Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ddQP9XICeIvElpZxz_zU3OMjuOI.roa
File: ddQP9XICeIvElpZxz_zU3OMjuOI.roa (raw, json)
Hash identifier: rZrM7ImRAG25LFVSBh7dTQM6RYs0qEnsGvFUSNC4Om4=
Subject key identifier: 75:D4:0F:F5:72:02:78:8B:C4:96:96:71:CF:FC:D4:DC:E3:23:B8:E2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 02FB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ddQP9XICeIvElpZxz_zU3OMjuOI.roa
Signing time: Fri 03 May 2024 23:55:04 +0000
ROA not before: Fri 03 May 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 May 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 763 (0x2fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 3 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75D40FF57202788BC4969671CFFCD4DCE323B8E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:b5:0e:f7:19:7f:b3:60:5b:62:ac:fb:6c:
ae:d2:b6:26:93:00:79:9a:83:71:60:64:36:5e:67:
72:a3:52:67:89:41:00:13:4a:bf:82:b7:b7:17:f1:
ac:32:dc:63:cf:a6:64:19:cb:05:94:f6:ce:c5:fe:
36:06:41:c3:98:a5:f5:03:cc:57:68:2a:43:4d:17:
74:cc:36:d1:f2:97:71:63:9d:53:d8:44:f0:78:70:
07:a5:0c:95:dd:89:65:2e:f9:06:18:6b:18:63:6c:
44:d0:46:23:b9:cd:23:07:3b:e9:d5:58:70:e4:76:
c7:45:7d:74:fa:3f:4b:d6:05:a6:16:35:f1:0c:63:
01:86:c8:db:f3:85:db:0c:fa:ae:0d:57:27:5c:4f:
1f:8c:8f:0b:ce:54:79:81:cd:55:54:20:06:60:ad:
84:23:4c:cd:07:21:7e:28:31:73:d6:1a:20:a8:4f:
49:d1:81:f6:e6:f1:72:15:64:d8:e9:6f:68:bf:8d:
6b:39:81:3b:9f:c4:7e:34:38:f0:a4:26:21:5d:6a:
c5:32:22:5e:f0:21:bb:71:7e:34:29:98:fa:84:b4:
ce:b6:ae:0f:11:43:c6:ee:4d:8c:d8:8c:0a:d9:79:
75:80:04:5e:63:02:f0:a9:a6:be:f1:a0:eb:10:a6:
ef:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D4:0F:F5:72:02:78:8B:C4:96:96:71:CF:FC:D4:DC:E3:23:B8:E2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ddQP9XICeIvElpZxz_zU3OMjuOI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
70:87:50:fe:ea:db:47:01:0e:0a:32:a5:45:cc:3a:9d:b6:b3:
4c:25:95:46:2f:4b:54:64:3f:64:ca:4c:cb:9e:ef:87:62:4d:
0b:1c:e7:10:af:fb:85:b7:50:20:21:25:77:d8:26:6c:b3:9b:
c1:58:9c:af:78:ef:84:f1:33:09:aa:59:0c:33:9b:9d:f8:39:
a8:0a:ab:61:d2:cd:e2:07:b7:ef:a0:6d:41:ce:a7:bc:e5:a6:
7e:5f:59:63:16:07:22:7d:d0:2d:60:7e:1c:85:6b:7a:ad:9a:
5b:1a:87:5c:a9:ec:55:f0:0f:11:43:23:19:d2:5c:7f:b6:64:
0f:c3:81:9e:97:fb:ba:c0:5b:52:29:da:bb:b4:30:d4:c9:79:
9b:a9:e4:b0:99:6b:d7:cf:86:ae:c0:9c:72:5b:70:60:f5:e8:
34:9e:38:33:35:a9:ee:0c:0b:16:eb:6d:f5:9c:9a:45:f6:12:
09:c0:80:73:1a:50:fe:f3:c5:b1:12:fc:8f:78:b2:ad:0e:11:
8c:73:5b:ad:b8:bb:c6:2a:50:1c:ff:78:8c:a0:10:11:cd:25:
62:b1:84:61:87:e3:31:93:69:32:85:ab:0b:48:b2:93:7b:34:
01:0f:c7:4a:9b:99:57:6d:39:2e:6c:7b:3b:f0:36:cb:90:16:
d0:2a:c0:9d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDMy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDc1RDQwRkY1NzIwMjc4
OEJDNDk2OTY3MUNGRkNENERDRTMyM0I4RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1wbUO9xl/s2BbYqz7bK7StiaTAHmag3FgZDZeZ3KjUmeJQQAT
Sr+Ct7cX8awy3GPPpmQZywWU9s7F/jYGQcOYpfUDzFdoKkNNF3TMNtHyl3FjnVPY
RPB4cAelDJXdiWUu+QYYaxhjbETQRiO5zSMHO+nVWHDkdsdFfXT6P0vWBaYWNfEM
YwGGyNvzhdsM+q4NVydcTx+MjwvOVHmBzVVUIAZgrYQjTM0HIX4oMXPWGiCoT0nR
gfbm8XIVZNjpb2i/jWs5gTufxH40OPCkJiFdasUyIl7wIbtxfjQpmPqEtM62rg8R
Q8buTYzYjArZeXWABF5jAvCppr7xoOsQpu8vAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUddQP9XICeIvElpZxz/zU3OMjuOIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2RkUVA5WElDZUl2RWxw
Wnh6X3pVM09NanVPSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHCHUP7q20cBDgoypUXMOp22s0wllUYvS1Rk
P2TKTMue74diTQsc5xCv+4W3UCAhJXfYJmyzm8FYnK9474TxMwmqWQwzm534OagK
q2HSzeIHt++gbUHOp7zlpn5fWWMWByJ90C1gfhyFa3qtmlsah1yp7FXwDxFDIxnS
XH+2ZA/DgZ6X+7rAW1Ip2ru0MNTJeZup5LCZa9fPhq7AnHJbcGD16DSeODM1qe4M
CxbrbfWcmkX2EgnAgHMaUP7zxbES/I94sq0OEYxzW624u8YqUBz/eIygEBHNJWKx
hGGH4zGTaTKFqwtIspN7NAEPx0qbmVdtOS5sezvwNsuQFtAqwJ0=
-----END CERTIFICATE-----
Generated at Sat May 4 04:48:14 2024 by rpki-client on console-ams.rpki-client.org