Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/kGzgWa7Y3EnptHwwY9C-XLweRUE.roa
File: kGzgWa7Y3EnptHwwY9C-XLweRUE.roa (raw, json)
Hash identifier: 271qpJiqvxzwKVFvjtVlcZG092uj+uPQD71MRNN65Ts=
Subject key identifier: 90:6C:E0:59:AE:D8:DC:49:E9:B4:7C:30:63:D0:BE:5C:BC:1E:45:41
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01CC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kGzgWa7Y3EnptHwwY9C-XLweRUE.roa
Signing time: Sun 31 Mar 2024 07:55:04 +0000
ROA not before: Sun 31 Mar 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 460 (0x1cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 31 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=906CE059AED8DC49E9B47C3063D0BE5CBC1E4541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:67:66:08:6f:f0:b6:38:97:53:9c:36:04:
cd:27:58:91:ac:af:49:ce:a9:2b:67:0e:66:8e:2b:
8a:14:c2:5b:6d:3d:ca:62:c8:1d:bb:d9:d9:dd:23:
0b:01:27:c6:87:19:ca:aa:21:d0:d3:b7:4a:5e:7d:
8f:35:05:a1:8a:63:9e:40:3e:1c:3a:bc:d8:dd:9b:
d9:78:c6:cd:e1:67:fb:0a:6b:8d:b9:fe:c1:02:c0:
cb:9c:52:9e:86:21:d7:d9:af:95:a8:75:29:dc:68:
65:8c:a6:32:df:da:9f:c4:36:d5:df:d6:27:82:6a:
28:65:4d:71:b0:94:9c:62:fc:0f:b8:64:28:bb:54:
bf:74:b0:11:ae:d4:1f:24:f2:c8:fd:d6:60:3d:d5:
6e:57:dd:5b:44:c4:93:06:f6:d6:2e:35:f6:03:8a:
1e:99:9b:cd:38:11:85:eb:96:82:88:40:8a:57:b5:
c8:6e:b5:a8:1e:42:67:cb:a6:00:1b:c7:3e:c8:79:
7c:44:b6:3f:1f:28:de:f7:bb:a1:54:eb:4d:2e:b5:
86:5d:34:7e:2c:d9:c8:20:03:1c:83:7a:36:d0:49:
fc:d7:64:62:0d:9e:87:00:fb:76:bb:f7:33:c1:18:
4d:3f:78:c8:b2:34:10:af:2a:c4:80:7f:dc:0e:20:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6C:E0:59:AE:D8:DC:49:E9:B4:7C:30:63:D0:BE:5C:BC:1E:45:41
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kGzgWa7Y3EnptHwwY9C-XLweRUE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:a3:1d:75:70:e6:6b:0b:21:f7:91:5a:dc:34:fc:ab:84:11:
97:aa:da:32:21:0c:a5:cb:d0:a4:ad:ef:6b:d6:c8:2c:d1:b8:
96:6d:bc:c0:ac:e6:47:9d:91:0f:1c:10:29:74:ef:05:44:c5:
9a:f0:bd:81:40:4a:2f:ec:cf:f4:4b:71:db:62:dc:9d:85:a3:
1f:86:fc:4f:c3:41:c6:13:0f:ac:e3:8f:e6:e1:97:8d:d0:a9:
c9:c6:be:a4:ac:45:cd:86:04:14:49:c0:21:4f:2d:ab:d5:d9:
08:af:51:ee:50:8b:d9:18:92:b5:5e:6c:19:e7:c2:f2:0a:5c:
af:59:cf:8b:34:48:17:be:c8:7a:72:66:9d:5f:01:76:da:0a:
a4:5c:8c:6d:50:d3:82:10:53:f3:fa:39:76:8d:2d:3a:b8:7b:
65:e6:b1:a6:52:a8:00:b8:d1:17:76:ea:0e:ba:b4:01:a4:f6:
46:84:f4:3a:98:95:2b:d8:7f:06:14:40:e8:3d:14:6f:76:bd:
d4:02:4a:01:a1:27:8b:b4:23:a1:92:00:b0:73:73:ef:54:fe:
8e:22:a8:96:17:ae:68:2d:f0:54:22:4b:5b:e0:62:90:bf:d5:
24:33:9d:ef:b7:6c:f3:d7:45:d1:58:d8:79:d9:a9:81:6f:08:
dd:0b:94:e5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMzEw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkwNkNFMDU5QUVEOERD
NDlFOUI0N0MzMDYzRDBCRTVDQkMxRTQ1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGvmdmCG/wtjiXU5w2BM0nWJGsr0nOqStnDmaOK4oUwlttPcpi
yB272dndIwsBJ8aHGcqqIdDTt0pefY81BaGKY55APhw6vNjdm9l4xs3hZ/sKa425
/sECwMucUp6GIdfZr5WodSncaGWMpjLf2p/ENtXf1ieCaihlTXGwlJxi/A+4ZCi7
VL90sBGu1B8k8sj91mA91W5X3VtExJMG9tYuNfYDih6Zm804EYXrloKIQIpXtchu
tageQmfLpgAbxz7IeXxEtj8fKN73u6FU600utYZdNH4s2cggAxyDejbQSfzXZGIN
nocA+3a79zPBGE0/eMiyNBCvKsSAf9wOILbDAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUkGzgWa7Y3EnptHwwY9C+XLweRUEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2tHemdXYTdZM0VucHRI
d3dZOUMtWEx3ZVJVRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAA2jHXVw5msLIfeRWtw0/KuEEZeq2jIhDKXL
0KSt72vWyCzRuJZtvMCs5kedkQ8cECl07wVExZrwvYFASi/sz/RLcdti3J2Fox+G
/E/DQcYTD6zjj+bhl43QqcnGvqSsRc2GBBRJwCFPLavV2QivUe5Qi9kYkrVebBnn
wvIKXK9Zz4s0SBe+yHpyZp1fAXbaCqRcjG1Q04IQU/P6OXaNLTq4e2XmsaZSqAC4
0Rd26g66tAGk9kaE9DqYlSvYfwYUQOg9FG92vdQCSgGhJ4u0I6GSALBzc+9U/o4i
qJYXrmgt8FQiS1vgYpC/1SQzne+3bPPXRdFY2HnZqYFvCN0LlOU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org