Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ow4kWtn3oXULiovz2kz0xJwcy-M.roa
File: ow4kWtn3oXULiovz2kz0xJwcy-M.roa (raw, json)
Hash identifier: 09fYPUAYI0oRW78RzlzubNNkmAjfMimD8JEEr4U9sic=
Subject key identifier: A3:0E:24:5A:D9:F7:A1:75:0B:8A:8B:F3:DA:4C:F4:C4:9C:1C:CB:E3
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 85
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ow4kWtn3oXULiovz2kz0xJwcy-M.roa
Signing time: Fri 23 Feb 2024 23:55:04 +0000
ROA not before: Fri 23 Feb 2024 23:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133 (0x85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 23 23:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A30E245AD9F7A1750B8A8BF3DA4CF4C49C1CCBE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:ce:6f:97:84:8e:d9:13:9c:17:d0:6a:eb:
59:4d:58:bb:b0:d0:01:67:8a:7d:46:47:b7:ac:8c:
84:6d:01:5d:5b:21:d0:f6:d3:16:8c:f0:8f:88:e8:
af:eb:30:11:0e:9e:e2:1e:26:35:f2:94:bf:6d:8f:
0e:d5:66:90:8e:5a:28:c0:e6:71:a8:3c:fe:34:18:
ea:55:f1:8f:7e:a8:bd:4c:16:0c:85:be:98:38:4f:
12:ac:fd:d8:b6:12:70:72:d6:40:47:0b:05:e5:c3:
8b:64:04:ef:21:50:ab:2a:e2:25:58:19:1c:dd:54:
84:0a:48:f5:24:c8:5a:9d:cb:50:c2:a4:de:19:de:
22:e6:4a:3b:4d:a8:18:33:4a:d8:b2:13:eb:99:30:
7c:8b:9f:6e:db:83:4f:03:95:35:ce:64:d9:40:6e:
70:24:73:c3:58:56:91:01:16:a1:59:93:b4:5e:85:
9f:9e:3a:9a:b3:7e:c5:08:f3:5b:89:bb:1f:b5:00:
73:69:69:a9:10:96:7c:50:b9:2e:d4:c2:99:4a:96:
7d:df:dd:d0:ce:16:97:ba:96:89:c6:f1:ca:28:a5:
d1:88:ba:b0:23:09:1a:01:d1:86:e2:e0:b1:e3:d2:
a6:1a:fc:23:f9:c5:49:1e:93:13:20:8f:30:0b:47:
7e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0E:24:5A:D9:F7:A1:75:0B:8A:8B:F3:DA:4C:F4:C4:9C:1C:CB:E3
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ow4kWtn3oXULiovz2kz0xJwcy-M.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:d9:c8:ef:f4:21:bb:33:49:4a:eb:c3:d8:7d:7c:59:9d:c0:
e8:7f:3b:8b:bd:fb:15:53:19:57:22:0b:b3:35:7c:e2:c4:e5:
e5:09:9a:9e:ec:89:8b:fa:80:89:07:79:d5:88:37:7c:12:87:
38:3a:03:30:58:2f:25:45:b1:e1:7b:69:4a:16:87:54:55:e6:
78:bf:8a:5a:fe:77:26:dd:f8:4c:ed:e1:1f:c9:d2:e0:62:88:
fe:68:af:c0:e8:35:f0:09:59:4a:c8:c4:9a:6c:04:03:46:3e:
f9:69:be:41:ce:82:aa:8c:03:56:02:17:c3:01:ba:c0:5a:3f:
08:21:fb:11:6e:01:eb:0f:cf:87:8a:2e:1d:06:a8:d5:53:f6:
73:92:59:23:aa:17:09:a0:a7:27:88:a2:b9:92:2a:b0:ae:28:
14:ec:78:af:50:8f:8a:47:7a:48:41:73:4d:f8:0d:0a:28:c2:
18:d5:19:98:f6:f2:f2:fb:ca:fa:da:ca:b5:02:91:8c:6d:81:
56:be:ab:21:ce:f2:61:eb:23:9f:d2:80:f1:01:43:c7:08:23:
d0:72:b6:71:b5:f8:f5:2c:8c:f7:b2:dd:ad:d1:5a:c5:0b:38:
f3:1e:7b:d8:f6:6d:3f:0d:4d:e5:2e:85:8e:36:a9:4b:30:b0:
43:f3:92:1c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAyMjMy
MzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEEzMEUyNDVBRDlGN0Ex
NzUwQjhBOEJGM0RBNENGNEM0OUMxQ0NCRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN4c5vl4SO2ROcF9Bq61lNWLuw0AFnin1GR7esjIRtAV1bIdD2
0xaM8I+I6K/rMBEOnuIeJjXylL9tjw7VZpCOWijA5nGoPP40GOpV8Y9+qL1MFgyF
vpg4TxKs/di2EnBy1kBHCwXlw4tkBO8hUKsq4iVYGRzdVIQKSPUkyFqdy1DCpN4Z
3iLmSjtNqBgzStiyE+uZMHyLn27bg08DlTXOZNlAbnAkc8NYVpEBFqFZk7RehZ+e
OpqzfsUI81uJux+1AHNpaakQlnxQuS7UwplKln3f3dDOFpe6lonG8coopdGIurAj
CRoB0Ybi4LHj0qYa/CP5xUkekxMgjzALR34PAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUow4kWtn3oXULiovz2kz0xJwcy+MwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL293NGtXdG4zb1hVTGlv
dnoya3oweEp3Y3ktTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAzZyO/0IbszSUrrw9h9fFmdwOh/O4u9+xVT
GVciC7M1fOLE5eUJmp7siYv6gIkHedWIN3wShzg6AzBYLyVFseF7aUoWh1RV5ni/
ilr+dybd+Ezt4R/J0uBiiP5or8DoNfAJWUrIxJpsBANGPvlpvkHOgqqMA1YCF8MB
usBaPwgh+xFuAesPz4eKLh0GqNVT9nOSWSOqFwmgpyeIormSKrCuKBTseK9Qj4pH
ekhBc034DQoowhjVGZj28vL7yvrayrUCkYxtgVa+qyHO8mHrI5/SgPEBQ8cII9By
tnG1+PUsjPey3a3RWsULOPMee9j2bT8NTeUuhY42qUswsEPzkhw=
-----END CERTIFICATE-----
Generated at Sat Feb 24 05:24:55 2024 by rpki-client on console-ams.rpki-client.org