Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/A-UQS-rdOK-BY5yxzY3Aced5akQ.roa
File: A-UQS-rdOK-BY5yxzY3Aced5akQ.roa (raw, json)
Hash identifier: VJG0JHHmxbjpbdWlSZLYSIqz+DCzlIogdoipsyDtCbM=
Subject key identifier: 03:E5:10:4B:EA:DD:38:AF:81:63:9C:B1:CD:8D:C0:71:E7:79:6A:44
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0932
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/A-UQS-rdOK-BY5yxzY3Aced5akQ.roa
Signing time: Sun 27 Oct 2024 15:55:03 +0000
ROA not before: Sun 27 Oct 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2354 (0x932)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 27 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03E5104BEADD38AF81639CB1CD8DC071E7796A44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:16:55:d6:18:1f:d0:48:68:db:01:45:96:c0:
92:88:93:da:7b:54:ac:b2:bc:a8:2e:a3:36:09:7e:
ae:31:de:5f:3b:cc:78:3e:b1:0b:ef:7c:60:e9:e8:
53:05:97:4e:09:a0:30:ce:fb:87:22:64:b3:c0:19:
30:9a:5e:1a:93:35:85:ce:a1:dd:cb:93:5d:d8:3b:
65:24:95:3b:b8:fd:19:c2:4b:d3:4b:85:9d:ed:bf:
e6:af:db:3d:73:44:29:d1:00:8b:0e:cf:d6:d9:06:
df:6b:fe:6d:e0:69:9b:2d:3d:13:01:56:9a:02:2f:
36:9d:f4:c1:b8:10:0f:68:f9:d8:4c:7a:64:9e:95:
a8:44:a6:19:ae:9b:38:a7:0b:51:0b:d4:9f:0e:eb:
9f:fc:3f:3c:d6:d1:05:b9:0c:a8:47:ee:5e:ef:c7:
73:45:44:20:ec:af:e9:78:af:21:95:57:99:91:59:
eb:8f:35:13:a2:e1:81:bf:32:00:62:1e:fc:ef:74:
3e:57:28:84:37:12:50:5a:3b:f1:43:d1:92:b1:be:
cf:2f:4a:3c:ad:86:44:e3:ba:a3:3f:4a:46:47:ef:
28:36:2d:6c:0a:07:b0:99:fd:ac:64:04:5f:01:db:
20:a7:57:04:c2:49:b4:ad:9c:84:0d:fc:82:5b:86:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E5:10:4B:EA:DD:38:AF:81:63:9C:B1:CD:8D:C0:71:E7:79:6A:44
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/A-UQS-rdOK-BY5yxzY3Aced5akQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:10:14:79:1f:8b:0d:ab:66:ef:38:61:f9:16:99:e0:27:a3:
62:c5:a9:b5:de:04:0e:b1:b2:74:98:f3:0a:0e:cb:3e:a2:f9:
bc:54:01:f0:bf:b5:85:56:53:f6:03:66:c1:8f:33:c7:22:a4:
8a:9e:7c:38:b9:5d:05:38:46:c8:22:ac:c9:aa:a3:f9:22:7b:
11:6e:0d:b5:3d:5c:77:9c:a4:45:ab:c0:fd:06:0e:b8:68:fb:
90:19:c3:71:89:30:29:9d:cc:59:ea:3e:07:06:d7:ea:72:98:
5d:96:18:32:d2:5a:3e:92:12:91:22:2f:94:17:25:45:50:14:
5e:15:c3:cb:7d:dd:30:7e:91:06:00:2b:e9:12:f3:4e:43:92:
26:bb:97:54:df:b6:3c:4c:bb:97:fe:e1:e4:4c:b9:af:16:4d:
7e:f3:d1:61:63:a2:46:8f:01:58:94:23:04:ae:44:05:31:d1:
2f:da:cc:06:35:a6:3a:ee:16:f8:60:b7:4e:4b:8c:eb:cb:18:
2f:5e:74:6e:c4:3a:6c:32:15:66:e4:eb:8a:2a:6c:29:b4:47:
e7:eb:ed:66:a5:fb:c9:a7:71:94:ec:06:c7:1f:36:d1:a2:d3:
a2:ce:c0:46:ac:c2:e7:b6:68:65:9c:bc:19:1d:8f:14:36:d1:
22:56:3b:de
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCTIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMjcx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAzRTUxMDRCRUFERDM4
QUY4MTYzOUNCMUNEOERDMDcxRTc3OTZBNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvFlXWGB/QSGjbAUWWwJKIk9p7VKyyvKguozYJfq4x3l87zHg+
sQvvfGDp6FMFl04JoDDO+4ciZLPAGTCaXhqTNYXOod3Lk13YO2UklTu4/RnCS9NL
hZ3tv+av2z1zRCnRAIsOz9bZBt9r/m3gaZstPRMBVpoCLzad9MG4EA9o+dhMemSe
lahEphmumzinC1EL1J8O65/8PzzW0QW5DKhH7l7vx3NFRCDsr+l4ryGVV5mRWeuP
NROi4YG/MgBiHvzvdD5XKIQ3ElBaO/FD0ZKxvs8vSjythkTjuqM/SkZH7yg2LWwK
B7CZ/axkBF8B2yCnVwTCSbStnIQN/IJbhhIfAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUA+UQS+rdOK+BY5yxzY3Aced5akQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0EtVVFTLXJkT0stQlk1
eXh6WTNBY2VkNWFrUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD8QFHkfiw2rZu84YfkWmeAno2LFqbXeBA6x
snSY8woOyz6i+bxUAfC/tYVWU/YDZsGPM8cipIqefDi5XQU4RsgirMmqo/kiexFu
DbU9XHecpEWrwP0GDrho+5AZw3GJMCmdzFnqPgcG1+pymF2WGDLSWj6SEpEiL5QX
JUVQFF4Vw8t93TB+kQYAK+kS805Dkia7l1TftjxMu5f+4eRMua8WTX7z0WFjokaP
AViUIwSuRAUx0S/azAY1pjruFvhgt05LjOvLGC9edG7EOmwyFWbk64oqbCm0R+fr
7Wal+8mncZTsBscfNtGi06LOwEaswue2aGWcvBkdjxQ20SJWO94=
-----END CERTIFICATE-----
Generated at Sun Oct 27 21:35:11 2024 by rpki-client on console-ams.rpki-client.org