Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/jxo66j2eT07gpo_zR0QSCtoltd8.roa
File: jxo66j2eT07gpo_zR0QSCtoltd8.roa (raw, json)
Hash identifier: puD0HHx/vSZJBxA29Ev+K6A8XR7N/tfhgnzDJZdLOXs=
Subject key identifier: 8F:1A:3A:EA:3D:9E:4F:4E:E0:A6:8F:F3:47:44:12:0A:DA:25:B5:DF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 43
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/jxo66j2eT07gpo_zR0QSCtoltd8.roa
Signing time: Fri 16 Feb 2024 15:55:03 +0000
ROA not before: Fri 16 Feb 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67 (0x43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 16 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8F1A3AEA3D9E4F4EE0A68FF34744120ADA25B5DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:08:ff:da:4b:a4:ee:97:f1:d2:b6:19:97:19:
85:e7:af:36:bf:df:d4:64:f8:a1:ec:58:e1:e6:b9:
e5:85:99:ea:b4:4d:37:46:e8:c1:f8:f8:e5:af:b0:
87:6f:d0:76:d5:f6:f7:d4:a8:48:99:f4:77:28:44:
2a:03:53:96:a1:1d:5a:51:fc:fa:f8:e9:28:dd:21:
9b:5e:fd:ab:8c:50:e2:ee:6c:51:42:c0:51:d3:7a:
aa:a1:35:12:65:58:74:b4:92:95:b3:ff:dd:d5:ee:
19:50:11:a8:90:73:1b:b2:3e:6a:30:81:b8:00:ab:
95:d2:76:d1:da:54:e7:e3:93:fe:1b:a0:e0:ba:15:
32:b5:b1:e2:de:4c:70:4b:97:36:4e:f1:4f:3d:0d:
16:d0:d3:d3:bc:e7:08:81:87:82:f9:99:15:a2:20:
eb:85:b1:90:2d:ff:63:e8:6e:6c:81:8b:b1:45:ca:
9e:0f:b6:4e:8b:af:9d:7d:48:ef:4a:2b:9b:00:b0:
79:e9:97:20:7e:ba:4b:03:38:c5:c5:30:aa:d4:16:
d3:a3:d8:22:89:fe:fc:dc:78:20:2b:c1:19:39:12:
2c:93:a0:1b:0c:3a:13:73:0f:ec:b6:96:fa:2b:08:
2a:5a:4a:a9:df:80:9f:16:bd:94:6b:a1:67:87:69:
38:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1A:3A:EA:3D:9E:4F:4E:E0:A6:8F:F3:47:44:12:0A:DA:25:B5:DF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/jxo66j2eT07gpo_zR0QSCtoltd8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
25:a0:da:2a:8c:ba:d9:49:4c:64:8e:a7:7d:96:16:fe:3c:c4:
e7:e1:31:88:7f:0a:84:11:45:37:30:16:49:c8:93:a6:f4:58:
45:26:bf:12:c7:b1:40:60:df:61:24:2e:14:89:d5:97:aa:5f:
e0:70:51:93:6c:7c:c2:fb:8a:06:84:af:f8:f9:fc:1c:00:f3:
d1:dd:cb:94:c5:46:5a:5c:c3:a1:d6:d3:2a:b3:65:af:c4:0d:
78:b6:f1:ba:8b:c0:3c:eb:9f:58:74:d0:4a:7a:5f:e9:bd:04:
a3:fd:fa:28:4d:c5:31:41:b3:a3:52:e3:c8:69:87:32:e4:43:
7b:73:f2:42:d3:d5:68:f4:4c:f8:c5:d8:0f:e9:0d:61:f6:58:
cd:ed:8e:21:98:8b:f3:1f:f2:16:96:d9:12:2a:65:81:ed:53:
a1:64:dc:57:b2:ba:46:62:03:3c:24:ce:4f:70:4c:45:9b:f4:
2e:d5:28:dd:97:d0:c6:37:44:59:94:66:20:33:9e:cc:db:21:
68:fd:d5:27:65:c2:ae:b8:15:f6:58:14:90:2a:b6:eb:e5:05:
61:78:ac:3f:f3:9b:75:d5:d2:b7:49:6e:e1:a9:44:be:06:9c:
fe:a7:80:99:f9:e0:6b:e0:d8:28:6d:09:53:1b:a5:1f:43:1c:
cc:83:b6:b3
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNjE1
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOEYxQTNBRUEzRDlFNEY0
RUUwQTY4RkYzNDc0NDEyMEFEQTI1QjVERjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMsI/9pLpO6X8dK2GZcZheevNr/f1GT4oexY4ea55YWZ6rRNN0bo
wfj45a+wh2/QdtX299SoSJn0dyhEKgNTlqEdWlH8+vjpKN0hm179q4xQ4u5sUULA
UdN6qqE1EmVYdLSSlbP/3dXuGVARqJBzG7I+ajCBuACrldJ20dpU5+OT/hug4LoV
MrWx4t5McEuXNk7xTz0NFtDT07znCIGHgvmZFaIg64WxkC3/Y+hubIGLsUXKng+2
TouvnX1I70ormwCweemXIH66SwM4xcUwqtQW06PYIon+/Nx4ICvBGTkSLJOgGww6
E3MP7LaW+isIKlpKqd+Anxa9lGuhZ4dpOIsCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSPGjrqPZ5PTuCmj/NHRBIK2iW13zAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvanhvNjZqMmVUMDdncG9f
elIwUVNDdG9sdGQ4LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAJaDaKoy62UlMZI6nfZYW/jzE5+ExiH8KhBFF
NzAWSciTpvRYRSa/EsexQGDfYSQuFInVl6pf4HBRk2x8wvuKBoSv+Pn8HADz0d3L
lMVGWlzDodbTKrNlr8QNeLbxuovAPOufWHTQSnpf6b0Eo/36KE3FMUGzo1LjyGmH
MuRDe3PyQtPVaPRM+MXYD+kNYfZYze2OIZiL8x/yFpbZEiplge1ToWTcV7K6RmID
PCTOT3BMRZv0LtUo3ZfQxjdEWZRmIDOezNshaP3VJ2XCrrgV9lgUkCq26+UFYXis
P/ObddXSt0lu4alEvgac/qeAmfnga+DYKG0JUxulH0MczIO2sw==
-----END CERTIFICATE-----
Generated at Fri Feb 16 22:32:42 2024 by rpki-client on console-ams.rpki-client.org