Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Q-YvGsAfnApwm-NTOpAAWyYwUhM.roa
File: Q-YvGsAfnApwm-NTOpAAWyYwUhM.roa (raw, json)
Hash identifier: ZlfS2Jfy+dzUZs154pFSTiMBVDHjPiWA7eYjdye8WNs=
Subject key identifier: 43:E6:2F:1A:C0:1F:9C:0A:70:9B:E3:53:3A:90:00:5B:26:30:52:13
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08E6
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q-YvGsAfnApwm-NTOpAAWyYwUhM.roa
Signing time: Sat 19 Oct 2024 07:55:03 +0000
ROA not before: Sat 19 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2278 (0x8e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 19 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43E62F1AC01F9C0A709BE3533A90005B26305213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a6:c0:ca:81:55:1e:1e:73:c6:62:2b:d6:56:
c2:72:c3:b9:9b:d8:49:06:96:94:f8:30:db:71:9f:
1f:6e:ad:94:f8:62:f7:5e:a3:6e:58:d8:63:19:84:
4b:f6:c9:eb:d2:f4:4b:33:0a:ec:2d:ac:f4:b7:76:
77:92:b6:45:67:d6:49:83:3b:7b:7a:ff:5a:cd:8d:
99:69:9a:0c:dd:cd:d8:7b:0e:5d:9a:b1:34:91:04:
43:ff:c8:0a:19:9c:f8:50:8a:b5:da:2e:7f:58:b3:
73:5a:d9:59:c7:7a:ef:bb:3e:22:97:c4:eb:94:32:
07:41:d4:11:25:75:3f:a7:05:5e:0e:eb:d6:f8:c6:
26:0e:cd:81:ef:bd:6d:91:97:bb:86:44:62:23:c6:
47:cf:f4:7a:4b:19:09:ff:a6:f1:4e:bf:ec:14:89:
88:41:a6:94:e2:db:e8:fc:e8:85:77:5c:80:e3:65:
fb:17:ab:2d:f4:37:10:f9:c3:51:08:09:2b:0f:53:
3a:83:2b:84:82:da:81:3b:71:2b:88:3a:7c:df:9f:
18:07:2b:79:f5:4a:4b:3c:18:6b:81:65:e8:cb:7f:
f4:0d:86:a8:9a:7d:39:1e:b4:0b:1c:b8:a5:46:c5:
d2:f6:85:d0:d3:98:aa:e4:6e:2d:49:d4:b2:75:77:
ed:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E6:2F:1A:C0:1F:9C:0A:70:9B:E3:53:3A:90:00:5B:26:30:52:13
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q-YvGsAfnApwm-NTOpAAWyYwUhM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:57:3d:9e:bf:ee:7b:44:c4:87:ca:0f:9f:61:eb:34:66:c9:
36:15:7f:87:43:3c:a7:7f:d2:07:df:fc:0a:96:1a:0c:d9:f7:
85:31:3c:34:3d:b7:f1:30:ed:d7:8b:b4:4a:e4:43:b9:eb:dc:
5d:34:86:5d:5f:78:43:e1:71:ee:fd:54:61:6b:05:66:cd:f4:
9f:47:5d:a6:c4:f3:56:9b:57:79:60:f3:b3:a3:ae:05:b7:3c:
c8:26:cb:1e:d1:ce:82:c5:2e:8b:23:41:f3:4c:16:d8:41:d7:
cf:7c:32:50:b9:db:2a:7a:66:e1:cd:9f:fb:c5:aa:4e:cc:cd:
8e:8c:60:7f:f9:b9:3d:6f:4b:34:56:66:55:2b:b5:6a:f0:0a:
49:a3:53:c2:79:e3:ce:27:bf:8d:3f:d3:fc:6b:74:d1:0a:46:
f3:4a:52:e8:4b:bc:4b:f3:d3:60:f8:95:d1:ae:94:42:dc:89:
ba:1a:a3:dd:74:b8:a6:d3:cd:9b:00:9f:a0:01:4d:9d:f4:8e:
87:09:c2:da:39:c2:4d:02:a5:a7:4f:55:07:3d:84:09:43:cd:
d3:fd:cd:e0:9c:e6:ee:87:3c:ee:5b:44:21:e4:d8:4b:21:83:
c7:34:d7:20:63:18:e0:a1:75:b7:d3:4b:c7:2b:98:b0:55:36:
bc:ae:c9:ae
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCOYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTkw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQzRTYyRjFBQzAxRjlD
MEE3MDlCRTM1MzNBOTAwMDVCMjYzMDUyMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBpsDKgVUeHnPGYivWVsJyw7mb2EkGlpT4MNtxnx9urZT4Yvde
o25Y2GMZhEv2yevS9EszCuwtrPS3dneStkVn1kmDO3t6/1rNjZlpmgzdzdh7Dl2a
sTSRBEP/yAoZnPhQirXaLn9Ys3Na2VnHeu+7PiKXxOuUMgdB1BEldT+nBV4O69b4
xiYOzYHvvW2Rl7uGRGIjxkfP9HpLGQn/pvFOv+wUiYhBppTi2+j86IV3XIDjZfsX
qy30NxD5w1EICSsPUzqDK4SC2oE7cSuIOnzfnxgHK3n1Sks8GGuBZejLf/QNhqia
fTketAscuKVGxdL2hdDTmKrkbi1J1LJ1d+0NAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQ+YvGsAfnApwm+NTOpAAWyYwUhMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1EtWXZHc0FmbkFwd20t
TlRPcEFBV3lZd1VoTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALFXPZ6/7ntExIfKD59h6zRmyTYVf4dDPKd/
0gff/AqWGgzZ94UxPDQ9t/Ew7deLtErkQ7nr3F00hl1feEPhce79VGFrBWbN9J9H
XabE81abV3lg87OjrgW3PMgmyx7RzoLFLosjQfNMFthB1898MlC52yp6ZuHNn/vF
qk7MzY6MYH/5uT1vSzRWZlUrtWrwCkmjU8J5484nv40/0/xrdNEKRvNKUuhLvEvz
02D4ldGulELciboao910uKbTzZsAn6ABTZ30jocJwto5wk0CpadPVQc9hAlDzdP9
zeCc5u6HPO5bRCHk2Eshg8c01yBjGOChdbfTS8crmLBVNryuya4=
-----END CERTIFICATE-----
Generated at Sat Oct 19 15:10:58 2024 by rpki-client on console-ams.rpki-client.org