Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ztw38hXRznCgqvA7QLpLhudga3s.roa
File: ztw38hXRznCgqvA7QLpLhudga3s.roa (raw, json)
Hash identifier: u+64czRsQ3vNbWQzCbTr7HpMu4IVGnzdTVttJ16S6Ys=
Subject key identifier: CE:DC:37:F2:15:D1:CE:70:A0:AA:F0:3B:40:BA:4B:86:E7:60:6B:7B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0355
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ztw38hXRznCgqvA7QLpLhudga3s.roa
Signing time: Mon 13 May 2024 23:55:03 +0000
ROA not before: Mon 13 May 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 853 (0x355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 13 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=CEDC37F215D1CE70A0AAF03B40BA4B86E7606B7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:4c:61:57:e2:04:ca:37:ed:58:21:f9:91:
e4:9c:ba:11:95:c7:ca:d7:c1:52:42:88:43:c6:40:
9a:73:ce:fa:bb:3a:2d:89:1b:54:bb:a1:47:0f:1b:
59:61:48:fa:56:3f:01:ac:5c:15:a4:fa:69:f2:c9:
5f:56:07:ba:76:e9:c2:a9:be:10:5b:02:35:1e:d3:
34:80:3b:8d:c2:aa:aa:3b:87:bb:a9:f5:c6:1a:bb:
80:2c:03:6e:e8:b0:5a:44:2e:c9:aa:d3:64:8e:1f:
3a:50:2d:ef:dc:80:9f:36:5a:cf:dc:33:2c:8a:a4:
07:4d:11:30:8e:b8:aa:4e:2d:7b:5a:5c:81:e9:76:
a2:3d:34:d1:7e:52:32:4b:97:ab:52:45:cd:6f:4e:
67:92:ce:26:08:d2:35:1d:99:2b:5f:ca:8f:6e:8d:
9c:5f:20:8c:56:c6:ab:33:e4:e4:fa:95:e2:1e:4b:
e7:e4:8c:3d:6b:19:af:82:ab:9b:34:69:8e:28:10:
39:42:a8:bb:7a:7f:48:e3:5e:de:01:0a:a0:f2:5a:
75:78:ac:9b:55:1f:75:b0:fe:84:e6:58:84:13:cc:
f6:e1:20:4c:08:f5:fc:48:38:89:8b:7a:5c:4a:63:
e3:5f:c7:b2:93:25:83:e4:85:19:66:2b:1c:ea:21:
2b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DC:37:F2:15:D1:CE:70:A0:AA:F0:3B:40:BA:4B:86:E7:60:6B:7B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ztw38hXRznCgqvA7QLpLhudga3s.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
05:20:fc:68:48:f8:8e:7e:cb:f7:b6:42:54:07:d1:2c:10:65:
26:3e:da:c4:e1:81:29:e0:63:fd:96:8a:3c:4a:43:4d:ae:57:
bf:d0:4c:e6:df:74:c9:b3:55:29:e9:ce:81:44:80:ee:29:f7:
2d:5f:90:e2:df:24:54:e2:8e:b9:89:5d:8f:0f:e1:c5:c8:6c:
fb:1e:f8:2c:d1:35:5c:74:32:10:49:3d:1e:79:04:fe:b9:fa:
fe:83:29:44:bd:fd:17:dd:2c:d1:38:6b:e7:ee:25:20:1e:a3:
ee:7b:be:f8:aa:e9:04:94:a3:10:00:00:d2:f2:33:69:c9:1c:
31:34:1a:23:d9:00:1c:0d:59:6c:28:db:a7:97:01:09:a8:29:
46:86:f5:18:a6:7d:20:95:18:60:95:fe:24:f8:de:e4:e3:b7:
02:7b:4e:8a:51:bb:f4:3d:fa:de:f9:f7:fc:99:07:4e:32:4c:
9b:15:ba:cf:fa:66:c0:ec:fd:d6:11:2b:3b:af:51:5e:66:c1:
c8:b6:1b:ac:7b:62:40:13:3c:c2:2b:13:9c:4f:a4:4d:2e:c0:
7d:51:11:e6:c7:56:37:fc:0a:3b:1f:57:b5:b7:e7:72:bd:b8:
f4:13:8e:98:f0:a8:cf:6d:a2:3f:ba:d4:13:d3:11:fd:35:17:
d2:29:77:b6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTMy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKENFREMzN0YyMTVEMUNF
NzBBMEFBRjAzQjQwQkE0Qjg2RTc2MDZCN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6G0xhV+IEyjftWCH5keScuhGVx8rXwVJCiEPGQJpzzvq7Oi2J
G1S7oUcPG1lhSPpWPwGsXBWk+mnyyV9WB7p26cKpvhBbAjUe0zSAO43Cqqo7h7up
9cYau4AsA27osFpELsmq02SOHzpQLe/cgJ82Ws/cMyyKpAdNETCOuKpOLXtaXIHp
dqI9NNF+UjJLl6tSRc1vTmeSziYI0jUdmStfyo9ujZxfIIxWxqsz5OT6leIeS+fk
jD1rGa+Cq5s0aY4oEDlCqLt6f0jjXt4BCqDyWnV4rJtVH3Ww/oTmWIQTzPbhIEwI
9fxIOImLelxKY+Nfx7KTJYPkhRlmKxzqISvpAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUztw38hXRznCgqvA7QLpLhudga3swHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3p0dzM4aFhSem5DZ3F2
QTdRTHBMaHVkZ2Ezcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAUg/GhI+I5+y/e2QlQH0SwQZSY+2sThgSng
Y/2WijxKQ02uV7/QTObfdMmzVSnpzoFEgO4p9y1fkOLfJFTijrmJXY8P4cXIbPse
+CzRNVx0MhBJPR55BP65+v6DKUS9/RfdLNE4a+fuJSAeo+57vviq6QSUoxAAANLy
M2nJHDE0GiPZABwNWWwo26eXAQmoKUaG9RimfSCVGGCV/iT43uTjtwJ7TopRu/Q9
+t759/yZB04yTJsVus/6ZsDs/dYRKzuvUV5mwci2G6x7YkATPMIrE5xPpE0uwH1R
EebHVjf8CjsfV7W353K9uPQTjpjwqM9toj+61BPTEf01F9Ipd7Y=
-----END CERTIFICATE-----
Generated at Tue May 14 04:57:54 2024 by rpki-client on console-ams.rpki-client.org