Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/QQh86ccQXHRTUbia5nVigrkvsK4.roa
File: QQh86ccQXHRTUbia5nVigrkvsK4.roa (raw, json)
Hash identifier: iqVNpWykCW+BswBe0JPHYQzhYctBaM11k/MWaH3wTy8=
Subject key identifier: 41:08:7C:E9:C7:10:5C:74:53:51:B8:9A:E6:75:62:82:B9:2F:B0:AE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0676
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QQh86ccQXHRTUbia5nVigrkvsK4.roa
Signing time: Sat 10 Aug 2024 23:55:03 +0000
ROA not before: Sat 10 Aug 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1654 (0x676)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Aug 10 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41087CE9C7105C745351B89AE6756282B92FB0AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:1e:f4:b6:05:ff:7b:d1:37:4b:35:d6:69:
cc:ab:78:4f:7d:0d:bf:a6:9f:34:cf:ef:cf:61:78:
13:4e:fd:43:78:18:4b:e3:0c:93:c3:96:a2:40:ef:
0d:a1:9d:92:19:b9:91:8e:82:5e:9e:0a:6e:1b:94:
11:12:c9:0f:79:4d:b3:d3:2e:9b:84:8b:81:a0:ff:
64:ca:c5:34:d2:c2:ab:8b:a8:76:9b:a7:9a:6b:0d:
7c:c6:f4:58:51:60:5e:63:81:75:02:7e:48:da:06:
02:d4:19:cd:7c:1d:e1:8b:1c:ae:04:9f:e8:42:63:
f6:d1:72:88:e5:49:b8:3b:4b:02:a3:e4:db:9f:bd:
e4:90:cb:24:0f:a3:a1:62:cd:4c:fe:2f:ab:fb:45:
9b:90:5c:78:e4:06:f2:8b:0f:b8:6b:34:c3:d0:a7:
8a:03:09:11:57:c5:5a:0f:b2:6e:a9:d7:77:f3:a3:
82:b4:9b:4d:6a:56:a1:05:dc:e0:d3:75:28:1f:7f:
f5:1b:51:c5:66:c7:38:9e:39:8f:b5:66:ad:41:06:
a2:68:f9:be:95:6e:2a:3c:46:80:91:2c:59:48:fc:
e8:22:18:5a:2b:cc:59:88:00:9d:bf:2c:21:58:81:
ea:3d:10:25:c4:e2:4b:61:32:9e:7d:75:53:ec:3a:
6d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:08:7C:E9:C7:10:5C:74:53:51:B8:9A:E6:75:62:82:B9:2F:B0:AE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QQh86ccQXHRTUbia5nVigrkvsK4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7f:1b:34:4a:3c:b4:a2:18:51:7b:b1:32:a3:88:40:11:9c:
9f:4a:92:54:3e:ce:bb:f1:5c:58:d8:17:95:5c:bf:97:23:b5:
94:c0:6e:1e:d5:3c:60:31:31:16:7e:1a:e1:d8:7f:e0:f6:92:
7e:d1:35:e1:9e:1a:71:74:8f:15:56:69:3b:8d:bc:10:ee:76:
b2:ce:69:15:44:bb:9f:36:1f:88:1a:a8:b6:13:13:e8:57:77:
52:b3:f7:13:dd:70:f4:69:62:e3:b4:88:22:13:ff:88:17:e1:
8b:a9:c8:de:82:32:84:62:49:c2:72:70:51:da:1d:88:82:6f:
1e:45:36:96:3e:ba:d1:41:93:9b:0c:2b:e9:19:9d:bf:05:5f:
3f:6b:3d:ee:ed:78:09:5a:78:36:10:9d:8a:01:7e:7e:f6:f9:
fa:cf:e5:79:06:6e:2d:45:2d:07:b5:a1:5f:d6:1c:de:7d:f8:
e5:eb:e5:25:46:a7:bb:48:65:79:46:cb:0c:9a:df:f0:09:39:
be:53:7d:1e:b0:d8:36:d5:95:5e:3e:dd:d9:50:ae:17:1f:80:
12:9b:56:2e:5f:e4:73:72:de:bd:bc:70:09:d0:10:f1:db:3e:
ae:59:67:f6:76:86:19:26:fa:de:ec:de:73:cb:10:a6:2a:30:
ae:c4:c8:93
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MTAy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQxMDg3Q0U5QzcxMDVD
NzQ1MzUxQjg5QUU2NzU2MjgyQjkyRkIwQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCttx70tgX/e9E3SzXWacyreE99Db+mnzTP789heBNO/UN4GEvj
DJPDlqJA7w2hnZIZuZGOgl6eCm4blBESyQ95TbPTLpuEi4Gg/2TKxTTSwquLqHab
p5prDXzG9FhRYF5jgXUCfkjaBgLUGc18HeGLHK4En+hCY/bRcojlSbg7SwKj5Nuf
veSQyyQPo6FizUz+L6v7RZuQXHjkBvKLD7hrNMPQp4oDCRFXxVoPsm6p13fzo4K0
m01qVqEF3ODTdSgff/UbUcVmxzieOY+1Zq1BBqJo+b6Vbio8RoCRLFlI/OgiGFor
zFmIAJ2/LCFYgeo9ECXE4kthMp59dVPsOm2NAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQQh86ccQXHRTUbia5nVigrkvsK4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1FRaDg2Y2NRWEhSVFVi
aWE1blZpZ3JrdnNLNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGB/GzRKPLSiGFF7sTKjiEARnJ9KklQ+zrvx
XFjYF5Vcv5cjtZTAbh7VPGAxMRZ+GuHYf+D2kn7RNeGeGnF0jxVWaTuNvBDudrLO
aRVEu582H4gaqLYTE+hXd1Kz9xPdcPRpYuO0iCIT/4gX4YupyN6CMoRiScJycFHa
HYiCbx5FNpY+utFBk5sMK+kZnb8FXz9rPe7teAlaeDYQnYoBfn72+frP5XkGbi1F
LQe1oV/WHN59+OXr5SVGp7tIZXlGywya3/AJOb5TfR6w2DbVlV4+3dlQrhcfgBKb
Vi5f5HNy3r28cAnQEPHbPq5ZZ/Z2hhkm+t7s3nPLEKYqMK7EyJM=
-----END CERTIFICATE-----
Generated at Sun Aug 11 05:44:50 2024 by rpki-client on console-fra.rpki-client.org