Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/y_5clf0Pt9JYD9836HYawq8ABYk.roa
File: y_5clf0Pt9JYD9836HYawq8ABYk.roa (raw, json)
Hash identifier: 9SF9kNpEwSFFZ0D0xZksyqnK/YzCGZyMwQLNgWME02o=
Subject key identifier: CB:FE:5C:95:FD:0F:B7:D2:58:0F:DF:37:E8:76:1A:C2:AF:00:05:89
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 03E5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/y_5clf0Pt9JYD9836HYawq8ABYk.roa
Signing time: Wed 29 May 2024 23:55:03 +0000
ROA not before: Wed 29 May 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 997 (0x3e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 29 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=CBFE5C95FD0FB7D2580FDF37E8761AC2AF000589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5c:ce:7f:c5:8e:d5:78:02:e3:1e:79:df:ee:
1c:21:53:d9:3a:80:f2:1d:a4:ae:37:ab:66:a8:73:
9e:23:17:c7:52:f3:a1:d2:9e:43:95:d7:45:fe:71:
b0:bb:d1:c0:68:6c:b4:2a:2a:bc:5b:5a:63:6e:4c:
3c:d6:41:5e:20:95:f6:58:63:f0:5e:75:5f:d2:95:
c4:53:fa:0b:04:7b:57:a5:00:09:68:3e:ed:d9:08:
97:5b:4a:63:4c:e8:ee:c2:35:12:2b:c8:1c:d9:be:
10:00:05:4e:87:c8:63:2c:99:2b:c2:b0:d5:0f:58:
ed:2f:5f:5b:a4:c6:33:7e:13:a1:34:d7:b0:17:4c:
f0:8d:d2:24:4f:90:cb:08:9b:32:4b:3a:f7:7e:1a:
0a:61:62:c2:b5:34:a8:00:5e:81:5d:63:24:da:53:
1a:54:c9:4d:4e:de:a7:02:26:c5:bf:16:94:d8:08:
9d:3f:ef:a3:bd:a3:f5:b2:73:a5:4d:4f:64:33:a7:
82:75:2c:af:fd:74:19:57:53:c1:fb:b8:90:00:25:
6f:b7:4d:93:d3:8f:68:09:5a:a0:ca:b2:98:8f:68:
23:09:23:a9:73:23:13:8e:bd:69:0f:15:96:54:a4:
b3:1b:a7:38:35:e7:00:cd:7b:64:b9:b0:39:5b:da:
4c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FE:5C:95:FD:0F:B7:D2:58:0F:DF:37:E8:76:1A:C2:AF:00:05:89
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/y_5clf0Pt9JYD9836HYawq8ABYk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:12:c6:c6:2a:7a:7c:42:8b:f8:86:cc:ea:fd:e0:fc:73:38:
53:a1:f6:d3:ef:5e:0a:55:e1:55:5f:49:32:d6:f5:d0:23:09:
15:bd:dd:29:e8:99:db:74:60:53:59:aa:af:c1:48:0f:ac:cd:
9c:8b:5b:c9:bb:08:53:1b:13:2b:86:94:7a:73:1d:59:da:52:
5f:cf:59:05:77:4f:81:1a:b5:b9:1c:ac:a5:24:47:98:a4:b1:
07:9e:ac:36:61:e2:9c:d3:f0:a2:d2:4c:4e:4a:47:a6:d5:86:
e6:ad:3a:2d:08:71:f6:15:5d:4d:97:a1:ed:56:f5:65:b6:82:
76:5b:e1:7f:42:8c:1e:fd:4e:7b:c6:a9:d6:75:77:b2:44:43:
29:6f:c9:fc:5c:71:cc:87:70:68:58:4e:fc:63:df:18:db:3b:
54:90:04:f4:d3:50:c4:25:bd:89:14:7b:b4:5e:12:76:3f:2e:
68:86:22:79:9b:29:7e:45:1b:b5:9d:69:40:88:51:6d:b5:aa:
f9:e1:c9:dd:2e:9e:b8:c8:14:12:4d:1c:50:a0:7f:6e:8c:6f:
01:e2:b0:ca:f1:e7:d3:d2:b9:ff:1d:df:d1:4f:e8:cd:6c:5f:
55:66:82:d4:28:22:31:58:37:3f:f4:f6:2f:46:e3:2a:93:10:
4f:03:c4:2c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA+UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1Mjky
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKENCRkU1Qzk1RkQwRkI3
RDI1ODBGREYzN0U4NzYxQUMyQUYwMDA1ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcXM5/xY7VeALjHnnf7hwhU9k6gPIdpK43q2aoc54jF8dS86HS
nkOV10X+cbC70cBobLQqKrxbWmNuTDzWQV4glfZYY/BedV/SlcRT+gsEe1elAAlo
Pu3ZCJdbSmNM6O7CNRIryBzZvhAABU6HyGMsmSvCsNUPWO0vX1ukxjN+E6E017AX
TPCN0iRPkMsImzJLOvd+GgphYsK1NKgAXoFdYyTaUxpUyU1O3qcCJsW/FpTYCJ0/
76O9o/Wyc6VNT2Qzp4J1LK/9dBlXU8H7uJAAJW+3TZPTj2gJWqDKspiPaCMJI6lz
IxOOvWkPFZZUpLMbpzg15wDNe2S5sDlb2kz9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUy/5clf0Pt9JYD9836HYawq8ABYkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3lfNWNsZjBQdDlKWUQ5
ODM2SFlhd3E4QUJZay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAI8SxsYqenxCi/iGzOr94PxzOFOh9tPvXgpV
4VVfSTLW9dAjCRW93Snomdt0YFNZqq/BSA+szZyLW8m7CFMbEyuGlHpzHVnaUl/P
WQV3T4EatbkcrKUkR5iksQeerDZh4pzT8KLSTE5KR6bVhuatOi0IcfYVXU2Xoe1W
9WW2gnZb4X9CjB79TnvGqdZ1d7JEQylvyfxcccyHcGhYTvxj3xjbO1SQBPTTUMQl
vYkUe7ReEnY/LmiGInmbKX5FG7WdaUCIUW21qvnhyd0unrjIFBJNHFCgf26MbwHi
sMrx59PSuf8d39FP6M1sX1VmgtQoIjFYNz/09i9G4yqTEE8DxCw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org