Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Q9sS1POrI3WzshH9SS7RMqtT3EY.roa
File: Q9sS1POrI3WzshH9SS7RMqtT3EY.roa (raw, json)
Hash identifier: VziqChBp6PMc1rMgtRqYv7O5Th4Qu7BKVgej4Zkez78=
Subject key identifier: 43:DB:12:D4:F3:AB:23:75:B3:B2:11:FD:49:2E:D1:32:AB:53:DC:46
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0838
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q9sS1POrI3WzshH9SS7RMqtT3EY.roa
Signing time: Sun 29 Sep 2024 23:55:03 +0000
ROA not before: Sun 29 Sep 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2104 (0x838)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 29 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43DB12D4F3AB2375B3B211FD492ED132AB53DC46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:03:4c:2c:ae:61:9f:80:4b:75:db:51:c7:c6:
14:a0:7c:ec:d1:8e:11:3d:85:76:22:ec:09:8f:6e:
39:5d:97:4a:d0:0e:4b:48:fa:96:e4:ca:b3:4a:95:
ce:2e:a0:06:fd:b9:21:a5:8e:bc:d2:1c:2c:ab:06:
50:89:72:28:b1:5d:51:0d:fd:26:b0:8b:77:fa:2f:
e5:87:c3:c8:b7:20:bd:d7:10:70:a7:68:37:61:65:
2d:86:a9:0e:3a:94:a8:a4:49:a8:94:ae:e3:40:fb:
c2:3e:98:40:2d:da:21:ed:c4:84:d0:54:03:eb:36:
ff:05:fe:fc:b8:86:d8:a6:dd:22:8e:60:00:a4:1b:
29:ec:83:c2:24:e9:74:c4:4c:0e:82:fb:e5:e3:b1:
12:e2:89:f5:4f:f3:25:73:8c:63:7e:26:25:66:cf:
dc:8a:28:c3:33:70:95:91:51:85:a5:2d:e0:46:fa:
0b:af:e5:3d:37:11:df:65:c7:36:96:a0:98:d3:c7:
2d:3d:a5:1e:fc:86:59:d3:77:86:08:34:66:1f:fe:
8b:67:20:09:cf:c3:15:49:0b:f3:3c:67:d2:4a:2b:
0a:46:98:60:ee:30:db:aa:f9:d6:ca:1a:3e:98:fb:
64:a8:c0:0d:3c:27:fd:18:0c:6c:71:73:d0:05:f0:
45:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DB:12:D4:F3:AB:23:75:B3:B2:11:FD:49:2E:D1:32:AB:53:DC:46
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Q9sS1POrI3WzshH9SS7RMqtT3EY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
88:29:d1:aa:9f:ca:cd:02:24:2e:0a:f5:2e:b5:47:88:62:9b:
d6:8b:f0:c9:cd:c1:69:dc:72:58:6f:44:4a:17:40:23:ae:6f:
08:3b:2a:81:53:67:57:2d:76:83:38:00:19:ec:5b:4d:47:78:
f2:40:e7:fa:fb:e0:b1:5c:38:7a:5a:90:b8:51:eb:2f:71:b5:
68:ea:4a:50:cb:00:71:3c:e3:64:f2:9e:ff:80:70:86:ef:ff:
b5:da:06:8b:83:2d:97:c8:84:7d:03:81:68:69:5c:84:38:fd:
77:c2:3c:ac:b2:11:9b:1f:de:cf:00:eb:89:90:f1:7d:4f:c2:
77:31:b8:1f:ed:b9:be:f0:a6:15:f2:c0:a3:c3:54:98:e9:c5:
8b:08:ab:b5:84:c5:e3:07:1f:42:83:89:b0:d3:5f:7f:e1:97:
cc:80:e7:e4:98:a4:dd:48:28:d1:fc:33:76:f2:c4:2c:1d:9b:
47:1e:9e:4f:9c:44:c2:40:2b:8d:98:b3:bd:4d:0e:22:59:66:
ef:d4:7a:f0:0f:dd:eb:05:3b:28:7d:8d:b5:c5:e0:83:a4:e6:
c9:35:b9:b5:d4:24:4e:96:6d:08:ae:ed:a0:e7:82:cd:10:51:
02:d2:5c:b7:80:11:2a:cc:79:22:b3:89:50:48:12:fe:b4:ea:
6b:80:18:2d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5Mjky
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQzREIxMkQ0RjNBQjIz
NzVCM0IyMTFGRDQ5MkVEMTMyQUI1M0RDNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuA0wsrmGfgEt121HHxhSgfOzRjhE9hXYi7AmPbjldl0rQDktI
+pbkyrNKlc4uoAb9uSGljrzSHCyrBlCJciixXVEN/Sawi3f6L+WHw8i3IL3XEHCn
aDdhZS2GqQ46lKikSaiUruNA+8I+mEAt2iHtxITQVAPrNv8F/vy4htim3SKOYACk
Gynsg8Ik6XTETA6C++XjsRLiifVP8yVzjGN+JiVmz9yKKMMzcJWRUYWlLeBG+guv
5T03Ed9lxzaWoJjTxy09pR78hlnTd4YINGYf/otnIAnPwxVJC/M8Z9JKKwpGmGDu
MNuq+dbKGj6Y+2SowA08J/0YDGxxc9AF8EXjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQ9sS1POrI3WzshH9SS7RMqtT3EYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1E5c1MxUE9ySTNXenNo
SDlTUzdSTXF0VDNFWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIgp0aqfys0CJC4K9S61R4him9aL8MnNwWnc
clhvREoXQCOubwg7KoFTZ1ctdoM4ABnsW01HePJA5/r74LFcOHpakLhR6y9xtWjq
SlDLAHE842Tynv+AcIbv/7XaBouDLZfIhH0DgWhpXIQ4/XfCPKyyEZsf3s8A64mQ
8X1PwncxuB/tub7wphXywKPDVJjpxYsIq7WExeMHH0KDibDTX3/hl8yA5+SYpN1I
KNH8M3byxCwdm0cenk+cRMJAK42Ys71NDiJZZu/UevAP3esFOyh9jbXF4IOk5sk1
ubXUJE6WbQiu7aDngs0QUQLSXLeAESrMeSKziVBIEv606muAGC0=
-----END CERTIFICATE-----
Generated at Mon Sep 30 06:51:02 2024 by rpki-client on console-ams.rpki-client.org