Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Q8_12Z6xZhMWO3MH8xDCpC2PTPU.roa
File: Q8_12Z6xZhMWO3MH8xDCpC2PTPU.roa (raw, json)
Hash identifier: ahh5KHW3rMYCrR06+LY2lRgckeTHv+FKkww9XXixf20=
Subject key identifier: 43:CF:F5:D9:9E:B1:66:13:16:3B:73:07:F3:10:C2:A4:2D:8F:4C:F5
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 096E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q8_12Z6xZhMWO3MH8xDCpC2PTPU.roa
Signing time: Sun 03 Nov 2024 07:55:02 +0000
ROA not before: Sun 03 Nov 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2414 (0x96e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 3 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43CFF5D99EB16613163B7307F310C2A42D8F4CF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:aa:ce:64:a1:9a:07:c3:ba:db:d9:5d:25:
c7:7e:1d:42:cc:a9:5e:71:91:be:e9:71:73:29:de:
bf:31:8b:14:0c:e4:93:59:98:49:cc:d0:bd:ee:a3:
ba:7a:2e:d7:75:05:5b:42:1a:cb:58:c2:1f:e2:d4:
1f:47:c5:da:e3:72:81:b2:37:b4:e4:02:75:92:30:
ff:1e:fe:dd:bf:49:df:8a:ad:de:ec:d1:9c:74:49:
9c:ae:8a:34:8f:40:81:91:c4:69:93:42:88:7a:34:
1b:85:d8:4b:e7:17:3d:c7:b8:64:5e:bf:ce:e4:40:
17:35:5d:f3:8e:2a:af:ee:ac:08:0d:69:69:ba:9f:
31:09:9c:97:ed:f4:89:dc:f8:27:24:2c:32:bd:5d:
bc:86:a4:f0:65:61:fa:d0:17:ee:48:95:c7:ca:8c:
0e:5c:38:49:8d:a6:a7:57:67:3d:15:95:82:91:76:
72:1a:a9:11:88:08:ad:07:48:6d:92:df:59:d8:d3:
4a:55:e0:b0:a4:58:c8:4e:45:87:8a:a0:67:8c:72:
5c:e2:ad:b3:1f:66:55:0f:76:b7:72:92:76:cf:90:
6a:08:82:f4:33:b4:bf:56:db:7d:ab:99:52:12:3a:
83:4f:fe:5c:ff:71:fd:55:51:ff:70:dd:32:0c:91:
f9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CF:F5:D9:9E:B1:66:13:16:3B:73:07:F3:10:C2:A4:2D:8F:4C:F5
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q8_12Z6xZhMWO3MH8xDCpC2PTPU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:0b:2a:bf:8a:81:be:fb:09:b4:1c:52:67:15:67:33:fd:4b:
6e:c1:b9:22:ef:9a:bf:b7:b0:06:8b:f6:cd:31:8e:e0:7a:89:
3c:dd:72:ea:ce:27:6e:40:2b:49:5e:9b:be:61:d0:e4:8c:2d:
d4:1a:16:16:5a:03:c6:b3:b2:0c:aa:26:85:23:5f:6d:8c:a9:
23:f1:67:c6:58:1d:dc:a8:bc:43:56:a8:1d:29:87:50:1d:b7:
dd:94:61:fd:6b:37:d1:bb:e6:6d:99:ac:3c:0f:54:c0:be:d4:
2f:00:22:79:1e:05:05:d2:66:7a:2b:9d:de:93:01:98:b9:8b:
2f:b2:13:73:20:62:4d:91:1d:d0:a0:4f:1e:f6:dc:70:18:6e:
23:86:fc:9f:88:fb:f2:ca:9c:a8:29:a7:c4:33:0b:51:a4:70:
bf:7a:8b:5a:b6:5a:2a:1c:13:af:7c:ed:76:ee:1f:bc:b8:27:
4f:39:fa:cd:fb:e0:ac:5f:50:87:10:c1:36:2f:4d:fd:88:b6:
63:43:24:9a:8c:ca:77:57:bf:e6:ff:ce:49:01:68:9c:de:04:
d3:a5:71:9f:9c:3e:3c:09:56:f4:3b:c9:24:73:c0:ba:c5:e9:
99:8f:6c:63:89:7b:04:ab:47:60:f6:3c:cc:11:10:d6:eb:61:
92:7f:86:64
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDMw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQzQ0ZGNUQ5OUVCMTY2
MTMxNjNCNzMwN0YzMTBDMkE0MkQ4RjRDRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtPKrOZKGaB8O629ldJcd+HULMqV5xkb7pcXMp3r8xixQM5JNZ
mEnM0L3uo7p6Ltd1BVtCGstYwh/i1B9HxdrjcoGyN7TkAnWSMP8e/t2/Sd+Krd7s
0Zx0SZyuijSPQIGRxGmTQoh6NBuF2EvnFz3HuGRev87kQBc1XfOOKq/urAgNaWm6
nzEJnJft9Inc+CckLDK9XbyGpPBlYfrQF+5IlcfKjA5cOEmNpqdXZz0VlYKRdnIa
qRGICK0HSG2S31nY00pV4LCkWMhORYeKoGeMclzirbMfZlUPdrdyknbPkGoIgvQz
tL9W232rmVISOoNP/lz/cf1VUf9w3TIMkfk1AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQ8/12Z6xZhMWO3MH8xDCpC2PTPUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1E4XzEyWjZ4WmhNV08z
TUg4eERDcEMyUFRQVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAC8LKr+Kgb77CbQcUmcVZzP9S27BuSLvmr+3
sAaL9s0xjuB6iTzdcurOJ25AK0lem75h0OSMLdQaFhZaA8azsgyqJoUjX22MqSPx
Z8ZYHdyovENWqB0ph1Adt92UYf1rN9G75m2ZrDwPVMC+1C8AInkeBQXSZnornd6T
AZi5iy+yE3MgYk2RHdCgTx723HAYbiOG/J+I+/LKnKgpp8QzC1GkcL96i1q2Wioc
E6987XbuH7y4J085+s374KxfUIcQwTYvTf2ItmNDJJqMyndXv+b/zkkBaJzeBNOl
cZ+cPjwJVvQ7ySRzwLrF6ZmPbGOJewSrR2D2PMwRENbrYZJ/hmQ=
-----END CERTIFICATE-----
Generated at Sun Nov 3 17:45:25 2024 by rpki-client on console-ams.rpki-client.org