Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/kjZ_cEMBoZfZog0Rwczk9_I-Bk4.roa
File: kjZ_cEMBoZfZog0Rwczk9_I-Bk4.roa (raw, json)
Hash identifier: 3kgiKJsCW+XFmZaJgs3msHEer0UK99iw+Bh00RBxbCg=
Subject key identifier: 92:36:7F:70:43:01:A1:97:D9:A2:0D:11:C1:CC:E4:F7:F2:3E:06:4E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 2E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kjZ_cEMBoZfZog0Rwczk9_I-Bk4.roa
Signing time: Wed 14 Feb 2024 07:55:03 +0000
ROA not before: Wed 14 Feb 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46 (0x2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 14 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92367F704301A197D9A20D11C1CCE4F7F23E064E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:a5:77:75:b1:55:42:4b:10:49:53:1b:08:
3e:07:8d:d1:18:58:46:6b:44:5a:ce:4d:4c:c3:8b:
d0:29:b9:ce:0e:5f:f1:45:af:c0:96:73:b1:0e:7e:
bc:36:17:9e:5a:1e:42:68:3a:cc:db:94:b2:20:1b:
e1:84:ea:08:32:df:5f:5c:24:34:89:08:97:f2:f8:
0c:e4:06:85:8f:8d:f8:49:33:f6:9e:71:c0:9c:ef:
f3:ba:e0:9f:52:d8:c9:49:aa:de:1e:5d:33:9a:65:
69:f4:3c:b5:32:c6:fa:d4:0d:1e:76:66:20:6c:e7:
22:f2:95:1c:54:7a:cd:6f:a5:50:b7:f3:7a:e6:e0:
4b:71:a8:f6:d6:c4:ba:b4:88:68:bc:b0:ec:57:09:
14:64:da:1f:8e:4c:9e:9c:5b:eb:4c:7f:a8:6f:b1:
80:2e:94:67:67:db:7f:de:79:1a:75:74:c5:74:b2:
1b:7c:0b:4b:e7:8a:7a:cb:64:ed:a3:83:51:65:d5:
ad:b1:92:3a:1e:4f:be:4e:3f:df:1b:fa:3b:68:27:
f3:10:a8:a4:b6:51:be:3f:18:bf:de:9d:03:33:a7:
da:05:5e:28:86:17:d4:b5:d9:77:ca:b4:64:27:ff:
b6:34:4f:a1:6a:b8:17:04:a7:24:a0:17:eb:84:8e:
ba:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:36:7F:70:43:01:A1:97:D9:A2:0D:11:C1:CC:E4:F7:F2:3E:06:4E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kjZ_cEMBoZfZog0Rwczk9_I-Bk4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b7:d3:46:6b:7c:57:7a:41:e2:27:6d:83:f9:ac:5d:82:ce:
6c:5e:37:03:b6:a4:63:7a:f3:79:60:b4:d3:4c:7c:d3:d5:94:
a8:45:81:49:fc:82:2d:ce:09:90:dd:06:e4:1b:26:15:a9:b9:
75:44:45:61:91:6e:a1:f4:28:24:58:f8:1f:d3:9e:b9:7e:15:
0e:5b:14:64:a8:4b:c6:20:6f:00:34:f4:b4:4f:30:85:85:68:
44:df:c7:09:18:54:d4:62:d2:62:1e:99:1e:f6:de:84:35:3c:
78:c3:e2:6e:48:c5:6c:f9:97:0a:12:ba:dd:df:5b:70:ca:f0:
3b:3d:82:4a:40:76:23:30:3b:d2:42:64:5b:64:f5:0e:7f:c8:
eb:4b:fe:21:9e:dd:12:3c:28:38:24:6b:94:63:ef:ec:84:02:
13:d4:4d:6d:11:49:67:55:ba:fc:39:57:76:52:ca:45:d1:8c:
43:81:90:cf:99:e9:17:80:54:23:90:a5:89:2d:8a:2e:36:d7:
aa:43:65:5e:74:cc:65:b3:de:09:26:19:75:e3:7b:7b:34:07:
51:d0:ec:79:a9:2d:b9:d9:7e:ff:c5:e1:17:18:0e:cf:0e:2f:
9b:73:58:ad:b0:ff:23:2a:a9:92:91:a1:cc:f1:bb:b4:ba:fe:
49:67:07:59
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNDA3
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIzNjdGNzA0MzAxQTE5
N0Q5QTIwRDExQzFDQ0U0RjdGMjNFMDY0RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALE5pXd1sVVCSxBJUxsIPgeN0RhYRmtEWs5NTMOL0Cm5zg5f8UWv
wJZzsQ5+vDYXnloeQmg6zNuUsiAb4YTqCDLfX1wkNIkIl/L4DOQGhY+N+Ekz9p5x
wJzv87rgn1LYyUmq3h5dM5plafQ8tTLG+tQNHnZmIGznIvKVHFR6zW+lULfzeubg
S3Go9tbEurSIaLyw7FcJFGTaH45Mnpxb60x/qG+xgC6UZ2fbf955GnV0xXSyG3wL
S+eKestk7aODUWXVrbGSOh5Pvk4/3xv6O2gn8xCopLZRvj8Yv96dAzOn2gVeKIYX
1LXZd8q0ZCf/tjRPoWq4FwSnJKAX64SOuvcCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSSNn9wQwGhl9miDRHBzOT38j4GTjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2Yva2paX2NFTUJvWmZab2cw
Undjems5X0ktQms0LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAXbfTRmt8V3pB4idtg/msXYLObF43A7akY3rz
eWC000x809WUqEWBSfyCLc4JkN0G5BsmFam5dURFYZFuofQoJFj4H9OeuX4VDlsU
ZKhLxiBvADT0tE8whYVoRN/HCRhU1GLSYh6ZHvbehDU8eMPibkjFbPmXChK63d9b
cMrwOz2CSkB2IzA70kJkW2T1Dn/I60v+IZ7dEjwoOCRrlGPv7IQCE9RNbRFJZ1W6
/DlXdlLKRdGMQ4GQz5npF4BUI5CliS2KLjbXqkNlXnTMZbPeCSYZdeN7ezQHUdDs
eaktudl+/8XhFxgOzw4vm3NYrbD/IyqpkpGhzPG7tLr+SWcHWQ==
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:41 2024 by rpki-client on console-ams.rpki-client.org