Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ddDFelH6sFHYTl1ye_QLReeU3CI.roa
File: ddDFelH6sFHYTl1ye_QLReeU3CI.roa (raw, json)
Hash identifier: 7YO8ZTjkPBROhb1p7vAZRWWJwMfzgnGyMt23Pf/uZ58=
Subject key identifier: 75:D0:C5:7A:51:FA:B0:51:D8:4E:5D:72:7B:F4:0B:45:E7:94:DC:22
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 40
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ddDFelH6sFHYTl1ye_QLReeU3CI.roa
Signing time: Fri 16 Feb 2024 07:55:03 +0000
ROA not before: Fri 16 Feb 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 16 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75D0C57A51FAB051D84E5D727BF40B45E794DC22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:41:42:e1:45:77:f3:36:6f:63:cd:11:d8:8e:
7a:25:18:65:1e:11:61:f5:7a:c5:e7:02:d2:84:ac:
5e:89:48:4b:79:0c:5a:e8:29:86:52:40:68:93:a4:
e1:fe:90:c7:04:47:6d:fe:fc:c7:05:28:05:f0:8d:
0a:40:64:fb:1a:52:05:47:4e:1d:c4:49:80:ee:97:
8e:bf:91:ca:8d:a0:29:52:32:ea:58:57:19:57:26:
1d:f5:2a:b2:5e:9b:e5:cf:3f:04:bf:a8:22:e3:15:
d8:93:0e:10:3b:9c:57:aa:68:7e:b0:4c:96:09:9f:
f1:7c:7d:27:5e:45:ec:c5:b7:d0:3d:90:0a:72:ed:
16:ae:1f:21:f2:07:87:8d:0b:2c:8d:ae:52:16:39:
db:c0:3c:3d:e3:0d:28:46:fa:f4:aa:b7:06:7c:85:
55:5e:05:81:c5:33:78:5c:e2:8c:d8:91:38:3d:b4:
ca:b9:ce:1e:be:e0:60:2b:e7:b1:af:d6:34:f5:a6:
38:bb:98:9c:29:42:1e:34:e4:c7:d8:34:32:84:53:
9f:06:a0:10:c0:61:67:03:d7:7a:db:77:a3:3a:9a:
50:e1:a1:8a:2d:38:36:76:c8:d0:c9:e3:31:9c:15:
5a:fe:76:3e:43:7c:69:77:dc:65:0d:d6:df:2b:c1:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D0:C5:7A:51:FA:B0:51:D8:4E:5D:72:7B:F4:0B:45:E7:94:DC:22
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ddDFelH6sFHYTl1ye_QLReeU3CI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
de:f6:65:ee:48:2c:33:18:08:29:6d:60:27:8e:18:06:74:4f:
fb:98:e6:86:5b:8f:0c:8d:61:af:8d:54:96:33:50:a9:43:fd:
87:ac:30:c2:fa:1b:25:58:65:0e:a2:6e:8d:4b:64:db:e8:dc:
fa:1c:2e:b7:c6:0a:57:cb:3c:c3:a1:37:b4:35:88:a1:fd:44:
22:6e:8f:da:84:47:7b:dc:77:3e:1c:1b:9d:c1:bc:06:85:43:
ee:46:de:0c:91:d6:55:75:26:85:f9:69:33:25:0f:c4:e3:c4:
bc:fe:06:d2:75:9a:c9:f6:b0:14:c3:6c:00:46:3b:e6:11:b1:
8f:89:c9:e2:46:ad:78:59:5c:c4:8d:b2:fe:72:cd:2e:88:ea:
04:c5:ca:9e:42:df:d1:2c:cb:96:2c:1c:f7:aa:15:c4:2c:47:
27:4c:8b:22:44:1c:ca:dc:4e:e0:55:d8:cd:73:7f:27:28:81:
29:ef:e2:60:0b:ab:6a:0b:99:af:3d:64:f3:84:5c:2c:18:79:
85:5c:ea:10:d3:73:7e:0e:74:21:b7:fa:1d:26:93:8f:66:cc:
db:7d:f9:e9:5c:ac:e3:f5:b5:df:b1:8d:9a:87:11:7a:4d:8d:
7b:fb:af:d7:9d:2b:49:dc:35:0b:38:49:47:7e:ed:c8:2d:79:
d6:8f:44:cc
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNjA3
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVEMEM1N0E1MUZBQjA1
MUQ4NEU1RDcyN0JGNDBCNDVFNzk0REMyMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMVBQuFFd/M2b2PNEdiOeiUYZR4RYfV6xecC0oSsXolIS3kMWugp
hlJAaJOk4f6QxwRHbf78xwUoBfCNCkBk+xpSBUdOHcRJgO6Xjr+Ryo2gKVIy6lhX
GVcmHfUqsl6b5c8/BL+oIuMV2JMOEDucV6pofrBMlgmf8Xx9J15F7MW30D2QCnLt
Fq4fIfIHh40LLI2uUhY528A8PeMNKEb69Kq3BnyFVV4FgcUzeFzijNiROD20yrnO
Hr7gYCvnsa/WNPWmOLuYnClCHjTkx9g0MoRTnwagEMBhZwPXett3ozqaUOGhii04
NnbI0MnjMZwVWv52PkN8aXfcZQ3W3yvBg98CAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBR10MV6UfqwUdhOXXJ79AtF55TcIjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvZGRERmVsSDZzRkhZVGwx
eWVfUUxSZWVVM0NJLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEA3vZl7kgsMxgIKW1gJ44YBnRP+5jmhluPDI1h
r41UljNQqUP9h6wwwvobJVhlDqJujUtk2+jc+hwut8YKV8s8w6E3tDWIof1EIm6P
2oRHe9x3PhwbncG8BoVD7kbeDJHWVXUmhflpMyUPxOPEvP4G0nWayfawFMNsAEY7
5hGxj4nJ4kateFlcxI2y/nLNLojqBMXKnkLf0SzLliwc96oVxCxHJ0yLIkQcytxO
4FXYzXN/JyiBKe/iYAuraguZrz1k84RcLBh5hVzqENNzfg50Ibf6HSaTj2bM2335
6Vys4/W137GNmocRek2Ne/uv150rSdw1CzhJR37tyC151o9EzA==
-----END CERTIFICATE-----
Generated at Fri Feb 16 15:29:02 2024 by rpki-client on console-ams.rpki-client.org