Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lRq1ZZAimikNYDOklEBsaSung8o.roa
File: lRq1ZZAimikNYDOklEBsaSung8o.roa (raw, json)
Hash identifier: ZPXMmrzWy0Q6ammDmD5KxO3CJ5IOJrdJrOjg78Uz8aI=
Subject key identifier: 95:1A:B5:65:90:22:9A:29:0D:60:33:A4:94:40:6C:69:2B:A7:83:CA
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 4F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lRq1ZZAimikNYDOklEBsaSung8o.roa
Signing time: Sat 17 Feb 2024 23:55:03 +0000
ROA not before: Sat 17 Feb 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Feb 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 17 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=951AB56590229A290D6033A494406C692BA783CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2b:b9:6d:2e:3b:6e:54:1f:0b:1d:c6:cc:7b:
27:bc:3d:d1:5c:0d:8d:a1:0f:4b:b5:19:7a:43:a9:
14:6e:5c:89:32:c3:ca:87:bb:f8:6f:0e:df:60:f8:
f7:fa:e5:67:2c:9f:36:4f:30:c2:a8:47:a8:31:31:
88:55:63:17:fa:aa:56:47:ea:5b:65:a1:6b:b4:0c:
02:bd:94:78:ad:47:c1:86:84:d2:a2:50:8e:f9:dc:
e3:e7:d7:e6:69:5e:cc:4f:e4:a6:1c:d3:52:5a:38:
e5:23:cb:dd:18:56:24:16:bb:bc:eb:48:e9:79:88:
81:1d:b5:66:67:6b:6a:08:e0:dd:ec:e7:95:f0:a1:
bf:bd:0d:04:12:8e:55:26:56:63:b6:93:27:39:7a:
2a:59:b2:2b:25:15:15:ef:36:74:07:81:0b:03:a9:
a1:c5:66:70:9a:3b:88:86:0b:8d:e0:73:06:ab:ab:
64:a6:29:3d:10:dd:d8:82:97:d2:1e:2c:2d:f5:2c:
01:10:0e:46:eb:4f:4c:30:1a:e3:a7:36:00:e4:78:
b0:67:98:a2:0c:a5:dd:f4:1d:5c:71:8c:06:fd:1c:
33:e7:61:47:27:e2:84:a9:7a:4e:6b:0d:42:23:14:
3d:e0:b0:6d:01:41:8f:ff:0b:ec:c8:21:e1:83:68:
d3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1A:B5:65:90:22:9A:29:0D:60:33:A4:94:40:6C:69:2B:A7:83:CA
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lRq1ZZAimikNYDOklEBsaSung8o.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:79:c2:e2:71:2b:73:fe:e5:be:ad:da:19:b2:93:bd:db:b0:
bb:91:d4:95:1b:2f:ea:cf:60:b7:0c:b6:e3:35:7c:83:c1:5c:
cb:f1:21:ed:b1:c9:26:51:ee:fa:b1:51:13:9d:bc:bc:91:4f:
e6:a2:16:9d:35:9d:ba:c0:86:38:a6:ad:95:0a:b5:d3:6c:5b:
3c:08:7c:71:3e:c0:f8:d3:b3:af:70:28:be:2a:a1:1b:50:e8:
63:a0:25:40:70:9d:03:e3:66:04:ab:e1:e7:98:dd:bf:30:5f:
cf:8c:b3:cf:e2:6c:2b:c6:90:92:90:b2:d4:3b:68:28:7d:23:
ab:29:42:89:c6:03:55:67:de:80:a2:90:97:43:ee:10:12:aa:
8c:f3:2d:b8:c6:9b:27:6f:ca:fc:07:80:1a:3a:19:8c:62:79:
3e:88:a4:e8:f5:b7:23:58:fa:dc:a5:f0:c9:87:ba:9f:80:12:
af:49:bd:6e:3e:e5:b0:fc:c8:cc:06:7f:2b:44:4f:33:80:b9:
4c:8a:a7:e7:69:3c:ae:50:ac:10:78:ff:1d:24:6d:ad:a5:a0:
07:89:0e:06:02:5f:35:d8:a2:5a:71:d1:49:13:47:f9:e8:e8:
7a:ab:a8:af:7a:4a:3d:e2:1d:53:c5:61:d3:bc:50:a9:59:61:
89:d8:cc:4e
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNzIz
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUxQUI1NjU5MDIyOUEy
OTBENjAzM0E0OTQ0MDZDNjkyQkE3ODNDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMcruW0uO25UHwsdxsx7J7w90VwNjaEPS7UZekOpFG5ciTLDyoe7
+G8O32D49/rlZyyfNk8wwqhHqDExiFVjF/qqVkfqW2Wha7QMAr2UeK1HwYaE0qJQ
jvnc4+fX5mlezE/kphzTUlo45SPL3RhWJBa7vOtI6XmIgR21Zmdragjg3eznlfCh
v70NBBKOVSZWY7aTJzl6KlmyKyUVFe82dAeBCwOpocVmcJo7iIYLjeBzBqurZKYp
PRDd2IKX0h4sLfUsARAORutPTDAa46c2AOR4sGeYogyl3fQdXHGMBv0cM+dhRyfi
hKl6TmsNQiMUPeCwbQFBj/8L7Mgh4YNo020CAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSVGrVlkCKaKQ1gM6SUQGxpK6eDyjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvbFJxMVpaQWltaWtOWURP
a2xFQnNhU3VuZzhvLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAqXnC4nErc/7lvq3aGbKTvduwu5HUlRsv6s9g
twy24zV8g8Fcy/Eh7bHJJlHu+rFRE528vJFP5qIWnTWdusCGOKatlQq102xbPAh8
cT7A+NOzr3AoviqhG1DoY6AlQHCdA+NmBKvh55jdvzBfz4yzz+JsK8aQkpCy1Dto
KH0jqylCicYDVWfegKKQl0PuEBKqjPMtuMabJ2/K/AeAGjoZjGJ5Poik6PW3I1j6
3KXwyYe6n4ASr0m9bj7lsPzIzAZ/K0RPM4C5TIqn52k8rlCsEHj/HSRtraWgB4kO
BgJfNdiiWnHRSRNH+ejoequor3pKPeIdU8Vh07xQqVlhidjMTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org