Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/yIQ2lP8KMcaaziKI2tmow_MA0m4.roa
File: yIQ2lP8KMcaaziKI2tmow_MA0m4.roa (raw, json)
Hash identifier: tvKwqvcrW3eYAv80GkdGn0ts45AvIOYbZLk4pMYE1DI=
Subject key identifier: C8:84:36:94:FF:0A:31:C6:9A:CE:22:88:DA:D9:A8:C3:F3:00:D2:6E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0205
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yIQ2lP8KMcaaziKI2tmow_MA0m4.roa
Signing time: Sat 06 Apr 2024 15:55:03 +0000
ROA not before: Sat 06 Apr 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 517 (0x205)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Apr 6 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C8843694FF0A31C69ACE2288DAD9A8C3F300D26E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:54:53:c3:c2:ee:8e:4f:a7:6f:02:c9:14:bb:
55:19:e4:1e:7b:ed:0e:ed:ea:44:cd:ad:51:1a:0d:
9a:39:53:31:dd:4b:1e:42:ed:b9:8e:c3:28:be:05:
e5:02:8a:98:c8:76:99:76:7e:99:a2:b8:d9:3e:62:
44:f8:27:0d:58:89:9e:bf:98:2c:0d:50:24:24:80:
3b:87:ab:d5:5b:a0:11:9d:bd:49:af:9b:40:c1:11:
2a:3a:e7:82:1c:5c:89:34:14:64:62:af:12:e3:8c:
1a:3d:15:99:1e:7a:ae:4d:87:fa:b8:91:69:c4:67:
b1:b4:9f:c0:96:6e:b8:8e:10:79:bc:d1:ba:39:f0:
96:60:48:53:45:e2:93:ee:45:07:84:f0:69:c3:89:
6e:37:e1:6e:7d:76:2d:ab:13:c6:e6:b9:2b:ed:0e:
dd:2d:90:ef:9c:97:e6:2e:35:e0:c2:35:1e:46:b4:
ce:17:54:13:79:23:7a:4f:00:03:e2:90:54:43:d5:
31:d0:6b:db:75:ba:58:e3:a4:40:6b:90:3a:25:45:
97:04:cc:97:c5:ed:58:8a:ec:23:0e:0a:e5:f1:27:
f0:73:e6:a1:7a:2a:8e:5f:2c:b1:55:28:0b:a7:e5:
7d:c6:67:d3:d4:9c:19:ed:81:be:a1:55:94:8c:94:
8e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:84:36:94:FF:0A:31:C6:9A:CE:22:88:DA:D9:A8:C3:F3:00:D2:6E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yIQ2lP8KMcaaziKI2tmow_MA0m4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:43:15:48:84:89:c4:6f:02:96:cb:7b:57:7f:75:73:f2:af:
69:b0:be:cd:95:dc:09:e4:72:e2:b8:61:6f:34:9d:a9:dd:95:
f0:25:df:6e:55:89:60:8f:19:d3:a2:a5:4d:c0:7c:2e:77:9c:
c4:9e:d4:a2:29:67:b1:5e:09:54:1e:06:5d:31:db:99:30:cf:
dc:43:6c:6b:d1:8f:d7:61:4f:c4:c5:bf:45:55:83:53:03:cc:
a8:a3:cd:93:da:02:d8:95:f1:ae:a1:12:55:2d:0f:dd:4c:67:
5e:29:c7:d7:09:98:6e:d3:33:3b:c8:96:f4:28:46:bb:88:93:
7d:d3:9f:f2:b5:e1:fd:62:8f:f0:b3:cd:7e:95:51:87:b8:24:
47:03:02:43:be:1e:71:53:ba:70:10:9e:b2:23:a1:cb:72:b0:
c8:00:65:b1:5c:fd:c8:3c:8b:44:ea:c9:64:ef:4f:a5:3a:50:
02:8e:45:a3:a9:2f:f5:f4:73:bc:de:c6:aa:eb:39:7d:df:fa:
5d:24:e3:ff:71:31:e0:fd:9f:24:e5:36:37:0c:5c:61:dd:5f:
3a:86:a1:e2:86:52:31:d9:66:8d:6a:00:74:e7:28:4e:f3:fe:
7a:5d:fc:34:fd:56:19:82:06:94:20:18:cd:b5:4d:21:89:11:
37:0c:98:45
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAgUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDYx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM4ODQzNjk0RkYwQTMx
QzY5QUNFMjI4OERBRDlBOEMzRjMwMEQyNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRVFPDwu6OT6dvAskUu1UZ5B577Q7t6kTNrVEaDZo5UzHdSx5C
7bmOwyi+BeUCipjIdpl2fpmiuNk+YkT4Jw1YiZ6/mCwNUCQkgDuHq9VboBGdvUmv
m0DBESo654IcXIk0FGRirxLjjBo9FZkeeq5Nh/q4kWnEZ7G0n8CWbriOEHm80bo5
8JZgSFNF4pPuRQeE8GnDiW434W59di2rE8bmuSvtDt0tkO+cl+YuNeDCNR5GtM4X
VBN5I3pPAAPikFRD1THQa9t1uljjpEBrkDolRZcEzJfF7ViK7CMOCuXxJ/Bz5qF6
Ko5fLLFVKAun5X3GZ9PUnBntgb6hVZSMlI5DAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUyIQ2lP8KMcaaziKI2tmow/MA0m4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3lJUTJsUDhLTWNhYXpp
S0kydG1vd19NQTBtNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADxDFUiEicRvApbLe1d/dXPyr2mwvs2V3Ank
cuK4YW80nandlfAl325ViWCPGdOipU3AfC53nMSe1KIpZ7FeCVQeBl0x25kwz9xD
bGvRj9dhT8TFv0VVg1MDzKijzZPaAtiV8a6hElUtD91MZ14px9cJmG7TMzvIlvQo
RruIk33Tn/K14f1ij/CzzX6VUYe4JEcDAkO+HnFTunAQnrIjoctysMgAZbFc/cg8
i0TqyWTvT6U6UAKORaOpL/X0c7zexqrrOX3f+l0k4/9xMeD9nyTlNjcMXGHdXzqG
oeKGUjHZZo1qAHTnKE7z/npd/DT9VhmCBpQgGM21TSGJETcMmEU=
-----END CERTIFICATE-----
Generated at Sat Apr 6 23:01:01 2024 by rpki-client on console-ams.rpki-client.org