Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/wU_CpbLJGFaSmjTSZweMbmfsMkI.roa
File: wU_CpbLJGFaSmjTSZweMbmfsMkI.roa (raw, json)
Hash identifier: cZvLKBs41c0HZWEZ4q0wA7UqLs2xobXbisiaZSIzACU=
Subject key identifier: C1:4F:C2:A5:B2:C9:18:56:92:9A:34:D2:67:07:8C:6E:67:EC:32:42
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 1F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/wU_CpbLJGFaSmjTSZweMbmfsMkI.roa
Signing time: Mon 12 Feb 2024 15:55:03 +0000
ROA not before: Mon 12 Feb 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 12 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C14FC2A5B2C91856929A34D267078C6E67EC3242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:fb:e5:17:dd:60:81:aa:80:a9:c5:6c:2a:2c:
d4:52:43:dc:3c:22:49:ce:d6:47:32:43:a1:78:7e:
6e:d2:38:d0:f0:f9:06:a1:d4:2f:01:14:6c:66:8d:
81:ba:5e:5a:26:7d:12:24:39:a2:01:9f:e1:ae:e8:
8b:a8:2f:35:b5:4f:85:97:94:3a:96:62:3d:e3:fc:
37:39:83:59:80:60:b1:90:b9:a0:18:a7:45:68:c3:
d8:ae:d8:05:87:65:b7:10:cb:66:ae:4e:71:f6:b8:
6a:e4:99:3d:39:ce:66:5f:c6:52:63:05:6c:f6:71:
3f:ad:0b:7b:bc:2d:c3:46:e5:b7:ef:4f:b0:f1:64:
75:bb:75:3d:2a:4d:79:29:48:66:85:5d:6f:11:d5:
ca:0f:92:8d:fb:be:90:71:bc:77:18:21:d0:7f:5c:
e3:38:bb:7d:76:05:36:dd:10:03:0a:3b:20:d3:3b:
08:6e:52:06:ab:f6:84:58:4c:30:2e:e1:fd:9c:a9:
f6:d1:ac:0e:d4:7f:b6:1f:2d:30:22:a4:91:45:31:
09:ca:a2:a3:3e:bb:44:de:fa:ae:46:0a:d8:94:a7:
fe:5f:3e:64:50:d5:33:d0:41:c6:35:b7:31:53:15:
58:d0:c4:78:2c:e5:27:3b:f0:00:fe:41:e9:3a:96:
a4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4F:C2:A5:B2:C9:18:56:92:9A:34:D2:67:07:8C:6E:67:EC:32:42
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/wU_CpbLJGFaSmjTSZweMbmfsMkI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:e0:64:d6:ae:db:6b:cf:93:78:c3:57:f5:e7:a7:1c:b1:1f:
e6:64:d1:ca:b1:50:c1:e3:58:43:94:3a:f5:95:6b:50:17:de:
05:ae:00:5a:bb:f7:1e:6a:a9:4c:6c:9e:2a:d4:10:41:87:fc:
5e:86:a0:20:9e:c4:2d:ad:53:bc:c1:2b:07:c4:7d:5e:84:70:
1e:a2:21:b6:b2:94:d5:e8:51:11:a4:7a:9e:97:5e:b0:58:1c:
86:89:45:0b:48:7e:1e:93:f3:ab:90:da:a6:0a:d1:18:37:d5:
83:0d:f4:48:02:cb:27:95:70:ed:e1:f4:e3:c3:36:6d:4d:1d:
c1:8f:78:3f:c2:28:19:c0:60:15:17:1e:f7:31:c8:fa:73:74:
c5:52:53:33:5d:5a:be:5f:87:2f:24:42:50:eb:ae:5e:98:c8:
2b:3f:d9:2d:d6:bc:1e:94:a5:3c:ff:73:f4:91:59:98:79:76:
bd:94:73:b5:50:2b:4d:3c:2b:51:33:77:e7:23:8b:d7:b1:9a:
d8:cd:3a:f7:46:ce:d6:c3:31:99:95:a7:82:9d:11:a1:2c:5c:
fa:00:8c:8c:88:c0:0f:7b:f5:3e:8b:26:d2:34:19:a2:ba:f5:
c9:48:b1:32:27:28:34:95:14:98:31:56:68:dc:cf:16:a7:21:
c9:50:c4:52
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxMjE1
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoQzE0RkMyQTVCMkM5MTg1
NjkyOUEzNEQyNjcwNzhDNkU2N0VDMzI0MjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPL75RfdYIGqgKnFbCos1FJD3DwiSc7WRzJDoXh+btI40PD5BqHU
LwEUbGaNgbpeWiZ9EiQ5ogGf4a7oi6gvNbVPhZeUOpZiPeP8NzmDWYBgsZC5oBin
RWjD2K7YBYdltxDLZq5Ocfa4auSZPTnOZl/GUmMFbPZxP60Le7wtw0blt+9PsPFk
dbt1PSpNeSlIZoVdbxHVyg+Sjfu+kHG8dxgh0H9c4zi7fXYFNt0QAwo7INM7CG5S
Bqv2hFhMMC7h/Zyp9tGsDtR/th8tMCKkkUUxCcqioz67RN76rkYK2JSn/l8+ZFDV
M9BBxjW3MVMVWNDEeCzlJzvwAP5B6TqWpFkCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTBT8KlsskYVpKaNNJnB4xuZ+wyQjAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2Yvd1VfQ3BiTEpHRmFTbWpU
U1p3ZU1ibWZzTWtJLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEA0OBk1q7ba8+TeMNX9eenHLEf5mTRyrFQweNY
Q5Q69ZVrUBfeBa4AWrv3HmqpTGyeKtQQQYf8XoagIJ7ELa1TvMErB8R9XoRwHqIh
trKU1ehREaR6npdesFgcholFC0h+HpPzq5DapgrRGDfVgw30SALLJ5Vw7eH048M2
bU0dwY94P8IoGcBgFRce9zHI+nN0xVJTM11avl+HLyRCUOuuXpjIKz/ZLda8HpSl
PP9z9JFZmHl2vZRztVArTTwrUTN35yOL17Ga2M0690bO1sMxmZWngp0RoSxc+gCM
jIjAD3v1Posm0jQZorr1yUixMicoNJUUmDFWaNzPFqchyVDEUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org