Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/o2BXkSobxqgGuRWTIQFoVktXyeA.roa
File: o2BXkSobxqgGuRWTIQFoVktXyeA.roa (raw, json)
Hash identifier: NNbICD+YJkePnrDaxKPqvtyEJ9iTlLqM3t7FfaGRcQU=
Subject key identifier: A3:60:57:91:2A:1B:C6:A8:06:B9:15:93:21:01:68:56:4B:57:C9:E0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 018D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/o2BXkSobxqgGuRWTIQFoVktXyeA.roa
Signing time: Sun 24 Mar 2024 07:55:03 +0000
ROA not before: Sun 24 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 397 (0x18d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 24 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A36057912A1BC6A806B91593210168564B57C9E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:a5:b3:13:ef:ba:23:72:72:d2:9a:dc:0d:
0c:cf:1f:40:ee:7e:c5:29:35:11:2d:2d:cf:57:38:
af:be:b4:4c:5d:01:7c:af:c9:43:b1:f0:02:10:9f:
f0:f0:7e:48:3e:a2:58:ad:5e:e6:95:df:2b:21:bb:
96:18:69:f2:c8:e9:94:e8:52:1f:59:3b:c5:a9:7c:
9c:e0:24:7c:a0:20:50:92:71:2e:b1:b8:70:96:39:
50:8d:09:20:27:a4:d2:47:f8:32:f0:65:dc:e0:eb:
35:9c:6f:55:a0:61:a5:c3:ca:f1:6c:12:34:a1:3e:
43:2d:d1:ae:c0:e7:0f:f2:4a:30:24:fe:79:cc:0a:
99:56:1e:00:77:9c:5a:5c:4c:bd:d7:64:ac:fa:bd:
23:70:f4:07:29:98:d2:09:85:9f:43:28:c9:c5:7a:
89:3b:5b:6a:7c:d6:16:ff:02:53:fd:2d:96:1f:ef:
67:1c:46:10:c4:59:b6:13:71:db:45:41:f4:80:c2:
66:79:3c:df:ed:3e:85:13:b8:37:9b:c6:21:b6:46:
47:7a:45:3c:e6:82:9d:1b:04:69:48:05:0f:7d:da:
c0:88:ca:12:6d:3e:29:47:bb:66:7e:26:95:dc:31:
3c:87:35:cd:06:2f:c1:21:f1:99:86:19:ec:c1:70:
8f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:60:57:91:2A:1B:C6:A8:06:B9:15:93:21:01:68:56:4B:57:C9:E0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/o2BXkSobxqgGuRWTIQFoVktXyeA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:96:b9:48:f0:a0:42:dc:1c:d8:7a:02:0c:b8:a5:97:ca:92:
6c:fd:0f:97:f7:4b:c6:20:38:cb:77:86:f3:47:42:2e:51:c1:
0e:f8:09:96:39:d4:47:ef:e7:07:d6:19:6f:1f:bd:b4:a0:15:
1c:da:c3:38:be:45:91:a7:e3:1d:64:8b:e5:05:11:12:9e:ca:
14:7d:65:07:07:8f:be:f5:1f:01:b7:c2:fb:e1:a3:3b:6e:ac:
63:a7:65:1d:30:df:67:68:68:d3:a8:a6:b2:9b:56:29:66:0a:
0b:9c:77:b5:1f:c2:6f:b7:62:78:42:42:aa:47:6a:72:8b:2d:
21:87:11:48:9c:5d:b4:19:15:d0:68:d8:c1:89:a1:52:e2:af:
c1:1b:70:4e:fa:84:bc:0f:ea:dd:38:68:cd:bc:4c:84:ce:9b:
05:38:99:a6:8b:63:5d:2a:47:9b:12:c1:aa:bd:3a:26:a9:24:
6d:6b:7a:ff:f8:e6:6e:ff:28:1f:b7:b9:2a:79:a4:57:ad:f9:
a0:3b:d9:ef:5f:da:75:86:f9:e2:e7:2c:d5:6f:56:90:86:fb:
61:6d:dc:d0:0f:59:07:17:99:67:2c:2f:ea:67:80:6c:4f:5d:
25:64:94:72:29:89:1b:72:f5:b7:18:b3:1d:17:39:a9:8a:8f:
e2:0b:b5:1a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjQw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEzNjA1NzkxMkExQkM2
QTgwNkI5MTU5MzIxMDE2ODU2NEI1N0M5RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIeKWzE++6I3Jy0prcDQzPH0DufsUpNREtLc9XOK++tExdAXyv
yUOx8AIQn/Dwfkg+olitXuaV3yshu5YYafLI6ZToUh9ZO8WpfJzgJHygIFCScS6x
uHCWOVCNCSAnpNJH+DLwZdzg6zWcb1WgYaXDyvFsEjShPkMt0a7A5w/ySjAk/nnM
CplWHgB3nFpcTL3XZKz6vSNw9AcpmNIJhZ9DKMnFeok7W2p81hb/AlP9LZYf72cc
RhDEWbYTcdtFQfSAwmZ5PN/tPoUTuDebxiG2Rkd6RTzmgp0bBGlIBQ992sCIyhJt
PilHu2Z+JpXcMTyHNc0GL8Eh8ZmGGezBcI+FAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUo2BXkSobxqgGuRWTIQFoVktXyeAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL28yQlhrU29ieHFnR3VS
V1RJUUZvVmt0WHllQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAA+WuUjwoELcHNh6Agy4pZfKkmz9D5f3S8Yg
OMt3hvNHQi5RwQ74CZY51Efv5wfWGW8fvbSgFRzawzi+RZGn4x1ki+UFERKeyhR9
ZQcHj771HwG3wvvhozturGOnZR0w32doaNOoprKbVilmCgucd7Ufwm+3YnhCQqpH
anKLLSGHEUicXbQZFdBo2MGJoVLir8EbcE76hLwP6t04aM28TITOmwU4maaLY10q
R5sSwaq9OiapJG1rev/45m7/KB+3uSp5pFet+aA72e9f2nWG+eLnLNVvVpCG+2Ft
3NAPWQcXmWcsL+pngGxPXSVklHIpiRty9bcYsx0XOamKj+ILtRo=
-----END CERTIFICATE-----
Generated at Sun Mar 24 12:28:11 2024 by rpki-client on console-ams.rpki-client.org