Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/kIB65JGYZkYw3tOc7uHebORw6S8.roa
File: kIB65JGYZkYw3tOc7uHebORw6S8.roa (raw, json)
Hash identifier: QJQN5Vb0V3zrW9u7VKFQV/x1NHrSCmBYkPrq+4044rY=
Subject key identifier: 90:80:7A:E4:91:98:66:46:30:DE:D3:9C:EE:E1:DE:6C:E4:70:E9:2F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0436
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kIB65JGYZkYw3tOc7uHebORw6S8.roa
Signing time: Fri 07 Jun 2024 23:55:04 +0000
ROA not before: Fri 07 Jun 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1078 (0x436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jun 7 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90807AE49198664630DED39CEEE1DE6CE470E92F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:e0:5a:9a:43:82:f1:a5:2d:58:0f:78:19:
5e:1d:38:44:b0:50:ef:40:1b:71:c1:1e:f7:88:32:
63:46:cd:4c:1b:0d:dd:f1:a0:80:8f:f9:ab:ee:06:
e7:1b:3d:42:d3:8e:c1:65:a5:ec:59:9d:30:f6:2b:
e2:3c:6b:ac:5c:e9:58:1b:e5:73:ce:ad:9f:1d:0f:
f7:06:b9:33:a9:6b:c1:ba:1a:f2:e7:5c:5d:08:77:
6f:38:ef:5d:e2:83:66:2d:01:84:9a:22:0f:a9:6f:
a2:f6:2c:f0:fc:7a:ee:6a:b1:54:a7:90:b3:4a:b3:
14:33:f7:3b:04:5a:ca:57:2c:10:f6:50:a1:ae:cb:
00:64:af:5a:b8:55:8d:1e:71:06:32:cc:d5:5e:48:
5f:13:89:b5:b8:ca:ec:9b:86:59:22:33:e4:78:66:
f4:42:eb:b7:0a:78:6e:fa:47:7b:95:71:92:23:f4:
28:01:8b:ee:cd:f6:64:38:e4:b6:d6:33:7c:71:a9:
da:7f:94:c4:ad:0a:46:a4:15:71:eb:9b:6f:c4:8e:
b3:1b:b3:44:57:6d:e9:b9:d3:1b:79:39:83:44:93:
58:8e:34:f3:dd:27:8c:27:a8:83:50:58:a3:5b:ee:
08:e1:20:fb:57:f6:9c:6b:de:0b:5b:3d:28:9a:1b:
22:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:80:7A:E4:91:98:66:46:30:DE:D3:9C:EE:E1:DE:6C:E4:70:E9:2F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kIB65JGYZkYw3tOc7uHebORw6S8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:62:4e:11:c3:c1:4b:ea:5a:2d:2d:97:cc:4d:81:dd:7b:37:
79:90:8e:8a:81:66:1c:a1:1e:17:2d:26:5c:fb:e0:6f:f1:7b:
e5:5d:44:34:da:a1:c3:be:51:94:e3:69:10:b2:69:ee:28:cc:
7c:9a:01:2c:31:cd:9a:01:fa:bf:27:6c:a2:44:55:44:5f:d7:
e0:84:c0:db:7c:5f:2c:0b:b3:0d:eb:81:e3:b9:0a:f7:65:7e:
f6:87:a0:61:6d:0e:d2:92:4c:52:4c:30:ff:a5:0f:bd:4f:86:
14:26:d4:b7:83:40:50:60:46:20:fa:fb:f8:b0:2b:f6:02:54:
6f:ff:ad:c6:76:a9:a9:d1:4e:9e:4f:50:c0:5e:3c:ee:fa:b1:
01:a8:29:09:39:d1:a9:81:6e:29:10:54:46:dd:83:ac:3d:f7:
72:82:a8:a4:7c:f8:03:98:d7:30:63:c0:f3:f1:7e:c8:cc:10:
c9:cd:44:f9:99:ac:65:21:70:54:53:97:6b:2e:ce:fa:26:21:
f5:ab:a1:ee:5e:14:4e:2e:a9:98:cf:84:f0:0b:1d:d4:ca:bc:
20:a5:3d:8e:c5:4e:f6:0f:32:e4:54:8e:f2:00:65:51:e0:a6:
8c:f9:d8:cc:b4:69:ae:72:a5:34:16:44:3e:97:62:d8:9f:a4:
2f:9f:e4:72
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDcy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkwODA3QUU0OTE5ODY2
NDYzMERFRDM5Q0VFRTFERTZDRTQ3MEU5MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsu+BamkOC8aUtWA94GV4dOESwUO9AG3HBHveIMmNGzUwbDd3x
oICP+avuBucbPULTjsFlpexZnTD2K+I8a6xc6Vgb5XPOrZ8dD/cGuTOpa8G6GvLn
XF0Id284713ig2YtAYSaIg+pb6L2LPD8eu5qsVSnkLNKsxQz9zsEWspXLBD2UKGu
ywBkr1q4VY0ecQYyzNVeSF8TibW4yuybhlkiM+R4ZvRC67cKeG76R3uVcZIj9CgB
i+7N9mQ45LbWM3xxqdp/lMStCkakFXHrm2/EjrMbs0RXbem50xt5OYNEk1iONPPd
J4wnqINQWKNb7gjhIPtX9pxr3gtbPSiaGyL1AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUkIB65JGYZkYw3tOc7uHebORw6S8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2tJQjY1SkdZWmtZdzN0
T2M3dUhlYk9SdzZTOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAE5iThHDwUvqWi0tl8xNgd17N3mQjoqBZhyh
HhctJlz74G/xe+VdRDTaocO+UZTjaRCyae4ozHyaASwxzZoB+r8nbKJEVURf1+CE
wNt8XywLsw3rgeO5CvdlfvaHoGFtDtKSTFJMMP+lD71PhhQm1LeDQFBgRiD6+/iw
K/YCVG//rcZ2qanRTp5PUMBePO76sQGoKQk50amBbikQVEbdg6w993KCqKR8+AOY
1zBjwPPxfsjMEMnNRPmZrGUhcFRTl2suzvomIfWroe5eFE4uqZjPhPALHdTKvCCl
PY7FTvYPMuRUjvIAZVHgpoz52My0aa5ypTQWRD6XYtifpC+f5HI=
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:56:08 2024 by rpki-client on console-ams.rpki-client.org