Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/yF4XWebDD6WkPw_KwYRdC169dkc.roa
File: yF4XWebDD6WkPw_KwYRdC169dkc.roa (raw, json)
Hash identifier: SgiShyanzkfPCPh5Le6VFJDxjMwI17Q6ZCDNjOyggyE=
Subject key identifier: C8:5E:17:59:E6:C3:0F:A5:A4:3F:0F:CA:C1:84:5D:0B:5E:BD:76:47
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 37
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yF4XWebDD6WkPw_KwYRdC169dkc.roa
Signing time: Thu 15 Feb 2024 07:55:03 +0000
ROA not before: Thu 15 Feb 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 15 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C85E1759E6C30FA5A43F0FCAC1845D0B5EBD7647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:82:a6:08:ba:4a:3d:51:33:37:88:d2:c4:00:
e3:a1:fa:03:ba:b8:b4:ee:2e:a7:17:0f:fb:2c:a1:
dc:5f:8f:ac:af:5e:6b:96:7f:37:f2:c4:2d:c7:6c:
9c:45:0a:b8:4f:1d:dd:fe:e3:10:9f:c7:7e:98:d7:
43:8d:ff:dc:45:2b:c9:cb:9e:9a:e5:93:09:f9:d2:
3d:b6:05:d6:27:00:18:98:fa:a6:68:6f:a2:ab:02:
6e:7e:c7:bd:b8:a5:a5:74:97:c4:db:e1:87:98:dc:
18:9a:ad:83:66:74:28:96:a2:68:f4:1e:ed:10:8b:
de:cf:5b:ef:85:55:07:58:96:fa:96:1f:b9:62:52:
eb:87:14:cf:f9:dd:12:f0:82:88:6e:59:84:7a:10:
e3:c9:5e:2b:95:1c:53:d1:8b:ae:6f:8e:8c:df:8c:
fd:11:73:3c:4b:aa:1e:52:7f:87:f7:6a:96:64:46:
0e:20:51:49:3a:e9:89:0e:50:b3:7f:d6:48:83:ba:
ae:72:f9:de:7b:8d:e2:58:03:8f:35:53:af:90:17:
9b:22:23:1e:33:9b:35:f0:24:f6:aa:a8:67:9d:e2:
23:9f:e5:54:a7:1e:0d:43:7a:d9:3a:87:a8:b3:65:
89:2f:66:46:9d:d5:1c:c7:53:8e:73:3e:22:5c:c1:
4b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5E:17:59:E6:C3:0F:A5:A4:3F:0F:CA:C1:84:5D:0B:5E:BD:76:47
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yF4XWebDD6WkPw_KwYRdC169dkc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
98:eb:f9:43:83:77:26:cf:72:bf:99:05:0f:f0:73:50:70:71:
37:d7:66:b8:41:41:cc:53:c8:23:80:4e:38:67:46:1d:5b:08:
87:cc:a3:18:12:b5:28:6f:1f:cb:8b:38:54:fd:99:40:dc:b0:
f7:d8:ee:49:f2:d2:6a:df:b4:c4:7b:d5:ab:bf:34:77:24:c8:
e3:4f:1e:91:3e:13:9e:23:c5:16:c8:bc:96:f6:85:12:b9:df:
bf:fb:59:c5:2f:cf:7e:12:b1:e4:23:7c:0e:33:10:a4:2a:5c:
73:7f:e5:5a:a4:31:cf:16:15:e7:d1:9c:9f:8f:70:45:1c:58:
d9:33:48:1e:2c:b2:df:06:d1:9a:9d:2d:23:a1:0b:df:1a:21:
7f:8f:f5:db:13:78:55:1d:1a:1a:e5:30:ee:f4:a1:df:68:49:
2b:ba:15:27:6b:ca:8f:39:26:d5:0c:d3:18:c5:5c:27:11:ee:
98:1d:ae:26:ca:82:ab:ca:21:05:2f:09:79:6b:f1:29:a6:1f:
6e:5d:ef:79:db:ee:64:0c:f2:1a:d6:ed:f3:71:ff:21:15:62:
17:85:52:b1:3d:96:c6:cb:be:13:7d:fe:ae:be:1f:11:dc:7a:
bc:3f:73:ca:90:4e:c5:42:b8:b7:c8:55:1c:2f:f7:83:25:78:
8f:2f:16:68
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNTA3
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoQzg1RTE3NTlFNkMzMEZB
NUE0M0YwRkNBQzE4NDVEMEI1RUJENzY0NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANeCpgi6Sj1RMzeI0sQA46H6A7q4tO4upxcP+yyh3F+PrK9ea5Z/
N/LELcdsnEUKuE8d3f7jEJ/HfpjXQ43/3EUrycuemuWTCfnSPbYF1icAGJj6pmhv
oqsCbn7HvbilpXSXxNvhh5jcGJqtg2Z0KJaiaPQe7RCL3s9b74VVB1iW+pYfuWJS
64cUz/ndEvCCiG5ZhHoQ48leK5UcU9GLrm+OjN+M/RFzPEuqHlJ/h/dqlmRGDiBR
STrpiQ5Qs3/WSIO6rnL53nuN4lgDjzVTr5AXmyIjHjObNfAk9qqoZ53iI5/lVKce
DUN62TqHqLNliS9mRp3VHMdTjnM+IlzBSzECAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBTIXhdZ5sMPpaQ/D8rBhF0LXr12RzAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YveUY0WFdlYkRENldrUHdf
S3dZUmRDMTY5ZGtjLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAmOv5Q4N3Js9yv5kFD/BzUHBxN9dmuEFBzFPI
I4BOOGdGHVsIh8yjGBK1KG8fy4s4VP2ZQNyw99juSfLSat+0xHvVq780dyTI408e
kT4TniPFFsi8lvaFErnfv/tZxS/PfhKx5CN8DjMQpCpcc3/lWqQxzxYV59Gcn49w
RRxY2TNIHiyy3wbRmp0tI6EL3xohf4/12xN4VR0aGuUw7vSh32hJK7oVJ2vKjzkm
1QzTGMVcJxHumB2uJsqCq8ohBS8JeWvxKaYfbl3vedvuZAzyGtbt83H/IRViF4VS
sT2Wxsu+E33+rr4fEdx6vD9zypBOxUK4t8hVHC/3gyV4jy8WaA==
-----END CERTIFICATE-----
Generated at Thu Feb 15 15:57:04 2024 by rpki-client on console-ams.rpki-client.org