Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/yzT6J6R5_kNOdSZ_uB7dT774yQg.roa
File: yzT6J6R5_kNOdSZ_uB7dT774yQg.roa (raw, json)
Hash identifier: OovLJQfdwXszGQOvVZwsKtzeUlR8N5IGphGyjgRi538=
Subject key identifier: CB:34:FA:27:A4:79:FE:43:4E:75:26:7F:B8:1E:DD:4F:BE:F8:C9:08
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: DF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yzT6J6R5_kNOdSZ_uB7dT774yQg.roa
Signing time: Mon 04 Mar 2024 23:55:03 +0000
ROA not before: Mon 04 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223 (0xdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 4 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=CB34FA27A479FE434E75267FB81EDD4FBEF8C908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:19:c6:f8:cf:81:c3:63:08:bf:dd:b8:00:83:
3a:6a:14:6d:69:ef:30:76:64:54:b7:48:20:fa:3f:
af:04:b8:3a:c2:94:10:a6:06:d7:8f:27:ff:a3:e8:
58:9e:02:c1:38:39:72:09:f2:72:71:b4:fd:af:f8:
73:b1:9f:60:9c:95:31:e5:ef:38:02:04:3a:08:b9:
d7:ff:42:86:9b:18:9f:ee:4d:61:c5:2b:8a:2b:a5:
eb:e7:f3:c8:d8:1c:9a:c0:6e:98:c7:a7:13:fa:02:
4e:eb:e3:75:28:ed:56:39:58:bd:f9:c0:a2:f4:36:
93:18:03:5a:b9:fd:f5:9d:1e:f2:ac:9c:39:ac:c7:
0c:1a:38:36:ba:f3:64:f5:66:d5:b6:46:c4:58:af:
12:50:d1:5a:c0:af:c4:05:cb:c2:48:c5:42:dd:bb:
02:db:ce:60:ef:a5:41:9e:57:e0:e0:60:e9:64:9f:
0e:f3:fe:b9:7e:b1:b1:10:3b:92:b9:f9:fd:1b:56:
0a:94:79:b4:04:e0:0e:27:cf:d6:c1:09:07:e5:84:
94:e6:05:b0:80:72:88:e6:4c:76:6f:ee:dd:ec:38:
16:d8:39:c2:15:40:3c:8e:d7:24:b7:f8:8e:ad:d6:
c9:a2:27:e3:5c:8f:90:20:5d:e4:cc:0e:dd:35:e3:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:34:FA:27:A4:79:FE:43:4E:75:26:7F:B8:1E:DD:4F:BE:F8:C9:08
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yzT6J6R5_kNOdSZ_uB7dT774yQg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7f:b8:9d:44:7a:af:96:c5:4b:2d:17:c9:1c:66:04:45:74:
16:fa:b8:93:5e:19:ac:26:87:f4:0b:39:ca:19:88:2f:3d:12:
00:41:f3:31:be:c1:21:84:be:c7:63:95:05:a0:58:06:3b:02:
05:17:05:56:6e:9c:fc:84:cd:c5:71:ac:42:af:8e:99:a4:d4:
ee:bf:08:8d:50:0e:7e:ff:33:75:e8:ce:c2:20:74:7a:c3:21:
f2:9d:b0:7d:d1:c6:3b:66:8a:10:37:f7:14:fe:b6:1d:9a:2b:
6f:0a:83:7c:fd:10:56:08:b8:3b:08:35:6b:64:1b:aa:ce:e7:
25:78:82:d3:86:f4:c9:6d:5e:8e:5d:13:f0:71:5e:05:ad:1f:
f2:9f:cc:1d:65:a7:1c:c0:14:85:a1:f1:7f:89:e9:0f:24:da:
a0:74:4d:1e:f5:2e:07:e2:7b:66:c3:cc:f7:60:6c:09:6d:e1:
02:47:ef:86:6a:60:8b:8b:ab:62:63:5e:80:23:d1:b3:ca:aa:
a4:c3:8b:74:61:d9:98:b3:71:52:13:c9:b6:08:59:91:8b:84:
31:16:31:39:43:c4:b2:6d:fd:b3:ae:fa:22:6c:8d:4b:85:81:
4c:2d:59:2b:a8:be:f2:54:ce:cd:63:93:a3:9d:db:2c:15:32:
12:68:ff:1c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMDQy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKENCMzRGQTI3QTQ3OUZF
NDM0RTc1MjY3RkI4MUVERDRGQkVGOEM5MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEGcb4z4HDYwi/3bgAgzpqFG1p7zB2ZFS3SCD6P68EuDrClBCm
BtePJ/+j6FieAsE4OXIJ8nJxtP2v+HOxn2CclTHl7zgCBDoIudf/QoabGJ/uTWHF
K4orpevn88jYHJrAbpjHpxP6Ak7r43Uo7VY5WL35wKL0NpMYA1q5/fWdHvKsnDms
xwwaODa682T1ZtW2RsRYrxJQ0VrAr8QFy8JIxULduwLbzmDvpUGeV+DgYOlknw7z
/rl+sbEQO5K5+f0bVgqUebQE4A4nz9bBCQflhJTmBbCAcojmTHZv7t3sOBbYOcIV
QDyO1yS3+I6t1smiJ+Ncj5AgXeTMDt014+XvAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUyzT6J6R5/kNOdSZ/uB7dT774yQgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3l6VDZKNlI1X2tOT2RT
Wl91QjdkVDc3NHlRZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAx/uJ1Eeq+WxUstF8kcZgRFdBb6uJNeGawm
h/QLOcoZiC89EgBB8zG+wSGEvsdjlQWgWAY7AgUXBVZunPyEzcVxrEKvjpmk1O6/
CI1QDn7/M3XozsIgdHrDIfKdsH3RxjtmihA39xT+th2aK28Kg3z9EFYIuDsINWtk
G6rO5yV4gtOG9MltXo5dE/BxXgWtH/KfzB1lpxzAFIWh8X+J6Q8k2qB0TR71Lgfi
e2bDzPdgbAlt4QJH74ZqYIuLq2JjXoAj0bPKqqTDi3Rh2ZizcVITybYIWZGLhDEW
MTlDxLJt/bOu+iJsjUuFgUwtWSuovvJUzs1jk6Od2ywVMhJo/xw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org