713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:16:02:09:40:13:1d:61:36:b1:cb:0e:db:d4:
ce:9d:22:96:a3:01:86:86:b5:bf:db:1f:c2:a1:24:
c8:f3:22:84:09:2e:b9:0e:53:d9:9e:f7:e1:63:22:
59:25:bc:c7:54:62:d6:4a:e0:bc:da:f4:b4:01:34:
3c:c1:a3:db:1c:15:ac:25:35:62:0d:0b:a0:eb:7b:
81:42:62:cf:f6:68:2f:da:82:ee:78:d5:08:82:dd:
6e:74:78:a0:a3:93:55:33:21:f8:89:0f:0e:ad:29:
87:4b:38:98:2b:77:3a:a2:30:1b:ec:b7:65:65:0e:
ff:5f:67:02:ba:83:e9:56:55:b3:6a:ad:ae:99:30:
8f:26:6f:21:ab:13:32:39:43:04:1a:af:5a:d6:f9:
d2:59:29:bd:9e:1d:0e:62:dd:20:7a:5e:2a:4a:02:
51:d0:01:a3:8a:b0:f2:dc:a2:77:91:f9:f8:ac:8b:
30:52:25:b0:6e:bc:30:8e:a8:bc:45:37:e7:da:64:
97:ee:64:24:60:77:0b:bb:a5:b0:ea:a1:d6:ff:99:
ad:55:80:a3:f5:08:a1:03:f7:d2:50:d3:62:75:ad:
5d:ed:8f:b5:9b:e6:e8:b6:6d:50:61:bc:85:7c:b1:
54:08:9b:4a:fa:50:5a:27:7b:8a:af:0c:af:38:c6:
98:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:90:3A:2E:27:02:A9:4D:9B:8E:CA:AE:AA:F2:40:D4:F5:7B:B7:13
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cpA6LicCqU2bjsquqvJA1PV7txM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:c0:87:bf:b6:25:90:b1:34:3e:ed:29:e6:80:7e:5e:46:a1:
d8:91:be:ed:5f:5c:54:24:f9:63:73:b6:b7:6e:84:41:90:b5:
b3:0e:7b:b2:46:79:a2:38:c8:d1:7b:86:1b:c6:dd:fe:30:6a:
01:12:09:5b:ef:3d:46:da:9b:07:27:79:51:78:9a:6f:9b:e2:
34:30:18:38:22:0a:ca:36:1a:c6:48:d3:d0:70:2f:2c:d1:d8:
09:4a:a4:86:ec:28:06:ee:ee:66:72:17:16:08:85:bc:c1:ab:
ae:75:93:cd:98:23:53:3c:6a:8d:82:55:7e:d8:b3:f1:30:4c:
b3:66:cc:a4:bf:38:25:9b:74:bf:7e:4b:a1:95:8e:fd:6b:eb:
d7:06:4d:a3:d5:18:9d:45:1a:03:de:da:5b:83:5b:57:47:b6:
95:08:b4:7b:d2:2b:71:a0:de:82:b2:bc:93:c1:05:1f:fb:a5:
58:26:c2:23:82:d0:b7:b8:b3:b5:20:10:68:a0:06:d3:e2:d2:
01:2f:c7:b3:59:ce:83:6c:fe:08:d2:9d:62:8d:aa:fa:0f:cd:
ca:a6:75:2b:21:a1:4b:32:44:6a:60:0e:47:b5:bd:35:53:7a:
96:a3:ae:a2:40:ff:71:24:20:48:61:79:3f:46:0e:c2:38:8f:
7a:73:2d:5b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAyUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDgx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDcyOTAzQTJFMjcwMkE5
NEQ5QjhFQ0FBRUFBRjI0MEQ0RjU3QkI3MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNFgIJQBMdYTaxyw7b1M6dIpajAYaGtb/bH8KhJMjzIoQJLrkO
U9me9+FjIlklvMdUYtZK4Lza9LQBNDzBo9scFawlNWINC6Dre4FCYs/2aC/agu54
1QiC3W50eKCjk1UzIfiJDw6tKYdLOJgrdzqiMBvst2VlDv9fZwK6g+lWVbNqra6Z
MI8mbyGrEzI5QwQar1rW+dJZKb2eHQ5i3SB6XipKAlHQAaOKsPLconeR+fisizBS
JbBuvDCOqLxFN+faZJfuZCRgdwu7pbDqodb/ma1VgKP1CKED99JQ02J1rV3tj7Wb
5ui2bVBhvIV8sVQIm0r6UFone4qvDK84xpjTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUcpA6LicCqU2bjsquqvJA1PV7txMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2NwQTZMaWNDcVUyYmpz
cXVxdkpBMVBWN3R4TS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALbAh7+2JZCxND7tKeaAfl5GodiRvu1fXFQk
+WNztrduhEGQtbMOe7JGeaI4yNF7hhvG3f4wagESCVvvPUbamwcneVF4mm+b4jQw
GDgiCso2GsZI09BwLyzR2AlKpIbsKAbu7mZyFxYIhbzBq651k82YI1M8ao2CVX7Y
s/EwTLNmzKS/OCWbdL9+S6GVjv1r69cGTaPVGJ1FGgPe2luDW1dHtpUItHvSK3Gg
3oKyvJPBBR/7pVgmwiOC0Le4s7UgEGigBtPi0gEvx7NZzoNs/gjSnWKNqvoPzcqm
dSshoUsyRGpgDke1vTVTepajrqJA/3EkIEhheT9GDsI4j3pzLVs=
-----END CERTIFICATE-----
Generated at Wed May 8 23:03:51 2024 by rpki-client on console-ams.rpki-client.org