Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/h9IVajjwctyQ566KKzZVr_wTxz8.roa
File: h9IVajjwctyQ566KKzZVr_wTxz8.roa (raw, json)
Hash identifier: R6pyvEo4VoMNsKxIaMS5aQ0+7anyIeYry2IFriBby2w=
Subject key identifier: 87:D2:15:6A:38:F0:72:DC:90:E7:AE:8A:2B:36:55:AF:FC:13:C7:3F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 5B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/h9IVajjwctyQ566KKzZVr_wTxz8.roa
Signing time: Mon 19 Feb 2024 07:55:04 +0000
ROA not before: Mon 19 Feb 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91 (0x5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 19 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87D2156A38F072DC90E7AE8A2B3655AFFC13C73F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:65:b6:62:1a:2b:0b:16:85:35:c6:3e:63:e3:
b6:44:92:9a:e8:5f:af:09:53:d0:42:dc:3d:3c:b9:
17:15:16:48:98:f3:ac:82:b8:87:12:04:98:6b:e9:
df:79:85:bf:9d:d5:58:ca:1b:ff:a0:d5:14:04:2a:
d6:80:97:42:00:25:81:c3:d4:a1:75:54:1b:2c:a7:
49:27:aa:42:0c:d5:f1:77:1e:d4:54:b0:f9:4d:95:
9c:26:0f:8c:65:1b:26:51:55:72:49:33:9a:70:02:
b3:98:90:4b:b0:5b:55:7e:37:af:ca:7e:93:7d:4c:
23:51:99:13:63:67:52:63:8c:80:a5:5c:0a:ee:ff:
7f:fc:45:89:12:36:c8:b8:75:3e:4f:ee:54:9a:26:
89:40:6a:1c:78:f1:88:1d:ec:8c:34:86:f8:7d:09:
b9:60:4d:eb:80:6b:a3:c9:6b:e3:a3:f5:44:22:8c:
a5:9b:2f:ff:8c:3f:a3:00:2b:66:63:57:3b:2c:48:
a5:d3:0f:23:d8:0b:46:f2:a0:d3:ea:f6:08:14:84:
00:bf:d3:7e:bc:ac:7c:24:fe:60:53:b8:44:14:57:
85:b4:4a:a8:16:84:b3:d5:43:29:a8:07:ef:43:5c:
36:c3:80:21:f3:85:8c:4c:6d:93:e5:ca:4f:22:7c:
c5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D2:15:6A:38:F0:72:DC:90:E7:AE:8A:2B:36:55:AF:FC:13:C7:3F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/h9IVajjwctyQ566KKzZVr_wTxz8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0b:77:4e:6e:c1:a2:d3:81:76:86:92:6e:a1:b7:9a:a5:e4:
e8:bd:52:89:1b:69:c1:75:5e:5f:0a:ee:f6:9c:48:0f:29:e1:
6d:a1:3c:a8:f9:96:4f:c0:6e:81:63:53:f2:07:11:41:44:2f:
8b:00:9d:c5:f8:79:69:4e:51:d8:85:5a:09:cd:93:c2:98:84:
4c:aa:09:88:dd:1d:f5:c4:ee:92:48:70:a7:3a:37:2f:c1:7a:
63:95:90:15:5b:c2:a3:4b:7c:d3:2b:dc:ec:9b:f5:28:50:06:
80:9d:97:80:ad:b0:15:19:4b:c8:e5:84:03:6e:fe:1a:2d:93:
a3:a4:dd:d4:ae:09:a5:e3:36:0d:04:64:60:56:a0:a0:7d:5c:
82:7f:89:cb:84:9d:74:f5:e3:22:f5:96:0e:9b:38:d5:b8:2b:
92:2f:68:b7:13:b4:dc:20:7e:88:78:0b:aa:31:9b:a4:70:f1:
17:fe:e0:77:09:35:7c:ad:cc:ea:76:85:0c:25:3f:75:5b:dd:
46:fe:e3:d2:2b:cb:c6:b1:1f:4e:da:16:58:46:90:46:74:9c:
6a:ff:43:e7:02:e3:31:80:09:93:94:7e:f6:67:de:91:dd:d9:
26:4f:cb:04:ef:e7:d1:c1:fa:c0:af:4a:5d:97:9b:dd:0c:fe:
87:ab:d5:cd
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxOTA3
NTUwNFoXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdEMjE1NkEzOEYwNzJE
QzkwRTdBRThBMkIzNjU1QUZGQzEzQzczRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALdltmIaKwsWhTXGPmPjtkSSmuhfrwlT0ELcPTy5FxUWSJjzrIK4
hxIEmGvp33mFv53VWMob/6DVFAQq1oCXQgAlgcPUoXVUGyynSSeqQgzV8Xce1FSw
+U2VnCYPjGUbJlFVckkzmnACs5iQS7BbVX43r8p+k31MI1GZE2NnUmOMgKVcCu7/
f/xFiRI2yLh1Pk/uVJomiUBqHHjxiB3sjDSG+H0JuWBN64Bro8lr46P1RCKMpZsv
/4w/owArZmNXOyxIpdMPI9gLRvKg0+r2CBSEAL/TfrysfCT+YFO4RBRXhbRKqBaE
s9VDKagH70NcNsOAIfOFjExtk+XKTyJ8xd8CAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSH0hVqOPBy3JDnroorNlWv/BPHPzAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvaDlJVmFqandjdHlRNTY2
S0t6WlZyX3dUeHo4LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAFgt3Tm7BotOBdoaSbqG3mqXk6L1SiRtpwXVe
Xwru9pxIDynhbaE8qPmWT8BugWNT8gcRQUQviwCdxfh5aU5R2IVaCc2TwpiETKoJ
iN0d9cTukkhwpzo3L8F6Y5WQFVvCo0t80yvc7Jv1KFAGgJ2XgK2wFRlLyOWEA27+
Gi2To6Td1K4JpeM2DQRkYFagoH1cgn+Jy4SddPXjIvWWDps41bgrki9otxO03CB+
iHgLqjGbpHDxF/7gdwk1fK3M6naFDCU/dVvdRv7j0ivLxrEfTtoWWEaQRnScav9D
5wLjMYAJk5R+9mfekd3ZJk/LBO/n0cH6wK9KXZeb3Qz+h6vVzQ==
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:05:10 2024 by rpki-client on console-ams.rpki-client.org