Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/lTF3M8Z1lgMo6tzDqho-a2-VnP0.roa
File: lTF3M8Z1lgMo6tzDqho-a2-VnP0.roa (raw, json)
Hash identifier: wmQaOMVYdDwaRnsz2t06i7xa0X7xx1xaErBWj+fzWaI=
Subject key identifier: 95:31:77:33:C6:75:96:03:28:EA:DC:C3:AA:1A:3E:6B:6F:95:9C:FD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 015D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lTF3M8Z1lgMo6tzDqho-a2-VnP0.roa
Signing time: Mon 18 Mar 2024 23:55:03 +0000
ROA not before: Mon 18 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349 (0x15d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 18 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95317733C675960328EADCC3AA1A3E6B6F959CFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a9:a7:00:9a:d3:e8:52:08:57:fa:a5:ff:cd:
16:c7:69:94:cc:26:54:10:97:df:f5:de:6e:dd:ab:
31:b6:9c:d8:6a:8c:f1:b4:7a:47:4e:73:9c:2c:df:
64:51:f9:91:f0:01:67:55:39:ae:aa:03:94:73:f3:
6c:ee:b4:cc:91:aa:3b:1d:df:e8:78:bb:1a:34:cd:
55:10:01:3b:1c:57:2f:98:00:f6:6d:f8:18:b9:9a:
d9:12:c0:d6:1e:26:df:56:4a:ec:46:93:8c:d4:19:
e7:9a:04:01:a0:0a:4e:b5:e5:a2:9c:aa:f3:29:a2:
7c:50:76:ef:46:6b:af:2f:da:c4:9f:75:a9:c6:65:
7e:46:84:3f:9d:6a:53:84:48:fd:be:55:40:b0:62:
0a:80:43:49:0e:88:5f:60:37:3b:5a:61:3a:47:85:
2a:76:bd:af:81:e9:b3:d0:49:3f:d2:56:24:db:09:
ad:a3:ab:49:43:ff:77:db:15:ca:a5:d6:24:a6:25:
6a:ed:b6:b3:4e:95:b2:5f:93:a3:a3:53:7e:c4:0f:
1c:dc:de:03:c2:7a:b9:19:a6:a9:8d:63:d6:a4:c8:
ef:9b:0e:3f:9c:30:9f:f1:89:3f:ec:6e:c3:46:c9:
3e:14:57:01:1e:3d:c0:7b:24:c3:b7:99:de:2d:39:
72:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:31:77:33:C6:75:96:03:28:EA:DC:C3:AA:1A:3E:6B:6F:95:9C:FD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/lTF3M8Z1lgMo6tzDqho-a2-VnP0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7c:74:eb:a6:3f:3d:fb:bb:b0:ae:b3:22:a4:64:e1:c7:93:
4b:f1:5b:0b:c1:7b:d2:f4:7a:3f:71:ab:5f:d8:2e:70:3d:59:
21:0b:93:20:1f:62:ce:c5:17:37:e3:b9:9e:66:dd:90:b2:c1:
1e:aa:3f:14:b3:af:07:1b:86:94:c5:85:89:54:2d:7e:d7:b8:
23:bf:1f:3d:ee:fc:d5:d0:20:d0:81:97:10:b4:fe:b9:7d:59:
c0:f9:ab:7d:44:4b:9c:b1:4a:8b:c2:64:a7:bc:09:40:17:a9:
3c:05:04:4b:da:db:ff:bd:83:ad:37:e3:a1:bf:5a:ea:78:8a:
6e:b8:ed:a1:b0:21:ae:23:ac:58:bf:4d:da:84:79:ba:11:a2:
d3:8b:05:b5:cc:8d:cf:46:09:41:fc:4f:e9:fd:49:c7:98:95:
50:13:52:73:51:01:00:4b:57:a0:6d:15:e5:0a:14:88:38:16:
0b:3a:34:a6:5b:a5:f6:ac:3a:f5:a7:0d:ad:a1:9d:80:97:d9:
fc:03:a6:77:b9:a3:07:1b:26:79:69:83:e6:48:6e:1a:11:e8:
8f:2c:9f:e4:43:4c:a0:20:d1:c7:83:46:f8:75:f4:03:5a:89:
7b:7f:5a:8d:91:93:9e:05:8c:a5:23:7d:48:a9:9c:e9:35:93:
cc:1e:4e:3a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk1MzE3NzMzQzY3NTk2
MDMyOEVBRENDM0FBMUEzRTZCNkY5NTlDRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQqacAmtPoUghX+qX/zRbHaZTMJlQQl9/13m7dqzG2nNhqjPG0
ekdOc5ws32RR+ZHwAWdVOa6qA5Rz82zutMyRqjsd3+h4uxo0zVUQATscVy+YAPZt
+Bi5mtkSwNYeJt9WSuxGk4zUGeeaBAGgCk615aKcqvMponxQdu9Ga68v2sSfdanG
ZX5GhD+dalOESP2+VUCwYgqAQ0kOiF9gNztaYTpHhSp2va+B6bPQST/SViTbCa2j
q0lD/3fbFcql1iSmJWrttrNOlbJfk6OjU37EDxzc3gPCerkZpqmNY9akyO+bDj+c
MJ/xiT/sbsNGyT4UVwEePcB7JMO3md4tOXILAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUlTF3M8Z1lgMo6tzDqho+a2+VnP0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2xURjNNOFoxbGdNbzZ0
ekRxaG8tYTItVm5QMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEJ8dOumPz37u7CusyKkZOHHk0vxWwvBe9L0
ej9xq1/YLnA9WSELkyAfYs7FFzfjuZ5m3ZCywR6qPxSzrwcbhpTFhYlULX7XuCO/
Hz3u/NXQINCBlxC0/rl9WcD5q31ES5yxSovCZKe8CUAXqTwFBEva2/+9g60346G/
Wup4im647aGwIa4jrFi/TdqEeboRotOLBbXMjc9GCUH8T+n9SceYlVATUnNRAQBL
V6BtFeUKFIg4Fgs6NKZbpfasOvWnDa2hnYCX2fwDpne5owcbJnlpg+ZIbhoR6I8s
n+RDTKAg0ceDRvh19ANaiXt/Wo2Rk54FjKUjfUipnOk1k8weTjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org