Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hZIQ-DDdDREDDJ8ne-_AKQhBC68.roa
File: hZIQ-DDdDREDDJ8ne-_AKQhBC68.roa (raw, json)
Hash identifier: 8HWy2VoSdF6nw5wQ5/oge7qNA9vwT4cLSQrFWL4VNWc=
Subject key identifier: 85:92:10:F8:30:DD:0D:11:03:0C:9F:27:7B:EF:C0:29:08:41:0B:AF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0640
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hZIQ-DDdDREDDJ8ne-_AKQhBC68.roa
Signing time: Sun 04 Aug 2024 23:55:04 +0000
ROA not before: Sun 04 Aug 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1600 (0x640)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 4 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=859210F830DD0D11030C9F277BEFC02908410BAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ea:68:de:9a:51:07:6f:ec:96:d1:e1:11:d8:
4d:f7:ae:fc:ec:16:52:d9:d4:75:c6:71:67:e8:73:
98:7e:92:80:f2:78:ab:e7:14:1d:51:8c:19:1b:9b:
b3:ab:2c:6c:f8:bd:cf:5a:69:68:05:a0:65:b8:b6:
81:93:39:a7:50:07:a0:03:db:31:17:62:25:18:c3:
fa:37:8f:ed:8a:60:89:6a:38:2d:89:30:ea:be:bb:
c1:b5:d1:95:3d:5e:5f:91:99:0f:97:8f:c0:ff:b6:
61:51:a9:15:ef:7a:09:0a:8b:1c:39:30:c9:a6:84:
44:24:27:5e:60:88:fb:a9:42:e5:59:d8:26:c1:b5:
55:9a:c0:cf:0b:66:32:74:bc:0f:7e:10:2b:b1:fe:
8b:f4:51:b0:78:fa:47:79:a6:29:1b:c0:5b:67:92:
e1:66:b2:ba:9b:ca:08:5e:ff:a0:86:29:6c:fe:f8:
98:53:3e:d5:ed:12:7b:02:2f:76:22:49:23:db:a2:
3d:cc:78:fd:9d:42:90:4c:32:66:df:1f:4b:2b:2b:
13:31:19:9d:95:d5:c4:3b:a0:7d:4b:69:84:9a:42:
20:5b:4d:1c:3d:a6:f0:47:bc:71:75:a0:2d:73:ca:
f3:de:26:4e:a4:9f:d1:64:c4:c7:db:b7:e6:16:05:
01:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:92:10:F8:30:DD:0D:11:03:0C:9F:27:7B:EF:C0:29:08:41:0B:AF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hZIQ-DDdDREDDJ8ne-_AKQhBC68.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a6:18:b6:01:e5:db:f6:72:07:da:fd:d7:23:9f:97:3e:d2:
ba:31:88:11:cd:3e:8e:3e:94:f9:93:8b:7e:2b:86:a4:fc:64:
5c:ed:a7:93:ce:04:95:3b:6f:98:29:8c:51:32:01:cb:ab:d9:
26:4c:40:4f:5f:ad:23:00:b0:2e:83:bb:af:81:1d:37:50:33:
cf:a1:9f:68:bc:33:13:fa:c7:2c:34:bd:88:0e:c0:5e:e7:5b:
16:18:e2:01:c7:0f:18:9e:ca:9a:3c:5c:26:9d:85:d5:99:40:
b6:54:e9:16:20:65:d3:c6:86:62:bf:27:c9:d3:ef:87:12:d4:
e0:78:af:3c:60:ad:db:2d:f4:07:e9:91:32:69:2e:70:6e:c0:
93:33:8c:ec:30:8d:92:12:9f:fc:f7:37:51:b5:6f:bf:27:42:
ce:a7:4c:ee:3d:dc:cb:b5:08:96:cb:72:23:d4:5c:b6:92:f4:
eb:ed:7b:e2:eb:83:5d:5f:e5:48:f9:40:71:67:2a:c6:ae:46:
4f:c3:d3:9f:7e:52:28:ed:e5:a7:e7:48:7e:74:d1:52:21:ea:
d6:82:ef:8e:22:5d:12:46:72:d8:6a:01:f3:19:4f:bf:09:63:
d6:c5:27:ba:bc:13:09:55:e0:36:3a:2f:3a:67:f9:2f:23:2f:
33:0e:d0:07
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MDQy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1OTIxMEY4MzBERDBE
MTEwMzBDOUYyNzdCRUZDMDI5MDg0MTBCQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV6mjemlEHb+yW0eER2E33rvzsFlLZ1HXGcWfoc5h+koDyeKvn
FB1RjBkbm7OrLGz4vc9aaWgFoGW4toGTOadQB6AD2zEXYiUYw/o3j+2KYIlqOC2J
MOq+u8G10ZU9Xl+RmQ+Xj8D/tmFRqRXvegkKixw5MMmmhEQkJ15giPupQuVZ2CbB
tVWawM8LZjJ0vA9+ECux/ov0UbB4+kd5pikbwFtnkuFmsrqbyghe/6CGKWz++JhT
PtXtEnsCL3YiSSPboj3MeP2dQpBMMmbfH0srKxMxGZ2V1cQ7oH1LaYSaQiBbTRw9
pvBHvHF1oC1zyvPeJk6kn9FkxMfbt+YWBQE/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhZIQ+DDdDREDDJ8ne+/AKQhBC68wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2haSVEtRERkRFJFRERK
OG5lLV9BS1FoQkM2OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFemGLYB5dv2cgfa/dcjn5c+0roxiBHNPo4+
lPmTi34rhqT8ZFztp5POBJU7b5gpjFEyAcur2SZMQE9frSMAsC6Du6+BHTdQM8+h
n2i8MxP6xyw0vYgOwF7nWxYY4gHHDxieypo8XCadhdWZQLZU6RYgZdPGhmK/J8nT
74cS1OB4rzxgrdst9AfpkTJpLnBuwJMzjOwwjZISn/z3N1G1b78nQs6nTO493Mu1
CJbLciPUXLaS9Ovte+Lrg11f5Uj5QHFnKsauRk/D059+Uijt5afnSH500VIh6taC
744iXRJGcthqAfMZT78JY9bFJ7q8EwlV4DY6Lzpn+S8jLzMO0Ac=
-----END CERTIFICATE-----
Generated at Mon Aug 5 06:31:44 2024 by rpki-client on console-ams.rpki-client.org