Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/j9yAf7lxjaOVw8GT-NThGBHXx18.roa
File: j9yAf7lxjaOVw8GT-NThGBHXx18.roa (raw, json)
Hash identifier: m2P4lYCXCjhA0Q5rZB5JpGJm16bWMN4HHXUh6eTwnnI=
Subject key identifier: 8F:DC:80:7F:B9:71:8D:A3:95:C3:C1:93:F8:D4:E1:18:11:D7:C7:5F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 015A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/j9yAf7lxjaOVw8GT-NThGBHXx18.roa
Signing time: Mon 18 Mar 2024 15:55:03 +0000
ROA not before: Mon 18 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 346 (0x15a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 18 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8FDC807FB9718DA395C3C193F8D4E11811D7C75F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:e0:7e:da:a9:28:f5:dc:f2:62:c2:9d:58:
45:a2:2a:46:27:7c:4a:04:fd:7d:03:ca:06:45:92:
da:cd:52:4f:bb:71:b3:47:61:f4:45:69:59:c3:83:
40:b9:f5:f7:34:17:61:df:e5:49:4a:77:13:c8:14:
a8:9d:6a:66:d0:f0:c6:e2:b0:7e:74:33:81:51:f9:
4e:e5:69:82:af:73:aa:16:3d:12:fe:2f:7e:a1:f9:
38:16:c3:f9:60:11:10:70:d2:7d:53:c8:63:81:96:
95:1e:60:f3:f3:b4:d6:a8:c5:8e:d7:1b:12:76:6b:
39:13:67:d6:4f:19:1a:c5:48:5e:da:54:ca:69:bf:
ee:f1:60:18:da:01:da:d7:6a:7d:09:57:4d:4e:ac:
50:1c:9b:6f:11:ad:7b:fe:b3:ff:51:cb:53:d6:6f:
f1:b6:80:e1:b8:72:cd:ee:41:80:6e:bb:04:fa:9a:
7c:18:c2:03:d3:45:0f:88:86:db:76:b4:09:9f:ae:
0e:79:8f:f4:6e:ab:0f:79:7f:c1:17:3f:4a:25:c5:
59:46:cf:0b:2e:c8:23:c5:45:f0:df:fd:44:85:53:
ab:60:7d:6f:74:bd:99:6a:9e:cd:a3:e6:71:8c:a1:
ad:91:5b:1d:7b:e4:9f:10:e6:51:00:71:ca:97:fe:
90:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:DC:80:7F:B9:71:8D:A3:95:C3:C1:93:F8:D4:E1:18:11:D7:C7:5F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/j9yAf7lxjaOVw8GT-NThGBHXx18.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
41:dc:53:b9:e9:d7:48:00:40:48:d2:54:ba:03:5a:b2:71:55:
5d:74:2f:8f:7d:c0:ff:04:a5:59:10:1c:76:d9:3a:70:2e:f5:
33:45:2d:85:fc:af:45:45:27:4b:c8:8b:8b:77:35:b8:de:fd:
2b:14:0e:3f:d6:eb:85:ad:e5:7d:f0:3f:49:1e:c9:42:9e:7c:
33:49:38:25:17:ab:24:33:0c:30:43:72:25:f1:b9:58:4c:96:
7b:9b:0e:af:ac:16:b7:0a:d6:66:87:26:67:30:42:ea:06:a9:
eb:31:3a:81:1d:59:66:a6:e7:e5:f4:b4:33:1e:d6:e6:29:10:
76:0e:00:75:01:ad:73:b3:68:56:8a:67:68:a0:7f:0a:64:70:
77:b9:13:56:fe:74:19:3f:53:07:3b:b7:4e:b3:40:8e:d1:c2:
7d:d1:16:90:32:d0:c7:f0:96:0b:d8:e1:0d:d1:1a:02:e5:2d:
74:a4:68:78:67:de:ec:0a:16:13:c4:31:a1:b1:cf:eb:30:df:
d2:49:f8:ae:87:03:19:01:d4:09:2e:b4:f6:c8:b0:00:ae:37:
c2:63:4c:d2:c7:2a:2a:94:1f:ff:f0:c1:c3:ed:b3:6b:54:92:
58:17:e9:bd:f4:89:ac:cb:8f:b4:32:5a:2f:ab:fc:65:2a:fa:
46:2b:42:c6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTgx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDhGREM4MDdGQjk3MThE
QTM5NUMzQzE5M0Y4RDRFMTE4MTFEN0M3NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6suB+2qko9dzyYsKdWEWiKkYnfEoE/X0DygZFktrNUk+7cbNH
YfRFaVnDg0C59fc0F2Hf5UlKdxPIFKidambQ8MbisH50M4FR+U7laYKvc6oWPRL+
L36h+TgWw/lgERBw0n1TyGOBlpUeYPPztNaoxY7XGxJ2azkTZ9ZPGRrFSF7aVMpp
v+7xYBjaAdrXan0JV01OrFAcm28RrXv+s/9Ry1PWb/G2gOG4cs3uQYBuuwT6mnwY
wgPTRQ+Ihtt2tAmfrg55j/Ruqw95f8EXP0olxVlGzwsuyCPFRfDf/USFU6tgfW90
vZlqns2j5nGMoa2RWx175J8Q5lEAccqX/pCRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUj9yAf7lxjaOVw8GT+NThGBHXx18wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2o5eUFmN2x4amFPVnc4
R1QtTlRoR0JIWHgxOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEHcU7np10gAQEjSVLoDWrJxVV10L499wP8E
pVkQHHbZOnAu9TNFLYX8r0VFJ0vIi4t3Nbje/SsUDj/W64Wt5X3wP0keyUKefDNJ
OCUXqyQzDDBDciXxuVhMlnubDq+sFrcK1maHJmcwQuoGqesxOoEdWWam5+X0tDMe
1uYpEHYOAHUBrXOzaFaKZ2igfwpkcHe5E1b+dBk/Uwc7t06zQI7Rwn3RFpAy0Mfw
lgvY4Q3RGgLlLXSkaHhn3uwKFhPEMaGxz+sw39JJ+K6HAxkB1AkutPbIsACuN8Jj
TNLHKiqUH//wwcPts2tUklgX6b30iazLj7QyWi+r/GUq+kYrQsY=
-----END CERTIFICATE-----
Generated at Mon Mar 18 23:13:12 2024 by rpki-client on console-ams.rpki-client.org