Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Q8bvWiNnuVeaap71nSld6AGZYZc.roa
File: Q8bvWiNnuVeaap71nSld6AGZYZc.roa (raw, json)
Hash identifier: ZQIvOCr2U0s41S3IYR4CfsTl4Blv0zS7/Q1gPAyTGc8=
Subject key identifier: 43:C6:EF:5A:23:67:B9:57:9A:6A:9E:F5:9D:29:5D:E8:01:99:61:97
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0361
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q8bvWiNnuVeaap71nSld6AGZYZc.roa
Signing time: Wed 15 May 2024 07:55:04 +0000
ROA not before: Wed 15 May 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865 (0x361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: May 15 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43C6EF5A2367B9579A6A9EF59D295DE801996197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:0f:8e:00:58:46:dc:55:d5:b4:1f:0f:a4:
c0:00:6c:5d:42:b4:15:a1:ba:f1:f3:a6:3f:d2:9d:
61:27:5c:60:ad:0e:bb:eb:b1:ff:ad:a2:cd:0c:a1:
ee:e3:70:54:24:05:79:bc:08:bf:04:d2:36:43:46:
fc:f5:0c:10:4d:86:8f:2a:b0:49:86:31:43:20:07:
24:c8:49:b0:31:bd:57:29:75:83:cd:a6:76:8d:5b:
ab:36:4a:27:31:c6:06:58:9c:b9:e8:d0:4c:fb:95:
e5:df:eb:3e:59:bb:a9:38:56:07:f9:c4:88:78:73:
a6:b1:d5:fa:38:e1:7c:ba:07:ad:3d:39:ea:e6:c9:
a1:01:c9:e6:e9:85:1b:95:ba:82:05:67:4d:f3:5d:
73:55:54:d0:a5:ce:25:9c:ce:51:db:46:d0:b6:97:
49:8e:3b:9a:21:e7:75:10:61:df:9d:06:40:b3:a2:
19:cd:ea:df:b0:a4:02:86:b5:37:85:9b:c0:38:08:
ae:9a:60:d6:20:01:af:d6:ad:21:4d:52:67:1b:e8:
e7:f3:c7:55:b7:a0:28:e1:29:38:08:31:9b:bd:2b:
dc:75:e7:21:98:68:37:26:d5:1e:c6:b0:a9:68:9a:
49:d4:c6:28:a4:ed:e1:f1:70:b8:3a:bb:eb:a0:75:
5b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C6:EF:5A:23:67:B9:57:9A:6A:9E:F5:9D:29:5D:E8:01:99:61:97
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q8bvWiNnuVeaap71nSld6AGZYZc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:26:ff:6f:bf:ae:71:4f:65:03:3d:34:be:b5:3a:50:fb:b9:
16:45:1d:b8:dc:38:36:9c:de:41:59:e8:f3:43:7e:ea:3e:00:
e2:69:47:de:db:c8:e9:b9:4c:6f:51:0c:78:37:91:7b:1f:b1:
5a:dd:88:3d:c3:ad:14:77:65:da:11:7b:37:53:8a:7f:cf:3f:
a7:89:f8:4b:8b:2b:30:6d:69:85:d4:97:ea:62:99:89:97:c2:
20:60:c9:a5:72:6d:25:c9:15:89:65:f8:d1:f3:1b:34:4f:0d:
82:e8:40:0a:ee:83:7c:ca:8a:bc:14:a1:3e:1d:3c:96:29:fc:
ea:cd:f4:38:b8:5a:99:c0:cd:81:a8:81:01:48:73:56:f2:7a:
4b:cf:bb:a9:1e:c0:23:64:51:17:c5:40:c3:af:32:cf:23:4e:
eb:e4:7c:30:ce:02:51:66:bf:20:ab:ec:46:87:8a:66:a0:27:
c5:6c:6b:d9:33:55:c2:79:a4:fd:9b:a5:93:e4:28:d7:04:8a:
9b:08:70:17:66:b4:5b:f0:a1:97:9e:c5:6e:2a:2c:26:af:2d:
75:0b:f3:6e:f1:08:8c:a3:33:c9:9e:0c:8b:4d:98:80:5c:5b:
6e:08:44:81:3f:cd:dc:72:09:c9:c1:60:25:67:af:ff:44:88:
30:e6:07:e8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICA2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA1MTUw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQzQzZFRjVBMjM2N0I5
NTc5QTZBOUVGNTlEMjk1REU4MDE5OTYxOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCyA+OAFhG3FXVtB8PpMAAbF1CtBWhuvHzpj/SnWEnXGCtDrvr
sf+tos0Moe7jcFQkBXm8CL8E0jZDRvz1DBBNho8qsEmGMUMgByTISbAxvVcpdYPN
pnaNW6s2SicxxgZYnLno0Ez7leXf6z5Zu6k4Vgf5xIh4c6ax1fo44Xy6B609Oerm
yaEByebphRuVuoIFZ03zXXNVVNClziWczlHbRtC2l0mOO5oh53UQYd+dBkCzohnN
6t+wpAKGtTeFm8A4CK6aYNYgAa/WrSFNUmcb6Ofzx1W3oCjhKTgIMZu9K9x15yGY
aDcm1R7GsKlomknUxiik7eHxcLg6u+ugdVu9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQ8bvWiNnuVeaap71nSld6AGZYZcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1E4YnZXaU5udVZlYWFw
NzFuU2xkNkFHWllaYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAI8m/2+/rnFPZQM9NL61OlD7uRZFHbjcODac
3kFZ6PNDfuo+AOJpR97byOm5TG9RDHg3kXsfsVrdiD3DrRR3ZdoRezdTin/PP6eJ
+EuLKzBtaYXUl+pimYmXwiBgyaVybSXJFYll+NHzGzRPDYLoQArug3zKirwUoT4d
PJYp/OrN9Di4WpnAzYGogQFIc1byekvPu6kewCNkURfFQMOvMs8jTuvkfDDOAlFm
vyCr7EaHimagJ8Vsa9kzVcJ5pP2bpZPkKNcEipsIcBdmtFvwoZeexW4qLCavLXUL
827xCIyjM8meDItNmIBcW24IRIE/zdxyCcnBYCVnr/9EiDDmB+g=
-----END CERTIFICATE-----
Generated at Wed May 15 15:01:19 2024 by rpki-client on console-ams.rpki-client.org