Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hsglKwxpUxT0Z9-CDPsJfqAMorE.roa
File: hsglKwxpUxT0Z9-CDPsJfqAMorE.roa (raw, json)
Hash identifier: s6U0Tcn0OPQTM32Mo8k/O7pnVOInrLf8pSVvIXd3FeI=
Subject key identifier: 86:C8:25:2B:0C:69:53:14:F4:67:DF:82:0C:FB:09:7E:A0:0C:A2:B1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 02E3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hsglKwxpUxT0Z9-CDPsJfqAMorE.roa
Signing time: Wed 01 May 2024 07:55:03 +0000
ROA not before: Wed 01 May 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 739 (0x2e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 1 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86C8252B0C695314F467DF820CFB097EA00CA2B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0d:64:9b:a2:e9:3f:69:a5:7c:c9:8b:a6:55:
cd:c4:8c:5f:b4:d0:9c:6e:b3:dd:8a:47:e6:bd:7c:
03:91:1f:be:20:91:85:22:76:e8:53:62:f5:f8:52:
ca:2e:dc:e2:25:ff:1a:cd:08:1f:ee:bb:34:87:6a:
eb:d8:9b:7f:06:0a:27:59:c9:a3:dd:f0:03:51:f1:
ef:5a:69:6d:75:31:6e:2c:4c:de:11:47:0b:86:f9:
de:2c:69:d1:03:0b:fa:58:6c:5f:6c:5f:53:fa:d2:
a4:ac:0a:a8:be:8d:2d:3f:5d:ec:96:c6:6d:82:04:
ca:9a:1c:0a:da:1d:70:05:90:47:f8:e8:ee:17:56:
d4:df:60:85:e7:96:eb:91:09:26:43:29:65:f2:89:
c2:3f:04:5b:25:df:33:30:92:2c:f9:cd:d3:e5:b4:
db:33:99:b6:cf:54:4d:7e:2e:aa:12:f8:25:33:32:
07:8d:a1:fb:01:66:01:89:17:f9:c3:f4:70:73:45:
f2:31:03:f1:36:6d:ec:63:84:25:15:4f:7f:52:35:
42:40:bf:d3:ca:8f:e4:81:25:64:5b:43:a4:b8:4b:
85:7a:3e:3d:20:1d:a5:9b:1e:ac:05:ed:5f:53:79:
bb:6c:23:70:1e:d1:85:0c:5c:62:ed:40:97:2b:64:
b0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C8:25:2B:0C:69:53:14:F4:67:DF:82:0C:FB:09:7E:A0:0C:A2:B1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hsglKwxpUxT0Z9-CDPsJfqAMorE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
95:99:c8:e4:cd:46:c8:63:c6:e4:d3:1e:30:3d:0e:e1:ef:33:
a3:a2:c9:ed:71:46:94:0f:c5:24:11:43:9e:75:c1:52:39:92:
c5:90:45:86:71:70:40:2f:9a:8d:c6:20:9a:d4:41:f4:99:1d:
26:15:0d:c6:60:0f:d1:91:07:bf:6f:db:cc:0c:96:1f:da:ad:
d3:83:81:77:b2:45:57:c2:68:ab:ab:0b:95:b4:88:c3:43:31:
c7:b4:1f:d3:b7:0e:99:42:9b:ae:68:42:ed:20:4d:05:89:38:
5f:28:7b:5a:1c:80:aa:cb:56:ad:b4:35:31:1f:d7:f1:ac:7b:
aa:72:5d:df:cc:b6:af:f1:12:10:c3:2a:7a:28:71:44:5b:76:
1d:03:3a:45:18:bf:cd:e3:42:42:b7:ba:d2:53:f7:80:80:21:
06:91:d8:56:71:86:a9:46:ad:20:46:c5:49:47:71:f5:18:b9:
5a:00:67:af:2a:d7:d5:ab:6e:21:cf:fb:48:9e:d8:18:d6:4b:
8c:7e:7d:10:cc:9e:c6:50:20:46:9b:4c:95:e6:82:91:53:1e:
d0:f8:8e:86:25:76:b6:7e:a9:15:71:1c:23:4f:2f:12:30:1a:
b6:6d:5c:4b:2d:06:95:18:cf:d5:24:be:14:c1:23:01:b2:a4:
f2:83:b2:db
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MDEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg2QzgyNTJCMEM2OTUz
MTRGNDY3REY4MjBDRkIwOTdFQTAwQ0EyQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTDWSbouk/aaV8yYumVc3EjF+00Jxus92KR+a9fAORH74gkYUi
duhTYvX4Usou3OIl/xrNCB/uuzSHauvYm38GCidZyaPd8ANR8e9aaW11MW4sTN4R
RwuG+d4sadEDC/pYbF9sX1P60qSsCqi+jS0/XeyWxm2CBMqaHAraHXAFkEf46O4X
VtTfYIXnluuRCSZDKWXyicI/BFsl3zMwkiz5zdPltNszmbbPVE1+LqoS+CUzMgeN
ofsBZgGJF/nD9HBzRfIxA/E2bexjhCUVT39SNUJAv9PKj+SBJWRbQ6S4S4V6Pj0g
HaWbHqwF7V9TebtsI3Ae0YUMXGLtQJcrZLC/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhsglKwxpUxT0Z9+CDPsJfqAMorEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hzZ2xLd3hwVXhUMFo5
LUNEUHNKZnFBTW9yRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJWZyOTNRshjxuTTHjA9DuHvM6Oiye1xRpQP
xSQRQ551wVI5ksWQRYZxcEAvmo3GIJrUQfSZHSYVDcZgD9GRB79v28wMlh/ardOD
gXeyRVfCaKurC5W0iMNDMce0H9O3DplCm65oQu0gTQWJOF8oe1ocgKrLVq20NTEf
1/Gse6pyXd/Mtq/xEhDDKnoocURbdh0DOkUYv83jQkK3utJT94CAIQaR2FZxhqlG
rSBGxUlHcfUYuVoAZ68q19WrbiHP+0ie2BjWS4x+fRDMnsZQIEabTJXmgpFTHtD4
joYldrZ+qRVxHCNPLxIwGrZtXEstBpUYz9UkvhTBIwGypPKDsts=
-----END CERTIFICATE-----
Generated at Wed May 1 14:46:52 2024 by rpki-client on console-ams.rpki-client.org