Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/veZZenFN7MRNyzf0emqwghy5fxs.roa
File: veZZenFN7MRNyzf0emqwghy5fxs.roa (raw, json)
Hash identifier: YJMkq6o4x5d8yHZymIcOZmI526Mwwf9Qhm3h9PhLrlk=
Subject key identifier: BD:E6:59:7A:71:4D:EC:C4:4D:CB:37:F4:7A:6A:B0:82:1C:B9:7F:1B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: A3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/veZZenFN7MRNyzf0emqwghy5fxs.roa
Signing time: Tue 27 Feb 2024 07:55:04 +0000
ROA not before: Tue 27 Feb 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163 (0xa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 27 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=BDE6597A714DECC44DCB37F47A6AB0821CB97F1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:72:8e:fc:92:d9:48:90:73:4e:8f:de:d4:51:
a2:4a:f1:ac:c1:71:50:e2:89:d6:e4:d0:5b:7b:cb:
e8:b6:87:db:ea:cc:9e:db:60:f0:3a:40:10:ef:38:
84:5e:6a:d8:59:63:a6:ef:b7:a3:c9:96:dd:41:24:
f0:b0:24:0e:c5:ee:8d:6f:a1:52:6b:54:1d:f8:fe:
c3:32:61:5d:1a:19:7c:a3:22:b5:85:b5:64:ac:1d:
82:e4:20:86:26:57:f8:36:a9:2a:90:60:af:d5:2e:
31:85:53:9e:05:73:0c:e9:db:15:4a:23:0d:55:14:
ea:80:ff:f0:73:19:b5:e7:80:4e:98:e9:26:30:7b:
de:49:ab:0d:cc:57:a3:cc:9d:37:70:1e:29:39:ec:
28:b5:56:ec:79:d2:91:76:e2:99:14:2c:29:65:66:
65:27:fc:25:98:bf:af:ac:41:a7:ae:28:1a:29:47:
75:25:9f:5b:5d:b2:a0:ad:ed:8c:39:c9:71:7c:a7:
86:bb:fc:fa:bd:e5:21:46:47:40:4b:de:82:eb:00:
f0:c4:08:7d:99:b9:23:e3:07:e3:25:ef:84:d4:7b:
1a:ed:13:9c:c4:9f:7f:69:12:76:70:c3:cf:44:f4:
55:95:1b:f5:ed:a8:75:18:b6:f8:89:da:58:a8:ee:
ff:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E6:59:7A:71:4D:EC:C4:4D:CB:37:F4:7A:6A:B0:82:1C:B9:7F:1B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/veZZenFN7MRNyzf0emqwghy5fxs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d6:90:de:50:ac:2b:c4:2b:cd:00:84:0f:83:e2:6f:d2:ed:
a5:68:62:82:a7:0b:f4:45:9e:8f:11:c3:f1:2c:c0:a4:50:92:
ed:ce:b0:4d:1d:d7:50:cb:ea:03:53:96:e0:6a:e8:f6:13:60:
37:47:f6:33:b6:de:32:0b:ea:8d:28:ec:4d:73:bf:17:ee:71:
fe:c9:f8:5e:bf:f0:47:43:61:a7:ba:8c:b8:59:70:d2:8a:9a:
25:51:81:9a:9d:85:2b:ad:44:56:4f:31:07:25:e2:de:25:64:
df:e1:af:9a:db:f4:4d:7c:69:90:2b:8a:ef:12:6f:eb:00:77:
14:6e:49:f8:c3:6e:c9:44:71:8b:59:3c:7b:40:c0:78:37:99:
6c:30:bc:67:b8:9e:4d:d5:4d:e7:c9:97:55:8b:8f:e4:84:e5:
55:e1:b7:b9:07:16:6a:36:f5:ad:46:47:d5:32:6c:a4:90:82:
00:9e:eb:87:4d:f4:9a:a5:d1:f1:e4:db:e4:9f:0c:a1:b5:28:
40:87:82:39:31:e4:8b:0e:72:10:31:fb:92:96:d9:d9:25:15:
32:42:35:33:49:c7:b3:61:90:c3:ff:1f:83:92:9d:e1:d5:c9:
f3:81:4e:50:15:82:ed:99:fa:1c:0a:6f:96:fd:c7:31:a6:10:
d1:21:19:72
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAyMjcw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEJERTY1OTdBNzE0REVD
QzQ0RENCMzdGNDdBNkFCMDgyMUNCOTdGMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8co78ktlIkHNOj97UUaJK8azBcVDiidbk0Ft7y+i2h9vqzJ7b
YPA6QBDvOIReathZY6bvt6PJlt1BJPCwJA7F7o1voVJrVB34/sMyYV0aGXyjIrWF
tWSsHYLkIIYmV/g2qSqQYK/VLjGFU54Fcwzp2xVKIw1VFOqA//BzGbXngE6Y6SYw
e95Jqw3MV6PMnTdwHik57Ci1Vux50pF24pkULCllZmUn/CWYv6+sQaeuKBopR3Ul
n1tdsqCt7Yw5yXF8p4a7/Pq95SFGR0BL3oLrAPDECH2ZuSPjB+Ml74TUexrtE5zE
n39pEnZww89E9FWVG/XtqHUYtviJ2lio7v9zAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUveZZenFN7MRNyzf0emqwghy5fxswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3ZlWlplbkZON01STnl6
ZjBlbXF3Z2h5NWZ4cy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADjWkN5QrCvEK80AhA+D4m/S7aVoYoKnC/RF
no8Rw/EswKRQku3OsE0d11DL6gNTluBq6PYTYDdH9jO23jIL6o0o7E1zvxfucf7J
+F6/8EdDYae6jLhZcNKKmiVRgZqdhSutRFZPMQcl4t4lZN/hr5rb9E18aZAriu8S
b+sAdxRuSfjDbslEcYtZPHtAwHg3mWwwvGe4nk3VTefJl1WLj+SE5VXht7kHFmo2
9a1GR9UybKSQggCe64dN9Jql0fHk2+SfDKG1KECHgjkx5IsOchAx+5KW2dklFTJC
NTNJx7NhkMP/H4OSneHVyfOBTlAVgu2Z+hwKb5b9xzGmENEhGXI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org