Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/q5DBalqgVJJpnQA-Yo_t87gAT6A.roa
File: q5DBalqgVJJpnQA-Yo_t87gAT6A.roa (raw, json)
Hash identifier: 6oa4KhW7p+o28zahc7+dcXzIpdlOaBZL1wPCE2DXihM=
Subject key identifier: AB:90:C1:6A:5A:A0:54:92:69:9D:00:3E:62:8F:ED:F3:B8:00:4F:A0
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: 01B799
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/q5DBalqgVJJpnQA-Yo_t87gAT6A.roa
Signing time: Tue 03 Sep 2024 14:08:28 +0000
ROA not before: Tue 03 Sep 2024 14:08:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0e:b240::/29 maxlen: 30
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112537 (0x1b799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Sep 3 14:08:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=AB90C16A5AA05492699D003E628FEDF3B8004FA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:be:17:c6:c7:1f:bd:fb:cc:de:cd:c2:b3:0f:
30:ce:9c:02:60:3b:56:62:54:8f:e5:db:45:93:b0:
da:56:2c:36:4c:bf:fc:1e:b5:ae:22:3a:70:63:ff:
44:6b:3f:00:22:48:5f:e0:2b:74:d2:e5:b2:39:c7:
73:6e:0e:2f:a9:04:ac:42:5d:ee:64:3f:fc:d1:ad:
9a:86:81:24:f8:d6:6a:4b:8b:09:65:2e:d8:48:e5:
fb:8f:34:9d:64:70:2f:4d:59:51:a8:6d:8e:b4:9e:
b7:76:37:74:dd:bb:c2:c8:b7:2c:42:0d:a8:7e:0d:
1f:88:94:b0:3e:16:9e:3b:16:a9:06:cb:c5:40:b9:
0a:1f:40:6b:d3:c3:6e:b1:bf:10:86:b4:90:70:8e:
ba:46:ff:3f:cf:94:cd:4b:98:69:a5:eb:1b:07:c2:
62:9f:c6:ef:06:4a:9e:ab:3a:7e:c2:88:08:d7:f0:
c2:6c:31:c3:11:94:7e:cc:48:eb:0d:5f:85:0b:14:
68:b2:9f:0a:3d:de:76:2c:bd:c1:a4:e7:f7:d8:d1:
3b:4b:fb:f1:f9:db:14:37:76:38:67:1a:3a:8b:fc:
cb:df:49:39:9a:db:70:00:99:5e:70:c4:f4:b2:65:
17:81:46:11:0c:52:2e:95:11:78:0d:96:36:c2:1a:
c7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:90:C1:6A:5A:A0:54:92:69:9D:00:3E:62:8F:ED:F3:B8:00:4F:A0
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/q5DBalqgVJJpnQA-Yo_t87gAT6A.roa
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b240::/29
Signature Algorithm: sha256WithRSAEncryption
b5:11:d8:c0:65:03:cb:d9:0b:1b:b1:30:9d:1e:f9:59:13:0b:
8a:97:d4:d8:99:86:6e:bf:97:24:6c:0f:67:78:7d:1d:ad:04:
27:91:9a:17:44:54:d2:4c:8e:10:5d:42:64:46:9a:3f:20:1e:
f4:3d:8b:fa:bd:d5:94:da:01:ea:66:7f:af:63:06:2d:23:8a:
14:24:d5:55:73:c0:57:35:3f:0b:3a:b4:cc:a2:b8:26:cc:ba:
38:8c:90:12:21:c1:fc:c5:7f:fe:09:cc:bc:a0:9d:1c:b0:63:
9d:77:19:81:f1:2d:c2:aa:24:45:d3:1f:ae:4e:6d:09:ba:18:
e9:dd:97:de:c5:f3:d3:5b:e9:07:be:7f:0c:1c:4f:89:a5:4a:
11:53:23:36:c3:b7:fa:83:4a:48:c1:58:69:92:66:2d:8e:04:
55:7e:1c:30:8b:f3:f0:97:1f:8d:5d:71:21:e6:70:67:88:5d:
da:fe:ac:2f:96:10:a0:a6:d9:eb:47:3b:ec:ff:fa:2a:a2:0e:
24:5e:16:3a:1f:aa:2e:47:1e:03:2c:b7:b4:c8:3d:19:88:1e:
89:40:fc:82:a0:d6:bf:10:6b:75:3c:d2:1f:f8:fe:5d:2a:97:
51:55:07:1a:47:b4:97:15:af:b6:78:82:b5:7f:01:da:4a:d6:
70:c2:75:fb
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDAbeZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjQwOTAz
MTQwODI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhBQjkwQzE2QTVBQTA1
NDkyNjk5RDAwM0U2MjhGRURGM0I4MDA0RkEwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtb4XxscfvfvM3s3Csw8wzpwCYDtWYlSP5dtFk7DaViw2TL/8
HrWuIjpwY/9Eaz8AIkhf4Ct00uWyOcdzbg4vqQSsQl3uZD/80a2ahoEk+NZqS4sJ
ZS7YSOX7jzSdZHAvTVlRqG2OtJ63djd03bvCyLcsQg2ofg0fiJSwPhaeOxapBsvF
QLkKH0Br08Nusb8QhrSQcI66Rv8/z5TNS5hppesbB8Jin8bvBkqeqzp+wogI1/DC
bDHDEZR+zEjrDV+FCxRosp8KPd52LL3BpOf32NE7S/vx+dsUN3Y4Zxo6i/zL30k5
mttwAJlecMT0smUXgUYRDFIulRF4DZY2whrHwwIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFKuQwWpaoFSSaZ0APmKP7fO4AE+gMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L3E1REJhbHFnVkpKcG5RQS1Zb190ODdnQVQ2QS5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQC1EdjAZQPL2Qsb
sTCdHvlZEwuKl9TYmYZuv5ckbA9neH0drQQnkZoXRFTSTI4QXUJkRpo/IB70PYv6
vdWU2gHqZn+vYwYtI4oUJNVVc8BXNT8LOrTMorgmzLo4jJASIcH8xX/+Ccy8oJ0c
sGOddxmB8S3CqiRF0x+uTm0Juhjp3ZfexfPTW+kHvn8MHE+JpUoRUyM2w7f6g0pI
wVhpkmYtjgRVfhwwi/Pwlx+NXXEh5nBniF3a/qwvlhCgptnrRzvs//oqog4kXhY6
H6ouRx4DLLe0yD0ZiB6JQPyCoNa/EGt1PNIf+P5dKpdRVQcaR7SXFa+2eIK1fwHa
StZwwnX7
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:38:41 2024 by rpki-client on console-fra.rpki-client.org