Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/n0SDm9FCwOVlqjo3WNhTLC7tQ6c.roa
File: n0SDm9FCwOVlqjo3WNhTLC7tQ6c.roa (raw, json)
Hash identifier: qrq6xhUJIDLyj4fHGfH+Cb5BqR7SLxGT2hXJdIfEZZ8=
Subject key identifier: 9F:44:83:9B:D1:42:C0:E5:65:AA:3A:37:58:D8:53:2C:2E:ED:43:A7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0175
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/n0SDm9FCwOVlqjo3WNhTLC7tQ6c.roa
Signing time: Thu 21 Mar 2024 15:55:03 +0000
ROA not before: Thu 21 Mar 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 373 (0x175)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 21 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9F44839BD142C0E565AA3A3758D8532C2EED43A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:74:a3:60:db:80:07:76:0d:f8:fe:1c:a5:00:
c7:e9:8f:ee:56:80:b3:2e:8b:08:38:bd:9e:91:58:
70:3f:4e:7d:1f:78:2e:4c:c2:f9:14:ef:d3:43:27:
62:ca:31:51:a8:56:be:4a:7c:08:a9:fd:74:c6:92:
44:f4:a7:5f:8f:5f:fc:4a:72:30:1d:99:6f:45:ec:
e5:05:a7:8e:d1:91:34:59:e6:03:ef:9a:6b:6c:f9:
23:91:83:bf:f9:f7:53:0e:ba:aa:13:2e:e1:bc:eb:
91:ef:97:a8:82:14:4b:d7:e1:f8:02:37:77:ab:f9:
48:44:29:ed:9d:96:b0:8a:2b:e6:ac:4c:71:b1:54:
e8:2a:d2:d0:d6:d7:c9:a8:9b:9e:83:e2:a6:94:38:
b3:88:97:8c:08:70:32:1e:40:a5:3b:15:21:cf:68:
be:eb:3d:fa:0b:52:84:06:a6:a6:85:d1:3c:01:72:
b1:07:42:9a:6c:9a:76:09:6d:e1:e1:c8:85:93:93:
0a:54:90:40:6b:cb:7e:db:e2:6f:29:00:a6:c6:a4:
b4:51:ff:b4:26:7b:d0:f7:96:85:e8:4b:b6:e4:a6:
c1:d6:01:1c:7c:88:42:cb:21:8f:0d:ea:f7:4b:a3:
62:13:65:df:f7:a7:38:e0:0a:30:4d:1a:3d:25:44:
60:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:44:83:9B:D1:42:C0:E5:65:AA:3A:37:58:D8:53:2C:2E:ED:43:A7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/n0SDm9FCwOVlqjo3WNhTLC7tQ6c.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
21:6f:6f:41:08:50:18:90:dc:4d:ab:0a:dc:de:71:14:f5:db:
0b:66:22:67:f5:26:62:60:99:9c:0e:8a:7d:d3:a5:f1:bc:fe:
58:31:7a:f4:44:b9:28:9f:d0:d5:e6:16:31:7d:04:98:64:63:
33:ab:8b:30:8e:bc:69:e8:15:1d:93:ef:89:e1:d7:07:ed:6f:
45:92:28:d8:00:66:ab:5d:db:b9:76:da:04:3a:59:b5:f4:75:
fc:8d:50:2c:cd:72:67:10:d5:73:57:ac:ad:7b:36:09:9d:05:
76:19:3c:42:7c:e9:55:09:01:26:90:e1:e3:cb:81:da:d7:5f:
63:58:90:17:9c:56:e3:ea:9b:ef:9c:ec:98:d7:ef:28:ab:6f:
8d:95:58:5f:10:3c:db:97:e0:16:a6:db:50:db:09:07:2c:ac:
83:62:d0:e0:21:1b:1e:11:fc:9a:7f:cb:34:8a:d7:d3:a6:8e:
45:1b:f1:c2:66:98:67:6c:ba:1c:bf:96:7e:c0:63:76:fc:ad:
eb:21:a2:34:dc:10:6b:1c:89:50:a7:f7:54:52:77:4f:9c:1a:
d1:c3:21:43:34:87:0a:10:8a:c6:f3:d7:0c:a8:15:b0:42:23:
ea:63:16:67:9d:10:72:81:1d:44:8f:43:30:3a:36:70:2a:21:
16:ae:f4:8b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjEx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlGNDQ4MzlCRDE0MkMw
RTU2NUFBM0EzNzU4RDg1MzJDMkVFRDQzQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWdKNg24AHdg34/hylAMfpj+5WgLMuiwg4vZ6RWHA/Tn0feC5M
wvkU79NDJ2LKMVGoVr5KfAip/XTGkkT0p1+PX/xKcjAdmW9F7OUFp47RkTRZ5gPv
mmts+SORg7/591MOuqoTLuG865Hvl6iCFEvX4fgCN3er+UhEKe2dlrCKK+asTHGx
VOgq0tDW18mom56D4qaUOLOIl4wIcDIeQKU7FSHPaL7rPfoLUoQGpqaF0TwBcrEH
QppsmnYJbeHhyIWTkwpUkEBry37b4m8pAKbGpLRR/7Qme9D3loXoS7bkpsHWARx8
iELLIY8N6vdLo2ITZd/3pzjgCjBNGj0lRGBhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUn0SDm9FCwOVlqjo3WNhTLC7tQ6cwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL24wU0RtOUZDd09WbHFq
bzNXTmhUTEM3dFE2Yy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACFvb0EIUBiQ3E2rCtzecRT12wtmImf1JmJg
mZwOin3TpfG8/lgxevREuSif0NXmFjF9BJhkYzOrizCOvGnoFR2T74nh1wftb0WS
KNgAZqtd27l22gQ6WbX0dfyNUCzNcmcQ1XNXrK17NgmdBXYZPEJ86VUJASaQ4ePL
gdrXX2NYkBecVuPqm++c7JjX7yirb42VWF8QPNuX4Bam21DbCQcsrINi0OAhGx4R
/Jp/yzSK19OmjkUb8cJmmGdsuhy/ln7AY3b8reshojTcEGsciVCn91RSd0+cGtHD
IUM0hwoQisbz1wyoFbBCI+pjFmedEHKBHUSPQzA6NnAqIRau9Is=
-----END CERTIFICATE-----
Generated at Thu Mar 21 23:46:19 2024 by rpki-client on console-ams.rpki-client.org