Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oA21JNz8RVPRI0VvJZcoe5AfL-0.roa
File: oA21JNz8RVPRI0VvJZcoe5AfL-0.roa (raw, json)
Hash identifier: vLQeQG4xPtq5qmfIX7tJlhFBdA/nfE13oKk8iWaAzVs=
Subject key identifier: A0:0D:B5:24:DC:FC:45:53:D1:23:45:6F:25:97:28:7B:90:1F:2F:ED
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0280
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oA21JNz8RVPRI0VvJZcoe5AfL-0.roa
Signing time: Sat 20 Apr 2024 07:55:03 +0000
ROA not before: Sat 20 Apr 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Apr 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 640 (0x280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 20 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A00DB524DCFC4553D123456F2597287B901F2FED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:03:d2:5f:5c:ca:98:34:c6:ae:b5:7a:b1:f3:
9a:3b:b2:16:ab:dc:67:f6:46:52:b3:06:b8:52:f2:
62:8d:e9:1a:ad:2f:58:b1:fd:4e:22:65:24:35:89:
18:31:60:28:f8:54:f3:f7:3f:1c:34:eb:3b:82:f7:
1e:49:e3:61:1f:bd:c1:de:18:13:f3:1e:7a:a8:df:
f8:eb:27:35:a7:da:5e:e4:c2:b5:18:fc:96:6b:1a:
ba:2e:ea:0e:ad:cd:d5:99:f9:d3:f7:21:ce:57:27:
ec:23:4b:25:3c:45:28:5e:db:e9:1b:f8:50:ed:1e:
96:ea:ef:85:80:d2:47:eb:a3:d0:7a:8f:86:46:18:
de:20:11:68:40:61:9b:38:a1:a4:6d:f1:d8:97:af:
6c:22:b2:47:df:05:e7:46:88:29:ac:24:e4:e4:34:
61:c1:0e:b4:4f:66:40:8b:90:f1:79:0a:76:67:e0:
c5:33:2c:da:a1:ac:3e:0b:d4:9b:a6:40:7b:a2:90:
43:73:e0:86:16:be:42:6b:4b:9a:2f:00:86:a3:9e:
af:db:dd:12:39:b1:eb:34:26:06:a8:30:b9:84:a9:
b2:15:f5:24:f6:30:ee:a7:9c:55:f0:36:b0:ec:56:
1a:76:55:dd:c1:91:61:7d:1b:ff:76:04:87:35:07:
2b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0D:B5:24:DC:FC:45:53:D1:23:45:6F:25:97:28:7B:90:1F:2F:ED
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oA21JNz8RVPRI0VvJZcoe5AfL-0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
29:cf:8c:28:37:6c:c4:20:94:18:a4:b6:30:ff:78:cd:ff:4f:
0d:50:b3:a4:b9:08:ba:04:38:47:90:24:fe:3a:ef:eb:3d:a3:
e8:4e:29:38:73:26:2a:18:af:b8:ec:9b:40:75:db:1d:6a:20:
e4:f2:66:0d:fa:26:d8:ca:c9:52:79:ae:76:a1:17:a1:84:b4:
99:4c:2c:cd:96:4f:ef:9c:66:0c:50:a6:11:9d:a0:ac:cd:34:
18:e7:61:f7:53:a4:e8:bd:46:59:1a:ca:a9:d3:62:e6:cc:a8:
f1:b3:d4:c8:e2:2c:c9:6e:4d:9e:4b:c7:df:d2:da:3e:3f:42:
24:bf:b5:1c:12:52:6d:70:20:97:09:85:0b:c1:ef:07:ba:76:
b6:8f:71:49:19:9b:35:cc:26:1d:46:25:46:3d:6c:0a:17:a7:
0c:47:d1:a1:ed:36:01:c8:44:01:4e:bd:a9:3f:64:0f:3c:01:
01:a4:c8:2f:f8:20:03:be:01:6b:44:7b:cc:45:96:c6:89:68:
5e:2e:e6:60:74:86:36:4c:41:7e:c2:cf:58:b8:21:38:17:77:
25:88:15:01:44:e9:32:ca:e9:9c:10:9c:bb:a6:f9:28:3d:bc:
5c:6e:41:d4:71:f6:a9:f3:28:bf:93:e5:05:3b:f8:60:fa:1b:
fd:42:41:cb
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MjAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEwMERCNTI0RENGQzQ1
NTNEMTIzNDU2RjI1OTcyODdCOTAxRjJGRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2A9JfXMqYNMautXqx85o7shar3Gf2RlKzBrhS8mKN6RqtL1ix
/U4iZSQ1iRgxYCj4VPP3Pxw06zuC9x5J42EfvcHeGBPzHnqo3/jrJzWn2l7kwrUY
/JZrGrou6g6tzdWZ+dP3Ic5XJ+wjSyU8RShe2+kb+FDtHpbq74WA0kfro9B6j4ZG
GN4gEWhAYZs4oaRt8diXr2wiskffBedGiCmsJOTkNGHBDrRPZkCLkPF5CnZn4MUz
LNqhrD4L1JumQHuikENz4IYWvkJrS5ovAIajnq/b3RI5ses0JgaoMLmEqbIV9ST2
MO6nnFXwNrDsVhp2Vd3BkWF9G/92BIc1ByvJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoA21JNz8RVPRI0VvJZcoe5AfL+0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29BMjFKTno4UlZQUkkw
VnZKWmNvZTVBZkwtMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACnPjCg3bMQglBiktjD/eM3/Tw1Qs6S5CLoE
OEeQJP467+s9o+hOKThzJioYr7jsm0B12x1qIOTyZg36JtjKyVJ5rnahF6GEtJlM
LM2WT++cZgxQphGdoKzNNBjnYfdTpOi9RlkayqnTYubMqPGz1MjiLMluTZ5Lx9/S
2j4/QiS/tRwSUm1wIJcJhQvB7we6draPcUkZmzXMJh1GJUY9bAoXpwxH0aHtNgHI
RAFOvak/ZA88AQGkyC/4IAO+AWtEe8xFlsaJaF4u5mB0hjZMQX7Cz1i4ITgXdyWI
FQFE6TLK6ZwQnLum+Sg9vFxuQdRx9qnzKL+T5QU7+GD6G/1CQcs=
-----END CERTIFICATE-----
Generated at Sat Apr 20 14:00:28 2024 by rpki-client on console-ams.rpki-client.org