Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/sIXtMAdeJgP9cN6z6s0sMMNoJps.roa
File: sIXtMAdeJgP9cN6z6s0sMMNoJps.roa (raw, json)
Hash identifier: gacTUrqdqQrRMnR4bLDVaSFC6/e+NOMul/ycc+CtmSQ=
Subject key identifier: B0:85:ED:30:07:5E:26:03:FD:70:DE:B3:EA:CD:2C:30:C3:68:26:9B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01F9
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/sIXtMAdeJgP9cN6z6s0sMMNoJps.roa
Signing time: Fri 05 Apr 2024 07:55:03 +0000
ROA not before: Fri 05 Apr 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 505 (0x1f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 5 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=B085ED30075E2603FD70DEB3EACD2C30C368269B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1b:9f:37:10:b3:f9:b5:f7:a3:51:5a:a2:23:
b7:8c:e4:fa:a6:11:73:c0:16:00:35:5f:af:3f:ff:
27:4d:25:6a:51:a9:c5:f4:ca:4c:78:2d:e7:eb:21:
17:7c:72:b9:d8:c3:7d:ca:22:0f:a0:41:e7:7f:d9:
fe:2c:13:63:8f:17:da:6c:6b:e6:a6:23:e5:17:71:
f5:ab:7e:af:bc:ec:bd:04:9a:bb:68:4b:f2:e1:01:
c8:01:2b:94:55:4e:a1:dc:d7:9c:70:58:47:f5:45:
7a:25:c6:3b:d2:36:07:4d:23:3c:4a:a0:0e:29:ce:
01:ed:fc:66:fd:9e:37:a0:e5:40:ec:b8:bf:df:15:
0e:26:02:c4:7d:f6:25:e8:23:7c:74:18:f2:41:16:
9d:ef:50:86:12:1e:00:89:74:11:4b:aa:19:ee:8a:
ce:de:e8:2a:1c:7c:32:32:cf:ee:25:69:3c:b2:ed:
da:0b:f2:99:23:08:2f:f2:6e:98:cb:38:25:32:9e:
80:c3:79:2e:7d:99:64:90:12:eb:4d:0a:0f:6f:56:
e9:0a:a2:69:36:a4:37:62:60:0b:24:89:d9:ed:34:
70:41:76:ef:4d:e1:74:39:d8:6c:d1:ea:17:82:54:
69:e5:c3:f1:47:ba:78:22:2f:88:b4:b8:8e:7f:78:
f5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:85:ED:30:07:5E:26:03:FD:70:DE:B3:EA:CD:2C:30:C3:68:26:9B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/sIXtMAdeJgP9cN6z6s0sMMNoJps.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0f:d3:1f:1f:f9:0b:74:e5:ae:da:44:c8:d2:d3:62:e2:75:
a0:59:f1:b9:ad:7b:c3:fc:3d:e6:b3:c9:99:f0:43:90:ad:46:
c0:21:bc:ea:4c:00:08:0a:ed:de:2a:80:ca:f3:d7:34:ea:f3:
03:5b:25:d8:4c:1a:31:f3:fd:20:8d:9a:47:31:52:0e:c0:be:
29:92:18:1e:5d:62:1c:db:cc:42:24:ff:42:aa:1f:33:94:5e:
9e:15:98:a5:34:6a:68:af:00:77:b2:4b:88:15:44:1b:cd:fa:
e2:b4:85:c9:6c:7f:3f:89:39:9e:ac:77:90:97:0e:75:f0:4c:
f3:5b:52:fd:33:cc:45:c5:90:11:87:66:15:d3:2d:46:72:85:
ee:48:c3:8b:70:58:0b:fc:f6:c6:17:79:34:4d:cd:12:2a:fa:
98:20:0d:d5:69:7c:00:8c:7d:15:3c:eb:32:5d:fc:bf:ce:bd:
ff:9d:02:3f:24:b9:48:71:a6:fe:ce:dc:ae:c3:5c:d7:e1:55:
38:1f:b5:33:16:1a:9b:96:11:ed:0a:3b:94:94:86:63:be:61:
9e:fb:20:6e:69:63:08:83:08:06:4c:ee:ef:f2:87:a7:a2:45:
d3:c4:41:e9:9b:ff:74:bd:54:33:d5:12:38:bb:f7:1e:42:2b:
49:5c:4b:36
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAfkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDUw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEIwODVFRDMwMDc1RTI2
MDNGRDcwREVCM0VBQ0QyQzMwQzM2ODI2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgG583ELP5tfejUVqiI7eM5PqmEXPAFgA1X68//ydNJWpRqcX0
ykx4LefrIRd8crnYw33KIg+gQed/2f4sE2OPF9psa+amI+UXcfWrfq+87L0Emrto
S/LhAcgBK5RVTqHc15xwWEf1RXolxjvSNgdNIzxKoA4pzgHt/Gb9njeg5UDsuL/f
FQ4mAsR99iXoI3x0GPJBFp3vUIYSHgCJdBFLqhnuis7e6CocfDIyz+4laTyy7doL
8pkjCC/ybpjLOCUynoDDeS59mWSQEutNCg9vVukKomk2pDdiYAskidntNHBBdu9N
4XQ52GzR6heCVGnlw/FHungiL4i0uI5/ePX7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUsIXtMAdeJgP9cN6z6s0sMMNoJpswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3NJWHRNQWRlSmdQOWNO
Nno2czBzTU1Ob0pwcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKoP0x8f+Qt05a7aRMjS02LidaBZ8bmte8P8
PeazyZnwQ5CtRsAhvOpMAAgK7d4qgMrz1zTq8wNbJdhMGjHz/SCNmkcxUg7AvimS
GB5dYhzbzEIk/0KqHzOUXp4VmKU0amivAHeyS4gVRBvN+uK0hclsfz+JOZ6sd5CX
DnXwTPNbUv0zzEXFkBGHZhXTLUZyhe5Iw4twWAv89sYXeTRNzRIq+pggDdVpfACM
fRU86zJd/L/Ovf+dAj8kuUhxpv7O3K7DXNfhVTgftTMWGpuWEe0KO5SUhmO+YZ77
IG5pYwiDCAZM7u/yh6eiRdPEQemb/3S9VDPVEji79x5CK0lcSzY=
-----END CERTIFICATE-----
Generated at Fri Apr 5 15:50:43 2024 by rpki-client on console-ams.rpki-client.org