Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hbFkn_cujzH9HdB9DeGYqFhfzls.roa
File: hbFkn_cujzH9HdB9DeGYqFhfzls.roa (raw, json)
Hash identifier: vdnr2HkSl1ss9nvuMi8+1Yzewmef4IQfo1r7CNTKM5M=
Subject key identifier: 85:B1:64:9F:F7:2E:8F:31:FD:1D:D0:7D:0D:E1:98:A8:58:5F:CE:5B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 044E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hbFkn_cujzH9HdB9DeGYqFhfzls.roa
Signing time: Mon 10 Jun 2024 15:55:03 +0000
ROA not before: Mon 10 Jun 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1102 (0x44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 10 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85B1649FF72E8F31FD1DD07D0DE198A8585FCE5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:f3:9a:74:76:9c:e8:59:f0:83:7b:39:2f:
14:b6:4e:07:b7:47:45:34:ca:a1:1b:9c:3f:96:05:
25:f0:f8:c8:54:22:85:22:8b:88:72:83:ce:71:80:
aa:ad:e0:8f:ef:7a:20:05:60:e6:f6:c6:5a:2b:69:
cd:d6:70:84:bc:7c:2d:d3:fb:0d:b9:45:6e:8e:eb:
87:ff:2a:8d:d0:04:db:84:df:4f:fd:b4:7d:d2:22:
2d:83:d7:b2:5b:06:db:1e:2a:c7:f2:20:53:03:39:
08:a3:68:d2:f5:89:75:30:c1:38:e0:bb:51:f4:cf:
86:fc:d0:ac:37:a1:bb:8d:90:53:af:9c:3f:24:d0:
e3:89:c0:32:7c:ef:45:42:c3:c2:07:1a:6f:5b:e6:
e3:74:c4:0a:4e:9b:b5:7e:8b:36:5d:42:7a:44:bf:
df:a1:01:e3:63:f7:75:22:c5:e5:4d:9c:03:75:45:
48:99:05:4b:58:fc:d6:38:4b:02:44:f1:b6:30:e5:
c8:7b:a1:a2:46:59:5f:80:54:56:a7:5a:dc:d6:99:
96:54:82:d1:29:7e:b3:fd:59:93:7b:7c:25:73:72:
38:21:42:32:45:b6:f9:ce:e2:73:79:3b:86:fa:65:
05:5a:66:44:6e:84:73:6c:7d:5b:3a:79:77:be:a9:
9a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B1:64:9F:F7:2E:8F:31:FD:1D:D0:7D:0D:E1:98:A8:58:5F:CE:5B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hbFkn_cujzH9HdB9DeGYqFhfzls.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
24:d0:37:b9:90:f8:e3:d8:da:20:cd:01:74:ff:53:4b:57:f7:
1d:a1:61:25:b2:56:45:36:2b:58:08:e8:38:f6:c0:91:cd:07:
83:d6:d3:78:e4:88:3b:78:85:54:95:ed:dd:56:ae:a1:06:56:
dc:49:a9:c7:d6:89:7f:11:31:76:42:4c:49:c8:6c:61:8f:31:
c5:e6:c9:d2:36:29:a7:1c:4c:c4:b0:a0:e5:3d:06:6b:a4:c4:
b1:80:bf:2f:75:c9:c0:37:7a:4e:5a:85:4a:e2:ab:bc:a1:47:
d3:3c:cb:b3:09:a6:ee:b5:03:06:66:6d:1f:33:c5:ff:bf:99:
9f:38:ea:5c:7e:95:1e:d4:ea:59:29:03:c3:1d:df:07:9f:0b:
81:0a:1d:22:a5:b9:66:56:ff:38:42:82:32:9f:1f:86:22:bb:
29:64:7e:7b:ab:a3:8b:0a:ea:d3:f9:85:54:48:82:6c:05:6e:
5b:ff:db:60:02:77:ed:9f:99:c2:82:28:48:29:7d:b0:7f:27:
f1:26:03:4c:0a:84:69:96:95:35:16:2b:6d:bc:a0:56:6d:94:
e7:7a:71:93:b9:8c:9c:df:cb:76:d7:47:4d:85:22:c3:fc:d1:
7c:27:4b:9b:61:99:d4:26:d2:c9:ec:f0:a4:01:92:85:96:c8:
f0:bf:1c:36
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MTAx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1QjE2NDlGRjcyRThG
MzFGRDFERDA3RDBERTE5OEE4NTg1RkNFNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHmvOadHac6Fnwg3s5LxS2Tge3R0U0yqEbnD+WBSXw+MhUIoUi
i4hyg85xgKqt4I/veiAFYOb2xlorac3WcIS8fC3T+w25RW6O64f/Ko3QBNuE30/9
tH3SIi2D17JbBtseKsfyIFMDOQijaNL1iXUwwTjgu1H0z4b80Kw3obuNkFOvnD8k
0OOJwDJ870VCw8IHGm9b5uN0xApOm7V+izZdQnpEv9+hAeNj93UixeVNnAN1RUiZ
BUtY/NY4SwJE8bYw5ch7oaJGWV+AVFanWtzWmZZUgtEpfrP9WZN7fCVzcjghQjJF
tvnO4nN5O4b6ZQVaZkRuhHNsfVs6eXe+qZrnAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhbFkn/cujzH9HdB9DeGYqFhfzlswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hiRmtuX2N1anpIOUhk
QjlEZUdZcUZoZnpscy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACTQN7mQ+OPY2iDNAXT/U0tX9x2hYSWyVkU2
K1gI6Dj2wJHNB4PW03jkiDt4hVSV7d1WrqEGVtxJqcfWiX8RMXZCTEnIbGGPMcXm
ydI2KaccTMSwoOU9BmukxLGAvy91ycA3ek5ahUriq7yhR9M8y7MJpu61AwZmbR8z
xf+/mZ846lx+lR7U6lkpA8Md3wefC4EKHSKluWZW/zhCgjKfH4Yiuylkfnuro4sK
6tP5hVRIgmwFblv/22ACd+2fmcKCKEgpfbB/J/EmA0wKhGmWlTUWK228oFZtlOd6
cZO5jJzfy3bXR02FIsP80XwnS5thmdQm0sns8KQBkoWWyPC/HDY=
-----END CERTIFICATE-----
Generated at Mon Jun 10 22:36:07 2024 by rpki-client on console-ams.rpki-client.org