Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/YlT21XeuWv5yCQ6UEw4T2WLRKeA.roa
File: YlT21XeuWv5yCQ6UEw4T2WLRKeA.roa (raw, json)
Hash identifier: vY62JBo9lD0G1OF7QTQP0gCCAj6+YJf1tWO91xsRB0o=
Subject key identifier: 62:54:F6:D5:77:AE:5A:FE:72:09:0E:94:13:0E:13:D9:62:D1:29:E0
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: 01C9F7
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/YlT21XeuWv5yCQ6UEw4T2WLRKeA.roa
Signing time: Tue 22 Oct 2024 11:38:50 +0000
ROA not before: Tue 22 Oct 2024 11:38:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0e:b240::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 22 Oct 2024 13:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117239 (0x1c9f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Oct 22 11:38:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6254F6D577AE5AFE72090E94130E13D962D129E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:0f:b1:2e:a6:d8:11:cd:1b:dd:44:44:5b:
21:f4:9e:35:e3:5e:ad:87:0a:be:b7:86:11:29:f3:
ed:16:59:5f:1e:a3:31:92:a9:79:1b:55:f5:04:ae:
a2:66:e0:df:21:34:96:ad:10:b3:ea:90:b0:7d:91:
fc:18:eb:52:dd:83:e3:41:2d:59:c3:eb:88:a9:63:
2a:be:49:1d:4d:12:67:4e:41:76:04:42:f1:5c:10:
5a:29:5e:8e:d3:f7:ad:14:8a:d1:67:78:76:8c:c0:
f7:3c:e1:dd:04:c5:e8:fd:e5:81:0a:32:2d:ad:fb:
b1:41:90:35:51:a2:7a:e6:38:f2:6f:18:17:df:bb:
41:51:35:6b:c4:45:8a:84:dd:fc:af:85:cc:eb:6d:
87:5b:c5:68:19:33:06:54:4d:ce:ee:0b:80:b8:74:
75:c7:eb:e1:13:4f:49:52:73:16:c7:02:43:f7:af:
10:c1:b0:11:5b:19:bf:b5:04:5e:4a:38:0e:8e:24:
03:39:9b:16:71:67:42:06:b4:17:d0:10:33:30:3e:
32:f0:4f:74:f6:7b:06:70:c1:4c:3b:1e:82:c0:35:
71:65:70:65:8e:46:5e:41:20:c9:02:13:95:15:7c:
be:d0:91:90:22:47:5d:a9:a7:41:78:ee:88:be:5c:
55:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:54:F6:D5:77:AE:5A:FE:72:09:0E:94:13:0E:13:D9:62:D1:29:E0
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/YlT21XeuWv5yCQ6UEw4T2WLRKeA.roa
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b240::/29
Signature Algorithm: sha256WithRSAEncryption
6e:65:1e:04:ba:df:9c:5e:b5:f6:31:46:5d:f4:38:6f:27:2b:
f4:5c:54:e7:73:0f:06:da:d7:23:39:cc:af:95:23:ca:aa:1c:
9f:23:d8:16:44:61:39:c9:99:9c:96:f5:79:3d:c4:32:cf:83:
d9:be:d6:5b:a7:ac:6c:04:9f:56:8c:e1:ed:68:40:3d:b3:9d:
64:0f:bc:3c:5e:d7:f9:95:6b:e2:8d:03:84:1a:4e:cf:f5:1f:
ba:49:37:4d:35:34:0c:11:37:dd:19:05:a7:4e:f0:9e:39:85:
46:df:d2:2d:94:8b:dd:49:a0:20:1e:95:20:21:f5:dc:81:db:
73:52:41:ed:33:1c:f8:e1:8c:16:7e:09:57:fa:75:9e:35:a2:
b3:49:78:ad:61:a9:04:7c:af:67:1f:0a:f1:fb:a4:32:7a:f0:
3b:dc:44:c4:ea:09:14:48:c6:d7:5d:5a:3d:cc:c9:ca:36:6b:
0e:62:fa:ab:6e:6b:0a:75:6b:43:12:6d:2f:56:aa:84:6f:ef:
ec:69:41:ed:99:f7:7a:61:7b:43:b2:a9:4f:3f:a2:b5:23:09:
fc:e0:a3:8b:7b:c7:af:20:27:21:20:01:3b:71:b4:fa:dc:7a:
e7:08:b3:89:4d:ad:41:15:69:32:f1:08:b8:f9:d3:5e:c0:1f:
94:cd:05:80
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDAcn3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjQxMDIy
MTEzODUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MjU0RjZENTc3QUU1
QUZFNzIwOTBFOTQxMzBFMTNEOTYyRDEyOUUwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxSUPsS6m2BHNG91ERFsh9J41416thwq+t4YRKfPtFllfHqMx
kql5G1X1BK6iZuDfITSWrRCz6pCwfZH8GOtS3YPjQS1Zw+uIqWMqvkkdTRJnTkF2
BELxXBBaKV6O0/etFIrRZ3h2jMD3POHdBMXo/eWBCjItrfuxQZA1UaJ65jjybxgX
37tBUTVrxEWKhN38r4XM622HW8VoGTMGVE3O7guAuHR1x+vhE09JUnMWxwJD968Q
wbARWxm/tQReSjgOjiQDOZsWcWdCBrQX0BAzMD4y8E909nsGcMFMOx6CwDVxZXBl
jkZeQSDJAhOVFXy+0JGQIkddqadBeO6IvlxVYQIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFGJU9tV3rlr+cgkOlBMOE9li0SngMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L1lsVDIxWGV1V3Y1eUNRNlVFdzRUMldMUktlQS5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQBuZR4Eut+cXrX2
MUZd9DhvJyv0XFTncw8G2tcjOcyvlSPKqhyfI9gWRGE5yZmclvV5PcQyz4PZvtZb
p6xsBJ9WjOHtaEA9s51kD7w8Xtf5lWvijQOEGk7P9R+6STdNNTQMETfdGQWnTvCe
OYVG39ItlIvdSaAgHpUgIfXcgdtzUkHtMxz44YwWfglX+nWeNaKzSXitYakEfK9n
Hwrx+6QyevA73ETE6gkUSMbXXVo9zMnKNmsOYvqrbmsKdWtDEm0vVqqEb+/saUHt
mfd6YXtDsqlPP6K1Iwn84KOLe8evICchIAE7cbT63HrnCLOJTa1BFWky8Qi4+dNe
wB+UzQWA
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:12:48 2024 by rpki-client on console-fra.rpki-client.org