Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/vz3oI7ajl4t8RNUJDRoXHerWFP0.roa
File: vz3oI7ajl4t8RNUJDRoXHerWFP0.roa (raw, json)
Hash identifier: v2QrlpI2yyHfcmTTNIpd3JAOj4Yx0oJsNGyTC56CRIo=
Subject key identifier: BF:3D:E8:23:B6:A3:97:8B:7C:44:D5:09:0D:1A:17:1D:EA:D6:14:FD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: CD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/vz3oI7ajl4t8RNUJDRoXHerWFP0.roa
Signing time: Sat 02 Mar 2024 23:55:03 +0000
ROA not before: Sat 02 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205 (0xcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 2 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=BF3DE823B6A3978B7C44D5090D1A171DEAD614FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4c:90:c0:fb:7d:23:aa:bd:5d:9a:fa:6f:b9:
0f:b6:19:15:a8:ac:ad:57:80:03:d2:0f:8f:2b:07:
67:7b:8c:69:ba:55:f5:40:5b:0c:59:e6:fe:48:66:
b2:58:85:bc:92:c2:9b:0b:15:f4:89:59:37:9a:5c:
6a:1f:ae:60:68:a9:f1:16:f9:13:d3:39:eb:ef:df:
ae:e4:1f:23:fc:cf:13:7a:96:51:80:f8:c9:7e:ce:
c3:a1:50:6f:8e:e4:66:46:27:1c:7a:c3:96:14:98:
cc:22:88:fd:8d:5a:db:f9:90:b9:cf:07:cd:a0:05:
d3:41:be:84:9b:95:93:09:1d:8f:c3:b7:84:f8:57:
8a:e8:5a:09:c5:f7:35:5c:2e:6c:99:95:ee:7c:72:
bd:2f:92:f8:cf:df:6e:ba:51:83:9b:5b:de:83:d0:
94:59:f2:46:e4:f8:d8:8c:bf:29:25:9a:3e:c6:ac:
08:dc:08:48:55:52:3e:0d:cf:05:a8:6b:8b:b1:f3:
db:b2:6d:b4:5a:2b:43:0c:db:f6:7d:1f:9b:66:5c:
00:0b:5b:a3:ed:c1:8c:7b:7a:2b:f6:05:5e:46:01:
ff:8c:3f:f0:b8:61:32:25:22:ad:5b:38:f2:c2:3a:
9c:a4:f1:11:8e:83:c0:52:8b:2c:ea:fc:ce:8c:fc:
39:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3D:E8:23:B6:A3:97:8B:7C:44:D5:09:0D:1A:17:1D:EA:D6:14:FD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/vz3oI7ajl4t8RNUJDRoXHerWFP0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
83:0f:e1:5f:f7:c3:89:50:cd:1d:c0:c0:b9:0d:fb:80:58:ad:
e9:65:f8:ec:71:67:bb:ef:05:8f:d2:96:bd:23:b8:aa:65:58:
ff:ac:e2:b3:ad:50:1f:b0:2d:8e:25:6d:3c:25:ba:1e:22:48:
22:0c:d0:46:42:94:84:fc:05:0e:2a:3d:86:e8:67:a3:11:09:
f7:56:7d:7d:d0:f7:40:7e:e8:87:30:34:1e:45:e5:46:48:c7:
89:99:65:a2:26:aa:7a:e5:97:0c:4c:e4:6f:46:0a:57:3b:e8:
43:1b:79:63:18:80:af:0c:98:95:f9:62:60:56:cf:6c:90:f4:
14:c1:2e:15:a3:e6:8f:e7:5a:ce:94:88:97:c3:fa:51:65:d3:
6f:8e:16:39:e1:56:7f:49:27:11:22:7f:64:13:97:c9:9d:86:
be:96:80:5d:ab:74:cc:f0:48:22:86:86:3e:ee:ef:19:c2:1c:
3f:13:bc:78:e7:81:f4:3e:0c:00:d1:b5:31:2d:e5:1b:71:51:
30:34:01:ac:81:27:0b:5d:1f:09:62:2b:22:70:7e:83:31:cf:
9c:51:ce:9d:39:ec:e1:b9:a8:c2:b5:94:75:4d:cc:bd:97:cc:
ff:d7:7a:dd:7e:8d:23:f3:3f:cd:fd:37:b7:25:27:6d:e0:ba:
ee:13:a9:3b
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEJGM0RFODIzQjZBMzk3
OEI3QzQ0RDUwOTBEMUExNzFERUFENjE0RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9TJDA+30jqr1dmvpvuQ+2GRWorK1XgAPSD48rB2d7jGm6VfVA
WwxZ5v5IZrJYhbySwpsLFfSJWTeaXGofrmBoqfEW+RPTOevv367kHyP8zxN6llGA
+Ml+zsOhUG+O5GZGJxx6w5YUmMwiiP2NWtv5kLnPB82gBdNBvoSblZMJHY/Dt4T4
V4roWgnF9zVcLmyZle58cr0vkvjP3266UYObW96D0JRZ8kbk+NiMvyklmj7GrAjc
CEhVUj4NzwWoa4ux89uybbRaK0MM2/Z9H5tmXAALW6PtwYx7eiv2BV5GAf+MP/C4
YTIlIq1bOPLCOpyk8RGOg8BSiyzq/M6M/DnhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUvz3oI7ajl4t8RNUJDRoXHerWFP0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3Z6M29JN2FqbDR0OFJO
VUpEUm9YSGVyV0ZQMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIMP4V/3w4lQzR3AwLkN+4BYrell+OxxZ7vv
BY/Slr0juKplWP+s4rOtUB+wLY4lbTwluh4iSCIM0EZClIT8BQ4qPYboZ6MRCfdW
fX3Q90B+6IcwNB5F5UZIx4mZZaImqnrllwxM5G9GClc76EMbeWMYgK8MmJX5YmBW
z2yQ9BTBLhWj5o/nWs6UiJfD+lFl02+OFjnhVn9JJxEif2QTl8mdhr6WgF2rdMzw
SCKGhj7u7xnCHD8TvHjngfQ+DADRtTEt5RtxUTA0AayBJwtdHwliKyJwfoMxz5xR
zp057OG5qMK1lHVNzL2XzP/Xet1+jSPzP839N7clJ23guu4TqTs=
-----END CERTIFICATE-----
Generated at Sun Mar 3 04:42:36 2024 by rpki-client on console-ams.rpki-client.org