Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/dbRsk5juMq3bQtRVHn4Fb7lpSdc.roa
File: dbRsk5juMq3bQtRVHn4Fb7lpSdc.roa (raw, json)
Hash identifier: UJWif+m7mClXqz+gwHwytJ1mJEI7KNbFEnU2o5TP7V0=
Subject key identifier: 75:B4:6C:93:98:EE:32:AD:DB:42:D4:55:1E:7E:05:6F:B9:69:49:D7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01A2
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/dbRsk5juMq3bQtRVHn4Fb7lpSdc.roa
Signing time: Tue 26 Mar 2024 15:55:03 +0000
ROA not before: Tue 26 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418 (0x1a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 26 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75B46C9398EE32ADDB42D4551E7E056FB96949D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:c5:11:0f:e2:ad:75:94:3d:68:a8:c7:e0:
74:70:1a:6a:43:1a:46:71:02:eb:4c:ae:66:fb:88:
b2:33:c2:72:13:e9:6a:62:e5:e0:67:83:15:f3:06:
0d:2a:d5:c0:89:bc:b6:a2:61:38:2e:71:86:03:15:
03:61:79:a6:56:2c:32:85:49:10:d5:a6:23:03:87:
6e:ef:1a:59:be:53:bf:b8:ea:3c:ae:11:7e:f2:cb:
3a:86:7f:ba:18:e0:00:00:b4:f9:f0:23:ef:b7:ba:
0f:85:23:73:17:34:c8:38:e8:dd:17:cb:02:9c:15:
ee:e7:3e:d6:71:78:4f:5c:aa:5b:63:a2:09:b1:6a:
8b:51:d9:58:cc:2d:11:0c:eb:d4:65:11:02:0f:22:
53:0f:0f:8f:9f:f1:52:3d:8a:c9:3e:a9:f5:b0:ba:
0d:d0:7a:e6:ac:9e:b8:77:53:db:57:09:1d:a4:79:
29:fb:aa:4c:88:7d:0c:26:1c:b1:71:24:e0:3d:2e:
2f:be:03:5a:dc:d4:a9:c7:2c:bf:bd:76:79:e2:39:
9c:ee:ea:32:ec:2b:27:59:69:15:5a:dd:2e:29:c7:
a7:dc:4b:84:e1:39:2c:d5:31:f6:aa:20:79:74:50:
3d:87:85:01:47:0c:6c:82:46:70:9f:b0:54:a1:1e:
53:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B4:6C:93:98:EE:32:AD:DB:42:D4:55:1E:7E:05:6F:B9:69:49:D7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/dbRsk5juMq3bQtRVHn4Fb7lpSdc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
59:3c:3b:37:8d:a5:dd:6e:97:4b:b1:23:10:59:60:0f:c0:6b:
3e:bc:c8:29:71:b3:f7:69:57:25:3a:64:d9:a8:76:9f:50:82:
09:e5:b4:29:f5:35:93:39:79:91:cd:a8:c3:b8:0a:ad:00:97:
f0:8b:ff:2c:41:10:1b:ce:ff:70:78:67:d3:24:3d:31:6a:b0:
28:b8:7c:3e:fe:df:2f:ab:bd:fd:d3:9b:b4:a2:3b:78:0a:ba:
27:72:9a:56:44:d4:56:9b:a5:f2:71:e5:a0:e4:bd:d1:33:be:
31:0a:15:c0:ae:ba:1c:f5:fd:0a:52:fd:78:5f:42:59:ea:78:
77:8d:52:a6:f9:41:de:d7:a3:58:8f:38:e5:be:2c:08:31:63:
5d:f8:21:35:ed:60:58:24:8e:05:ca:fd:d6:54:f7:8b:9c:d6:
60:d3:a2:d9:8a:fa:09:4a:0d:ce:8b:a8:01:01:02:e5:f7:f4:
0e:e2:40:b2:f7:80:06:c4:91:d0:c6:39:d7:50:7b:b3:6f:fc:
bc:a4:ab:ea:19:4d:01:d0:48:7b:bb:54:1d:19:e3:ba:d3:92:
33:02:8d:df:d1:0f:a2:d6:6a:bd:70:d3:f6:5c:a5:5e:43:31:
2d:a3:32:2e:9a:eb:a0:3f:b1:54:47:65:e9:da:e2:da:8b:59:
be:04:82:22
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjYx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDc1QjQ2QzkzOThFRTMy
QUREQjQyRDQ1NTFFN0UwNTZGQjk2OTQ5RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1xsURD+KtdZQ9aKjH4HRwGmpDGkZxAutMrmb7iLIzwnIT6Wpi
5eBngxXzBg0q1cCJvLaiYTgucYYDFQNheaZWLDKFSRDVpiMDh27vGlm+U7+46jyu
EX7yyzqGf7oY4AAAtPnwI++3ug+FI3MXNMg46N0XywKcFe7nPtZxeE9cqltjogmx
aotR2VjMLREM69RlEQIPIlMPD4+f8VI9isk+qfWwug3Qeuasnrh3U9tXCR2keSn7
qkyIfQwmHLFxJOA9Li++A1rc1KnHLL+9dnniOZzu6jLsKydZaRVa3S4px6fcS4Th
OSzVMfaqIHl0UD2HhQFHDGyCRnCfsFShHlPHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUdbRsk5juMq3bQtRVHn4Fb7lpSdcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2RiUnNrNWp1TXEzYlF0
UlZIbjRGYjdscFNkYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFk8OzeNpd1ul0uxIxBZYA/Aaz68yClxs/dp
VyU6ZNmodp9QggnltCn1NZM5eZHNqMO4Cq0Al/CL/yxBEBvO/3B4Z9MkPTFqsCi4
fD7+3y+rvf3Tm7SiO3gKuidymlZE1FabpfJx5aDkvdEzvjEKFcCuuhz1/QpS/Xhf
QlnqeHeNUqb5Qd7Xo1iPOOW+LAgxY134ITXtYFgkjgXK/dZU94uc1mDTotmK+glK
Dc6LqAEBAuX39A7iQLL3gAbEkdDGOddQe7Nv/Lykq+oZTQHQSHu7VB0Z47rTkjMC
jd/RD6LWar1w0/ZcpV5DMS2jMi6a66A/sVRHZena4tqLWb4EgiI=
-----END CERTIFICATE-----
Generated at Tue Mar 26 22:30:47 2024 by rpki-client on console-ams.rpki-client.org