Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/s6ZM3iLQUrmehDWTIu--9axe-NY.roa
File: s6ZM3iLQUrmehDWTIu--9axe-NY.roa (raw, json)
Hash identifier: POppugGP4PPyzvojcrMn4XCc29uHEpUiEo+zkn+12tE=
Subject key identifier: B3:A6:4C:DE:22:D0:52:B9:9E:84:35:93:22:EF:BE:F5:AC:5E:F8:D6
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 02D1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s6ZM3iLQUrmehDWTIu--9axe-NY.roa
Signing time: Mon 29 Apr 2024 07:55:04 +0000
ROA not before: Mon 29 Apr 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 721 (0x2d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 29 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B3A64CDE22D052B99E84359322EFBEF5AC5EF8D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e8:ae:0e:fc:99:f6:d3:31:06:79:5f:6b:8b:
c1:37:26:ae:29:34:5e:a7:49:8a:57:19:f1:0d:bb:
95:67:ed:13:50:69:17:a3:7a:03:4d:b7:75:c5:dd:
ef:f3:11:e1:cb:bb:40:fc:0f:c7:05:71:13:a9:f6:
d4:b8:ef:a8:83:77:76:b3:8c:fc:cb:a3:cb:80:ae:
ff:c0:e8:c3:4f:b7:56:3d:0c:b9:15:86:40:21:57:
11:c6:8b:85:f1:6a:f3:d2:de:96:85:f5:30:8c:dd:
3a:3c:42:b6:e0:65:97:7f:81:57:37:ae:8a:a5:7f:
f6:02:b2:fd:c4:77:f9:83:c7:1c:9b:7f:07:6f:df:
6e:9b:cb:c5:1f:68:d4:09:c6:a9:e7:1a:b3:69:98:
37:00:23:d9:e0:61:4b:7c:3d:05:cc:24:2b:38:82:
2b:08:a9:36:14:cd:58:13:40:36:e1:68:70:55:8f:
29:2b:8b:c6:b6:9e:c7:b4:49:0f:cf:ce:47:37:43:
02:4a:07:b2:ab:88:2e:89:67:8f:f3:a2:93:d9:60:
13:90:52:59:0c:cf:ad:74:d2:ca:ce:3b:ff:5f:3e:
8a:bf:49:84:c2:e6:d2:08:64:f5:63:10:95:f8:00:
26:56:b6:dc:a2:21:96:67:68:1b:d6:2b:7e:0b:e8:
d5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A6:4C:DE:22:D0:52:B9:9E:84:35:93:22:EF:BE:F5:AC:5E:F8:D6
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/s6ZM3iLQUrmehDWTIu--9axe-NY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b8:c6:9a:13:ff:87:79:17:2f:37:69:b8:44:5d:b1:e7:37:
c4:44:42:82:92:f2:a5:97:ba:47:30:9d:0d:33:77:36:43:41:
b6:cf:ee:6f:5b:af:b8:79:b0:5f:12:02:4f:bd:c2:bb:15:c2:
26:f6:e0:44:bd:24:32:02:b3:8f:86:42:ea:8c:63:87:06:e4:
90:4d:2b:69:cb:3a:cc:56:d5:38:2c:00:25:84:ed:89:59:ba:
a1:94:d2:6d:87:a4:8b:82:13:27:08:c1:4b:09:9d:cc:96:8a:
7a:8c:a9:41:1e:68:1f:48:dd:a8:ce:e5:e0:29:8d:1c:62:83:
94:c7:ca:b0:37:de:af:e1:d9:44:41:9b:9c:00:6a:77:1f:6e:
ce:b2:4f:d6:7d:cd:98:51:ef:09:63:6a:a8:4f:da:90:95:2c:
f7:26:6b:bc:ec:b0:7a:3b:56:a7:85:a8:e4:1f:30:36:00:af:
cc:51:05:6b:af:3b:cc:f3:5a:3c:cb:a9:39:7f:d5:ee:e3:59:
9a:29:0f:d0:81:29:4e:c3:29:a6:57:62:bf:e4:27:b5:91:dd:
48:89:9b:56:c9:4f:28:4a:9f:e2:89:a0:c9:59:bb:1e:13:8f:
c7:62:c0:b4:ee:b9:aa:ad:b4:83:82:64:4a:42:fa:05:65:fc:
bc:c2:e3:8c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAtEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0Mjkw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEIzQTY0Q0RFMjJEMDUy
Qjk5RTg0MzU5MzIyRUZCRUY1QUM1RUY4RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDx6K4O/Jn20zEGeV9ri8E3Jq4pNF6nSYpXGfENu5Vn7RNQaRej
egNNt3XF3e/zEeHLu0D8D8cFcROp9tS476iDd3azjPzLo8uArv/A6MNPt1Y9DLkV
hkAhVxHGi4XxavPS3paF9TCM3To8QrbgZZd/gVc3roqlf/YCsv3Ed/mDxxybfwdv
326by8UfaNQJxqnnGrNpmDcAI9ngYUt8PQXMJCs4gisIqTYUzVgTQDbhaHBVjykr
i8a2nse0SQ/Pzkc3QwJKB7KriC6JZ4/zopPZYBOQUlkMz6100srOO/9fPoq/SYTC
5tIIZPVjEJX4ACZWttyiIZZnaBvWK34L6NVrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUs6ZM3iLQUrmehDWTIu++9axe+NYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3M2Wk0zaUxRVXJtZWhE
V1RJdS0tOWF4ZS1OWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAH24xpoT/4d5Fy83abhEXbHnN8REQoKS8qWX
ukcwnQ0zdzZDQbbP7m9br7h5sF8SAk+9wrsVwib24ES9JDICs4+GQuqMY4cG5JBN
K2nLOsxW1TgsACWE7YlZuqGU0m2HpIuCEycIwUsJncyWinqMqUEeaB9I3ajO5eAp
jRxig5THyrA33q/h2URBm5wAancfbs6yT9Z9zZhR7wljaqhP2pCVLPcma7zssHo7
VqeFqOQfMDYAr8xRBWuvO8zzWjzLqTl/1e7jWZopD9CBKU7DKaZXYr/kJ7WR3UiJ
m1bJTyhKn+KJoMlZux4Tj8diwLTuuaqttIOCZEpC+gVl/LzC44w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org