Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hlKcxnKMF_DwTkuqbYAwgpDtpek.roa
File: hlKcxnKMF_DwTkuqbYAwgpDtpek.roa (raw, json)
Hash identifier: eSdrzvBKdgTAisS0M2puMp/khU845gYzy0VVaQTJl6Y=
Subject key identifier: 86:52:9C:C6:72:8C:17:F0:F0:4E:4B:AA:6D:80:30:82:90:ED:A5:E9
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0370
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hlKcxnKMF_DwTkuqbYAwgpDtpek.roa
Signing time: Thu 16 May 2024 23:55:03 +0000
ROA not before: Thu 16 May 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880 (0x370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 16 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86529CC6728C17F0F04E4BAA6D80308290EDA5E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:25:52:0f:1a:1f:bd:51:d5:0f:1b:17:c6:
d1:82:b2:f6:09:3b:c2:ee:a1:25:2f:d6:38:99:8d:
7e:48:9b:b0:09:7e:a1:49:5a:f5:0b:41:d9:bb:51:
35:f6:ea:ef:df:4b:a3:79:74:90:c8:f9:ae:8c:de:
84:ef:d0:c3:25:4b:32:2a:c0:05:85:9f:0d:31:b7:
ff:25:67:f5:a2:a1:e6:2e:a0:2a:98:db:e4:0f:9c:
ac:a4:28:b4:d6:ec:d8:e4:12:20:0a:61:78:6f:31:
3e:79:c7:45:9f:02:2b:40:7e:af:89:75:b7:ff:b3:
c1:91:0a:1c:22:b4:c4:26:6d:7f:ef:57:83:5c:f3:
01:14:d6:c0:64:f5:cb:a5:f6:3e:8e:02:3f:da:90:
8c:10:35:39:74:43:8f:84:da:81:61:36:12:43:5b:
35:ce:23:b9:44:f7:60:86:e7:31:d3:78:05:67:b5:
e0:dc:9b:b7:f0:b0:2a:c1:7d:31:58:89:0d:d9:18:
61:48:4d:d4:4d:bd:82:47:43:fc:06:ba:98:3e:dc:
8a:9a:19:5e:ce:1d:79:93:19:36:5f:16:b3:c9:a0:
89:2f:58:81:e5:61:42:32:09:aa:bf:ba:5d:57:32:
48:23:b4:5b:b7:2e:93:86:cb:d7:78:5b:b7:20:02:
48:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:52:9C:C6:72:8C:17:F0:F0:4E:4B:AA:6D:80:30:82:90:ED:A5:E9
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hlKcxnKMF_DwTkuqbYAwgpDtpek.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f0:4b:2e:38:39:11:12:2c:bc:5a:40:99:d3:6d:e6:47:8d:
7d:e6:3c:bd:b1:6c:40:4e:c6:4c:d6:3c:e4:1a:e6:5f:f7:dd:
6d:bd:33:b2:83:b6:01:ee:5f:d2:cf:48:86:5e:c2:02:47:b7:
74:15:d4:aa:b9:18:ef:b5:6b:33:ea:cd:50:db:ed:4f:fa:0b:
cf:b3:71:b6:d9:d9:5f:5b:7d:1f:3b:3b:41:ea:fe:3e:04:d6:
97:cd:e5:ab:33:96:51:1c:1a:00:e0:10:de:14:e3:b7:a0:58:
bc:64:30:a5:00:66:f3:0b:fe:08:7c:e1:c4:6e:95:9f:f0:5c:
32:ce:61:5e:36:46:65:3f:79:8a:94:02:f8:05:c7:fc:64:e7:
cc:a0:af:e7:59:d0:89:c3:3b:10:1a:40:c8:f0:94:7d:ff:b3:
5a:7b:b0:ca:6f:3d:fe:89:1d:91:d3:d7:b6:18:e1:8f:52:a7:
27:ea:4d:ea:24:18:49:a6:97:d9:24:e3:be:ea:bd:f3:49:65:
67:4a:da:92:9e:e2:2f:cb:1d:36:b0:33:b6:d8:44:c8:b6:76:
15:07:c8:82:01:a7:d8:09:71:c3:42:3e:f4:da:ce:f1:e2:f7:
8e:c5:a3:d4:e7:19:7e:0f:72:be:e0:a9:75:5d:69:49:ec:a7:
e3:9b:75:6b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTYy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg2NTI5Q0M2NzI4QzE3
RjBGMDRFNEJBQTZEODAzMDgyOTBFREE1RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpFiVSDxofvVHVDxsXxtGCsvYJO8LuoSUv1jiZjX5Im7AJfqFJ
WvULQdm7UTX26u/fS6N5dJDI+a6M3oTv0MMlSzIqwAWFnw0xt/8lZ/WioeYuoCqY
2+QPnKykKLTW7NjkEiAKYXhvMT55x0WfAitAfq+Jdbf/s8GRChwitMQmbX/vV4Nc
8wEU1sBk9cul9j6OAj/akIwQNTl0Q4+E2oFhNhJDWzXOI7lE92CG5zHTeAVnteDc
m7fwsCrBfTFYiQ3ZGGFITdRNvYJHQ/wGupg+3IqaGV7OHXmTGTZfFrPJoIkvWIHl
YUIyCaq/ul1XMkgjtFu3LpOGy9d4W7cgAkhlAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhlKcxnKMF/DwTkuqbYAwgpDtpekwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hsS2N4bktNRl9Ed1Rr
dXFiWUF3Z3BEdHBlay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABPwSy44ORESLLxaQJnTbeZHjX3mPL2xbEBO
xkzWPOQa5l/33W29M7KDtgHuX9LPSIZewgJHt3QV1Kq5GO+1azPqzVDb7U/6C8+z
cbbZ2V9bfR87O0Hq/j4E1pfN5aszllEcGgDgEN4U47egWLxkMKUAZvML/gh84cRu
lZ/wXDLOYV42RmU/eYqUAvgFx/xk58ygr+dZ0InDOxAaQMjwlH3/s1p7sMpvPf6J
HZHT17YY4Y9SpyfqTeokGEmml9kk477qvfNJZWdK2pKe4i/LHTawM7bYRMi2dhUH
yIIBp9gJccNCPvTazvHi947Fo9TnGX4Pcr7gqXVdaUnsp+ObdWs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org