Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/mQHbHpDcpgw-_upXJSUpSkZHKWE.roa
File: mQHbHpDcpgw-_upXJSUpSkZHKWE.roa (raw, json)
Hash identifier: KaPsugvUb1QB7UlmY1lZbwZp27BNKM0CLu4Sl5HSALM=
Subject key identifier: 99:01:DB:1E:90:DC:A6:0C:3E:FE:EA:57:25:25:29:4A:46:47:29:61
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01DB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mQHbHpDcpgw-_upXJSUpSkZHKWE.roa
Signing time: Mon 01 Apr 2024 23:55:04 +0000
ROA not before: Mon 01 Apr 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 475 (0x1db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 1 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9901DB1E90DCA60C3EFEEA572525294A46472961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e4:8d:b3:e8:2b:77:76:d6:3d:f9:07:10:b4:
76:b5:e8:7f:4e:e9:be:77:07:ad:ac:15:92:e4:4b:
cc:cb:14:ba:d6:c2:bd:cf:61:bb:26:b3:f4:13:93:
33:97:af:b7:f9:1e:5b:33:0b:0f:cb:a9:81:50:e1:
bb:54:62:d7:fc:3e:73:61:06:a4:61:d4:01:16:d7:
9a:33:43:16:20:4b:a4:9b:26:71:13:73:b7:1b:21:
a2:f1:e5:e9:da:c6:7b:fb:8b:bf:c6:aa:04:7f:d7:
d0:5f:49:a7:63:78:01:89:f2:2a:bb:c5:78:38:b8:
e1:b2:02:e4:7e:2a:28:75:fc:80:2d:da:2f:1c:8a:
27:4d:66:1e:a7:5a:15:88:b3:47:73:26:55:6b:f4:
d2:3f:34:0a:87:ce:e3:d3:6f:4d:c5:c3:c4:30:ed:
a4:41:dd:5d:26:d9:13:8f:93:57:23:82:50:59:9f:
01:fb:69:a8:35:77:ea:28:55:50:00:72:a4:5e:63:
da:75:cc:18:2b:6b:59:36:b5:5c:cc:de:82:61:59:
f6:9b:31:39:e4:c3:ff:3b:11:45:2e:28:e3:0c:31:
30:cb:64:7c:25:e5:46:2b:35:1b:cc:1c:46:b5:e8:
ea:ee:4d:f9:a4:45:50:a3:75:b4:3d:69:80:94:f0:
50:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:01:DB:1E:90:DC:A6:0C:3E:FE:EA:57:25:25:29:4A:46:47:29:61
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mQHbHpDcpgw-_upXJSUpSkZHKWE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c9:56:d9:24:32:25:9f:f1:ca:0e:1b:12:db:af:c5:9d:cf:
e4:51:e6:c6:c5:4a:60:c0:70:d9:b3:eb:d5:9b:bc:7c:70:a4:
21:8a:e3:03:de:62:4c:4f:ab:0a:73:14:b0:6e:0e:7e:79:6e:
a8:ed:3d:d9:cd:c5:8b:e1:9a:ff:5d:0c:1b:23:b7:b3:1f:5c:
b1:59:e1:8c:2b:f3:d6:20:87:43:e7:e5:e8:2f:48:d7:79:b5:
d9:b0:73:e8:5a:36:c6:93:05:50:09:9e:95:d8:f4:3f:1b:dc:
9d:2d:be:cf:5b:52:a4:c8:fa:96:bc:6b:95:63:f8:6b:1f:4a:
a4:a0:e1:8f:f7:b6:ab:f3:86:89:1a:24:1b:aa:85:a5:f9:84:
97:89:a9:d3:2d:ca:5e:6a:31:07:15:15:0c:fd:5f:01:1b:26:
05:8d:70:ed:92:17:24:08:72:ab:e8:56:f2:2c:b4:4e:59:c7:
fe:58:8a:7b:5e:7e:b4:25:6e:a6:f5:0f:0b:1b:8e:a5:b0:3b:
76:90:67:4d:97:45:ed:43:31:01:23:1a:1c:ca:de:25:e6:28:
ce:08:4e:1a:80:6e:e2:7e:fb:77:9f:46:0c:77:90:46:d7:5e:
92:83:22:9e:92:e8:27:1b:80:f9:2f:01:13:58:8e:0a:aa:60:
93:f4:ad:70
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDEy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk5MDFEQjFFOTBEQ0E2
MEMzRUZFRUE1NzI1MjUyOTRBNDY0NzI5NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI5I2z6Ct3dtY9+QcQtHa16H9O6b53B62sFZLkS8zLFLrWwr3P
Ybsms/QTkzOXr7f5HlszCw/LqYFQ4btUYtf8PnNhBqRh1AEW15ozQxYgS6SbJnET
c7cbIaLx5enaxnv7i7/GqgR/19BfSadjeAGJ8iq7xXg4uOGyAuR+Kih1/IAt2i8c
iidNZh6nWhWIs0dzJlVr9NI/NAqHzuPTb03Fw8Qw7aRB3V0m2ROPk1cjglBZnwH7
aag1d+ooVVAAcqReY9p1zBgra1k2tVzM3oJhWfabMTnkw/87EUUuKOMMMTDLZHwl
5UYrNRvMHEa16OruTfmkRVCjdbQ9aYCU8FBbAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUmQHbHpDcpgw+/upXJSUpSkZHKWEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL21RSGJIcERjcGd3LV91
cFhKU1VwU2taSEtXRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGDJVtkkMiWf8coOGxLbr8Wdz+RR5sbFSmDA
cNmz69WbvHxwpCGK4wPeYkxPqwpzFLBuDn55bqjtPdnNxYvhmv9dDBsjt7MfXLFZ
4Ywr89Ygh0Pn5egvSNd5tdmwc+haNsaTBVAJnpXY9D8b3J0tvs9bUqTI+pa8a5Vj
+GsfSqSg4Y/3tqvzhokaJBuqhaX5hJeJqdMtyl5qMQcVFQz9XwEbJgWNcO2SFyQI
cqvoVvIstE5Zx/5YintefrQlbqb1DwsbjqWwO3aQZ02XRe1DMQEjGhzK3iXmKM4I
ThqAbuJ++3efRgx3kEbXXpKDIp6S6CcbgPkvARNYjgqqYJP0rXA=
-----END CERTIFICATE-----
Generated at Tue Apr 2 05:16:13 2024 by rpki-client on console-ams.rpki-client.org