Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lRp2F02BhB9jHTEKcK8dWF9KE-0.roa
File: lRp2F02BhB9jHTEKcK8dWF9KE-0.roa (raw, json)
Hash identifier: FFPlntyd3u0l9chkmGR1Pwf0rQGRzIWqmiix6Vl6CpE=
Subject key identifier: 95:1A:76:17:4D:81:84:1F:63:1D:31:0A:70:AF:1D:58:5F:4A:13:ED
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lRp2F02BhB9jHTEKcK8dWF9KE-0.roa
Signing time: Sat 10 Feb 2024 00:17:28 +0000
ROA not before: Sat 10 Feb 2024 00:17:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 10 00:17:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=951A76174D81841F631D310A70AF1D585F4A13ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:05:52:cb:06:4e:03:55:24:45:4e:0e:f3:de:
c1:61:bd:25:5c:af:a5:20:69:f5:fe:8d:70:aa:f7:
07:8d:b3:6c:bb:b6:5f:e3:93:37:a4:3b:25:b2:41:
1f:eb:eb:83:3b:2c:9f:1b:cf:9e:c3:22:65:41:84:
42:5a:5f:49:f1:d5:f1:ba:62:d0:72:c6:e6:c0:9d:
8b:0b:aa:f6:c9:8b:e4:37:c7:45:96:85:87:d4:33:
9d:2b:b1:59:59:c5:1d:bf:c9:b2:8d:72:8e:44:91:
e2:f9:ad:6d:6e:50:75:6a:c0:a7:09:8b:21:5e:7e:
16:d3:4f:cf:7a:67:9a:3f:1c:4e:b1:33:0e:d5:d2:
70:72:8c:cf:bb:cf:e1:51:72:15:c4:3e:24:f1:1d:
cf:fc:9e:79:8e:bb:ee:0d:44:0f:13:8f:6d:13:09:
dc:28:b8:cc:25:9f:60:8f:3e:e9:23:6f:e7:a6:bb:
90:ac:9d:a3:78:52:f3:d7:4a:cf:0a:65:21:c9:a0:
ba:8f:a6:a6:a7:a3:96:b4:e4:a0:4b:25:f3:b6:3c:
95:2d:28:53:08:bc:b2:4b:97:11:95:0f:7c:00:d7:
73:38:cf:cb:af:c0:85:45:01:5f:72:84:c4:7f:97:
70:35:6e:66:22:2b:6e:a9:41:7e:c1:97:1f:ad:11:
ef:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1A:76:17:4D:81:84:1F:63:1D:31:0A:70:AF:1D:58:5F:4A:13:ED
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lRp2F02BhB9jHTEKcK8dWF9KE-0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:8a:80:68:9c:06:d5:d4:b0:af:9e:67:d5:20:4f:44:33:f1:
86:fd:34:92:7c:62:b5:e3:f0:ce:0c:78:a3:03:ac:d6:9a:77:
13:99:e5:cb:9f:73:3e:f0:93:7f:b5:a3:12:a5:c7:7c:52:84:
69:56:49:0e:13:c7:2f:ee:75:52:12:dc:e8:f7:1c:32:47:6e:
0c:04:79:bc:f8:86:8a:f4:f3:ba:a0:77:78:4f:f2:3f:24:6a:
71:ac:dc:73:00:ac:49:79:1a:05:ac:5b:86:b0:dd:0f:d5:7e:
85:99:96:81:eb:b8:d0:78:64:02:4d:b6:47:f5:4b:de:7b:a5:
ba:64:5d:08:60:45:4c:bf:67:36:4e:b1:7d:b7:76:fe:5f:c7:
2a:eb:44:a9:bb:e5:2d:46:13:50:62:1a:2a:c5:10:c4:6d:26:
4a:a3:07:79:17:dc:3e:ba:52:f6:b5:a5:ab:9a:dc:60:b0:16:
59:d4:3c:c1:cc:f2:67:97:1c:bf:80:f0:25:e7:51:ad:58:28:
b9:74:4f:bd:bd:3c:1f:39:8f:02:ad:6c:f5:3c:a5:aa:dc:dc:
81:b3:e1:01:46:96:dc:8f:a2:c2:0e:ef:09:70:d2:ea:0b:c0:
9d:53:1c:b7:b8:6e:e1:5b:95:8c:f0:89:dc:66:3c:2b:cb:1c:
f3:14:79:23
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMDAw
MTcyOFoXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUxQTc2MTc0RDgxODQx
RjYzMUQzMTBBNzBBRjFENTg1RjRBMTNFRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN4FUssGTgNVJEVODvPewWG9JVyvpSBp9f6NcKr3B42zbLu2X+OT
N6Q7JbJBH+vrgzssnxvPnsMiZUGEQlpfSfHV8bpi0HLG5sCdiwuq9smL5DfHRZaF
h9QznSuxWVnFHb/Jso1yjkSR4vmtbW5QdWrApwmLIV5+FtNPz3pnmj8cTrEzDtXS
cHKMz7vP4VFyFcQ+JPEdz/yeeY677g1EDxOPbRMJ3Ci4zCWfYI8+6SNv56a7kKyd
o3hS89dKzwplIcmguo+mpqejlrTkoEsl87Y8lS0oUwi8skuXEZUPfADXczjPy6/A
hUUBX3KExH+XcDVuZiIrbqlBfsGXH60R768CAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSVGnYXTYGEH2MdMQpwrx1YX0oT7TAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvbFJwMkYwMkJoQjlqSFRF
S2NLOGRXRjlLRS0wLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEA0YqAaJwG1dSwr55n1SBPRDPxhv00knxitePw
zgx4owOs1pp3E5nly59zPvCTf7WjEqXHfFKEaVZJDhPHL+51UhLc6PccMkduDAR5
vPiGivTzuqB3eE/yPyRqcazccwCsSXkaBaxbhrDdD9V+hZmWgeu40HhkAk22R/VL
3nulumRdCGBFTL9nNk6xfbd2/l/HKutEqbvlLUYTUGIaKsUQxG0mSqMHeRfcPrpS
9rWlq5rcYLAWWdQ8wczyZ5ccv4DwJedRrVgouXRPvb08HzmPAq1s9TylqtzcgbPh
AUaW3I+iwg7vCXDS6gvAnVMct7hu4VuVjPCJ3GY8K8sc8xR5Iw==
-----END CERTIFICATE-----
Generated at Sat Feb 10 12:57:31 2024 by rpki-client on console-ams.rpki-client.org