Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lEAhff8sgGOSx7nSzCFHwCStC4k.roa
File: lEAhff8sgGOSx7nSzCFHwCStC4k.roa (raw, json)
Hash identifier: GD8JSk8QGyFxcZwt86UMjH0b9qCbpeIIaVdHISfNFUI=
Subject key identifier: 94:40:21:7D:FF:2C:80:63:92:C7:B9:D2:CC:21:47:C0:24:AD:0B:89
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03A3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lEAhff8sgGOSx7nSzCFHwCStC4k.roa
Signing time: Wed 22 May 2024 15:55:04 +0000
ROA not before: Wed 22 May 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931 (0x3a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 22 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9440217DFF2C806392C7B9D2CC2147C024AD0B89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:54:3d:48:9c:29:c2:c1:e2:35:f7:0d:31:
e6:20:c6:c2:5a:31:d3:43:87:75:b9:f8:1b:31:46:
a8:cc:b9:4b:c9:61:9a:e4:78:02:d6:dd:8f:9d:bb:
24:eb:44:0a:ec:52:fb:65:9c:60:58:94:be:38:9c:
0b:3b:cf:67:00:e8:22:50:ba:b7:2c:78:f8:0d:55:
9b:5a:69:23:47:0a:75:e8:41:81:e2:fd:e4:b7:c7:
2f:49:9b:1c:86:7c:65:3f:18:0a:47:df:f0:e2:31:
08:82:73:50:c1:7a:c9:cd:bc:2a:76:b1:cf:1e:20:
33:58:5a:f1:ce:1d:ba:11:94:72:c9:0e:7d:64:86:
ee:9d:3e:c7:81:ff:d8:03:da:a6:57:16:9b:06:e6:
9a:c9:1d:68:d5:0a:2b:af:94:dd:e3:7b:e2:ae:d7:
b0:37:9d:1b:d2:ba:e5:06:b6:cf:27:98:c5:8b:58:
59:57:8a:72:e9:9b:33:2e:08:6f:39:f3:8a:8c:94:
12:0c:77:3b:98:ef:5a:a3:73:61:13:22:fb:37:cf:
10:f4:f3:db:4a:73:33:8f:51:c2:43:31:a4:76:88:
3d:23:c7:61:ae:02:50:d2:67:2f:1d:5f:a2:61:28:
20:ad:19:6e:45:36:17:3b:28:33:40:55:86:6c:a3:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:40:21:7D:FF:2C:80:63:92:C7:B9:D2:CC:21:47:C0:24:AD:0B:89
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lEAhff8sgGOSx7nSzCFHwCStC4k.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
46:51:82:1f:4e:91:88:67:19:8a:f9:75:c9:b1:1a:09:f5:c0:
4c:be:5c:63:09:d2:20:f6:3e:3c:28:b7:9e:a9:96:41:fb:47:
9e:8c:d1:d2:fc:83:3e:c8:29:17:00:94:31:67:44:3a:97:4f:
ae:22:c0:35:c9:6c:b8:0c:f3:a1:a2:e3:a7:9e:68:83:d8:6f:
7b:9e:f1:87:33:be:61:74:56:3a:b0:52:d7:d5:f5:06:40:0f:
5d:6a:5c:40:b9:aa:7c:59:3d:b3:87:9a:f7:85:9e:79:c8:6f:
86:4c:23:9d:b3:ed:9b:a5:d5:d7:9a:51:52:01:34:1a:c2:5b:
41:a3:c2:ec:37:55:e7:52:40:01:b4:c1:85:dc:8d:14:1c:e1:
4d:c4:e8:92:99:90:89:74:99:02:e0:52:37:1b:8a:f8:e0:2c:
d6:8a:24:53:0e:dd:07:8f:1e:f1:17:15:30:14:10:90:61:43:
18:0b:94:f2:58:64:ff:27:f2:18:e5:e2:f4:dc:c3:73:7a:af:
3e:98:5a:62:96:a8:db:8f:d5:7a:41:f8:30:9d:74:ed:0d:79:
48:f7:d6:2d:fd:c2:c1:1d:0f:cb:91:b0:43:27:55:2a:94:63:
b0:38:e2:29:f5:a3:4b:69:b4:6c:2c:19:0d:fb:1a:ef:fb:f5:
f9:30:ea:55
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MjIx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk0NDAyMTdERkYyQzgw
NjM5MkM3QjlEMkNDMjE0N0MwMjRBRDBCODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw61Q9SJwpwsHiNfcNMeYgxsJaMdNDh3W5+BsxRqjMuUvJYZrk
eALW3Y+duyTrRArsUvtlnGBYlL44nAs7z2cA6CJQurcsePgNVZtaaSNHCnXoQYHi
/eS3xy9JmxyGfGU/GApH3/DiMQiCc1DBesnNvCp2sc8eIDNYWvHOHboRlHLJDn1k
hu6dPseB/9gD2qZXFpsG5prJHWjVCiuvlN3je+Ku17A3nRvSuuUGts8nmMWLWFlX
inLpmzMuCG8584qMlBIMdzuY71qjc2ETIvs3zxD089tKczOPUcJDMaR2iD0jx2Gu
AlDSZy8dX6JhKCCtGW5FNhc7KDNAVYZso+dtAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUlEAhff8sgGOSx7nSzCFHwCStC4kwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2xFQWhmZjhzZ0dPU3g3
blN6Q0ZId0NTdEM0ay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEZRgh9OkYhnGYr5dcmxGgn1wEy+XGMJ0iD2
Pjwot56plkH7R56M0dL8gz7IKRcAlDFnRDqXT64iwDXJbLgM86Gi46eeaIPYb3ue
8YczvmF0VjqwUtfV9QZAD11qXEC5qnxZPbOHmveFnnnIb4ZMI52z7Zul1deaUVIB
NBrCW0Gjwuw3VedSQAG0wYXcjRQc4U3E6JKZkIl0mQLgUjcbivjgLNaKJFMO3QeP
HvEXFTAUEJBhQxgLlPJYZP8n8hjl4vTcw3N6rz6YWmKWqNuP1XpB+DCddO0NeUj3
1i39wsEdD8uRsEMnVSqUY7A44in1o0tptGwsGQ37Gu/79fkw6lU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org