Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/oK5kdELsT_l-d8xv9CHqUTJartA.roa
File: oK5kdELsT_l-d8xv9CHqUTJartA.roa (raw, json)
Hash identifier: 93dfUywXM3PibAI2sOgNDaA9U+kZEZQKpP/RsPN/j3M=
Subject key identifier: A0:AE:64:74:42:EC:4F:F9:7E:77:CC:6F:F4:21:EA:51:32:5A:AE:D0
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 023B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oK5kdELsT_l-d8xv9CHqUTJartA.roa
Signing time: Fri 12 Apr 2024 15:55:03 +0000
ROA not before: Fri 12 Apr 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 571 (0x23b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 12 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A0AE647442EC4FF97E77CC6FF421EA51325AAED0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e5:67:76:f7:60:ba:cd:31:b6:52:a7:3c:7b:
08:1f:f4:a3:3e:21:c3:71:26:1a:1d:15:e5:e5:fa:
86:10:62:5a:ee:a2:bd:7c:d2:7c:57:c9:34:14:e4:
1d:ce:fb:ca:f4:f7:7e:ae:2a:6f:d5:c5:ab:e3:95:
87:a5:0d:85:b5:45:8e:d0:5f:3c:2e:0a:66:35:7d:
0a:b6:9f:75:f1:b6:e6:3c:2c:66:a2:fc:2e:8f:6f:
e9:2f:b5:72:d1:a1:0e:6d:63:90:38:4c:38:1c:1a:
87:1d:63:82:72:b6:c7:45:2c:53:19:6c:77:be:76:
ad:97:00:ce:a6:7c:8e:6b:7f:24:dd:7b:4c:db:45:
4c:1b:e0:03:9c:78:94:71:bc:a2:e0:13:50:22:8c:
82:c1:3e:68:01:e6:69:65:99:39:4a:54:1a:e2:96:
a1:cd:fc:ed:d2:8c:55:93:5e:67:d9:ee:71:c2:ea:
07:7b:36:1f:f8:49:49:f3:7d:ed:f6:a5:f4:3e:ac:
4f:2d:0b:86:e4:92:4e:02:95:60:b5:22:82:fe:eb:
f8:2b:77:76:27:66:c6:15:90:81:d7:6c:e7:a0:4f:
9d:25:d6:89:cf:f3:65:44:d0:b3:0c:fa:04:f8:a6:
17:fd:65:39:db:04:16:27:9c:d3:91:33:64:7b:4f:
be:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AE:64:74:42:EC:4F:F9:7E:77:CC:6F:F4:21:EA:51:32:5A:AE:D0
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/oK5kdELsT_l-d8xv9CHqUTJartA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:ab:dd:9a:2a:8b:85:53:41:ea:bb:d1:35:62:20:71:0b:f7:
1f:ed:db:83:f8:32:06:00:86:20:0c:2a:5e:da:14:58:7f:46:
c5:47:91:b1:2f:0e:40:96:9b:91:ac:ad:9c:04:de:a9:03:0d:
a1:35:f2:b8:2b:68:d0:1e:0f:f0:b7:85:d8:43:ea:b9:6c:fd:
18:90:99:8f:40:c3:69:26:f2:6e:c2:26:ca:73:00:06:df:99:
ec:20:c2:10:8b:3c:81:a2:48:2e:eb:c7:9d:aa:c0:bb:d8:fc:
29:ce:27:77:e8:5a:60:4e:f4:d2:23:05:6c:d1:74:45:70:3d:
7e:f7:c3:61:c5:db:2e:98:d9:37:1e:9d:bb:80:b9:d1:08:b9:
3f:fc:e9:5a:34:a0:38:60:40:38:a1:d9:1a:fc:a8:5a:6d:55:
70:25:88:ea:cf:80:4b:a2:8d:86:14:21:61:f0:dc:5d:31:a1:
ec:e5:4c:33:36:bd:f6:84:e3:b3:7a:88:70:95:b7:f1:fa:c5:
70:16:4e:56:fa:91:fb:c2:60:55:c2:3b:5b:70:e0:e5:23:22:
63:da:99:e7:13:54:65:e0:c2:e6:39:17:67:59:3c:49:e4:49:
3a:3d:dc:1a:99:54:9f:d1:c9:e5:04:ea:d2:af:cf:9f:84:ef:
ea:c4:da:b0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAjswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MTIx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEwQUU2NDc0NDJFQzRG
Rjk3RTc3Q0M2RkY0MjFFQTUxMzI1QUFFRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCc5Wd292C6zTG2Uqc8ewgf9KM+IcNxJhodFeXl+oYQYlruor18
0nxXyTQU5B3O+8r0936uKm/VxavjlYelDYW1RY7QXzwuCmY1fQq2n3XxtuY8LGai
/C6Pb+kvtXLRoQ5tY5A4TDgcGocdY4JytsdFLFMZbHe+dq2XAM6mfI5rfyTde0zb
RUwb4AOceJRxvKLgE1AijILBPmgB5mllmTlKVBrilqHN/O3SjFWTXmfZ7nHC6gd7
Nh/4SUnzfe32pfQ+rE8tC4bkkk4ClWC1IoL+6/grd3YnZsYVkIHXbOegT50l1onP
82VE0LMM+gT4phf9ZTnbBBYnnNORM2R7T75dAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUoK5kdELsT/l+d8xv9CHqUTJartAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL29LNWtkRUxzVF9sLWQ4
eHY5Q0hxVVRKYXJ0QS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANSr3Zoqi4VTQeq70TViIHEL9x/t24P4MgYA
hiAMKl7aFFh/RsVHkbEvDkCWm5GsrZwE3qkDDaE18rgraNAeD/C3hdhD6rls/RiQ
mY9Aw2km8m7CJspzAAbfmewgwhCLPIGiSC7rx52qwLvY/CnOJ3foWmBO9NIjBWzR
dEVwPX73w2HF2y6Y2TcenbuAudEIuT/86Vo0oDhgQDih2Rr8qFptVXAliOrPgEui
jYYUIWHw3F0xoezlTDM2vfaE47N6iHCVt/H6xXAWTlb6kfvCYFXCO1tw4OUjImPa
mecTVGXgwuY5F2dZPEnkSTo93BqZVJ/RyeUE6tKvz5+E7+rE2rA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org