Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/mSk8HT2M3uZrH8P3iXkBWPPPrKE.roa
File: mSk8HT2M3uZrH8P3iXkBWPPPrKE.roa (raw, json)
Hash identifier: 5TD0OYUbtqrUmmYN9xe6zFT28vUS5gGWgMZmjDS1op0=
Subject key identifier: 99:29:3C:1D:3D:8C:DE:E6:6B:1F:C3:F7:89:79:01:58:F3:CF:AC:A1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: AF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mSk8HT2M3uZrH8P3iXkBWPPPrKE.roa
Signing time: Wed 28 Feb 2024 15:55:02 +0000
ROA not before: Wed 28 Feb 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175 (0xaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 28 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99293C1D3D8CDEE66B1FC3F789790158F3CFACA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:d3:58:8a:c6:3f:b1:2d:3c:4b:45:d4:d9:
83:bd:2c:52:1f:df:4e:48:22:9b:06:98:4d:40:5c:
73:d7:16:a6:0f:c2:a0:63:a9:81:80:62:ab:91:78:
39:09:20:55:5e:88:77:43:8c:9e:8a:ce:a5:dc:bc:
2c:3b:ff:18:80:5c:c5:08:bd:ea:38:f5:c7:8a:6d:
94:b1:8c:fc:68:d6:8d:5e:ba:f9:c9:6f:e1:bf:a7:
2e:60:d6:79:4f:30:b8:e4:fe:50:5e:70:65:29:f8:
53:f5:7d:39:29:9c:a0:98:fc:b5:f9:34:62:d5:8a:
b6:7f:5b:c3:11:23:c6:7b:ed:09:8e:74:06:ac:60:
1c:11:ed:1b:13:ca:12:a4:5a:95:9c:2c:31:68:37:
84:a8:ec:cb:d6:c1:e3:f1:1c:01:d9:62:07:90:6b:
63:ae:0d:20:f2:8c:eb:61:37:68:ac:fd:97:d8:be:
bc:b4:79:73:b7:57:93:ef:7f:82:6a:ff:89:1a:09:
4f:10:ac:a7:e2:ad:3b:60:ff:20:2b:d3:db:22:cd:
30:89:cf:f0:5a:8b:7d:52:39:8b:ae:6b:26:0f:af:
00:a5:fa:50:16:d4:26:e8:42:e0:8b:00:4d:5d:04:
9c:d5:1a:cf:48:25:3b:5f:de:61:76:13:c8:60:ce:
a0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:29:3C:1D:3D:8C:DE:E6:6B:1F:C3:F7:89:79:01:58:F3:CF:AC:A1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mSk8HT2M3uZrH8P3iXkBWPPPrKE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:33:82:d9:b8:32:27:b9:ad:26:aa:45:13:73:e3:87:9c:f3:
a1:21:e2:aa:65:20:fb:84:d5:d5:e0:6b:44:93:19:5b:21:7a:
d6:de:83:59:6b:77:23:f6:9b:c4:98:5e:9c:be:d6:52:31:25:
6f:55:64:66:dc:e5:f7:0f:f5:11:80:29:d4:68:aa:75:54:93:
a3:ea:02:03:f7:53:ef:62:6a:ac:80:bf:0b:b1:7a:e4:ac:4c:
c4:e3:35:a1:7f:58:b9:1e:f9:32:3c:d0:18:5a:9d:8b:db:4d:
46:f2:3c:56:65:78:9a:0d:7b:02:04:35:98:d6:fd:2e:1a:7d:
3d:20:e4:fb:85:3c:2b:60:17:fd:80:a3:3b:ce:e3:2f:4f:da:
4f:08:67:9e:50:e5:82:bf:17:65:41:de:cb:1e:3f:48:0c:b0:
bb:dc:ef:93:a7:08:d5:69:94:e0:9d:ba:6e:db:86:87:54:35:
fc:6f:d4:b7:f6:7c:69:3c:15:38:2b:c7:7e:d4:34:35:0a:c0:
c1:08:a5:85:44:ff:06:e3:04:75:cf:dc:41:c6:c5:06:61:0c:
0c:a0:3e:92:af:26:5a:b4:d5:42:2d:86:2b:7e:fb:7e:a1:9c:
a1:14:6b:4f:14:ff:82:b0:8b:32:4b:5b:43:d5:3f:c8:74:0f:
03:1d:b1:92
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAyMjgx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk5MjkzQzFEM0Q4Q0RF
RTY2QjFGQzNGNzg5NzkwMTU4RjNDRkFDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYEdNYisY/sS08S0XU2YO9LFIf305IIpsGmE1AXHPXFqYPwqBj
qYGAYquReDkJIFVeiHdDjJ6KzqXcvCw7/xiAXMUIveo49ceKbZSxjPxo1o1euvnJ
b+G/py5g1nlPMLjk/lBecGUp+FP1fTkpnKCY/LX5NGLVirZ/W8MRI8Z77QmOdAas
YBwR7RsTyhKkWpWcLDFoN4So7MvWwePxHAHZYgeQa2OuDSDyjOthN2is/ZfYvry0
eXO3V5Pvf4Jq/4kaCU8QrKfirTtg/yAr09sizTCJz/Bai31SOYuuayYPrwCl+lAW
1CboQuCLAE1dBJzVGs9IJTtf3mF2E8hgzqAZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUmSk8HT2M3uZrH8P3iXkBWPPPrKEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL21TazhIVDJNM3Vackg4
UDNpWGtCV1BQUHJLRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAwzgtm4Mie5rSaqRRNz44ec86Eh4qplIPuE
1dXga0STGVshetbeg1lrdyP2m8SYXpy+1lIxJW9VZGbc5fcP9RGAKdRoqnVUk6Pq
AgP3U+9iaqyAvwuxeuSsTMTjNaF/WLke+TI80BhanYvbTUbyPFZleJoNewIENZjW
/S4afT0g5PuFPCtgF/2AozvO4y9P2k8IZ55Q5YK/F2VB3sseP0gMsLvc75OnCNVp
lOCdum7bhodUNfxv1Lf2fGk8FTgrx37UNDUKwMEIpYVE/wbjBHXP3EHGxQZhDAyg
PpKvJlq01UIthit++36hnKEUa08U/4KwizJLW0PVP8h0DwMdsZI=
-----END CERTIFICATE-----
Generated at Wed Feb 28 22:58:47 2024 by rpki-client on console-ams.rpki-client.org