Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/QQmk-w1SPYRO4I5es9oDfBqd1RI.roa
File: QQmk-w1SPYRO4I5es9oDfBqd1RI.roa (raw, json)
Hash identifier: TgB0dJoAmZbTommjKG+107A1rjpSiSzHUpgbLZegsBQ=
Subject key identifier: 41:09:A4:FB:0D:52:3D:84:4E:E0:8E:5E:B3:DA:03:7C:1A:9D:D5:12
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0841
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QQmk-w1SPYRO4I5es9oDfBqd1RI.roa
Signing time: Mon 30 Sep 2024 23:55:02 +0000
ROA not before: Mon 30 Sep 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2113 (0x841)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Sep 30 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4109A4FB0D523D844EE08E5EB3DA037C1A9DD512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:fe:98:10:0f:5d:3d:cf:00:5f:e0:ac:22:
3d:6d:8d:81:4f:bf:06:e4:6b:92:c3:19:c2:05:a5:
4c:15:62:83:63:47:db:34:d9:60:fa:e7:d7:3a:39:
88:bb:44:e2:24:96:4d:d6:30:c3:99:b5:82:04:be:
d2:4b:37:91:07:0a:7c:b1:c7:68:49:93:7e:b4:a3:
39:be:c1:30:30:6c:fe:61:c6:15:06:20:ea:7e:97:
13:3e:96:35:a5:dc:c7:96:e5:6a:77:fb:ca:26:be:
e9:2a:47:dd:d2:a5:a5:7b:f9:a8:e8:82:31:de:32:
d4:1d:f0:2b:6f:07:f2:62:12:93:73:20:2d:59:46:
13:c7:28:69:7d:2b:ae:2e:d6:52:ef:a5:eb:ff:cd:
fb:83:13:fd:d6:57:56:9e:53:fb:8a:94:4e:aa:30:
7f:30:12:53:c6:86:d1:93:76:f9:d5:5c:2a:1f:82:
fa:7f:c6:b6:dc:c8:7c:24:9a:5e:3a:9b:e5:1d:3b:
af:3a:34:ea:91:71:7b:f2:4e:d3:19:cd:fd:bc:36:
91:8d:e4:8f:27:de:45:ca:e0:e8:57:f8:a6:9c:6e:
e8:d1:76:ca:d9:f6:8c:bf:9c:bc:4d:68:93:6a:c7:
85:19:26:be:aa:1f:c7:69:2b:5d:58:d5:2e:9f:62:
6b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:09:A4:FB:0D:52:3D:84:4E:E0:8E:5E:B3:DA:03:7C:1A:9D:D5:12
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QQmk-w1SPYRO4I5es9oDfBqd1RI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
94:18:3c:2b:ab:47:57:d6:17:cb:56:87:14:3a:11:36:0d:84:
25:1e:6c:e5:b4:f9:e4:b0:9b:f4:64:41:31:2a:7d:8a:c1:82:
d0:ef:e4:ce:9b:80:65:1a:87:a3:87:0b:71:6d:ad:89:14:49:
39:1a:90:a9:79:b0:a9:90:7a:85:f5:4f:b1:8a:59:f8:ca:07:
f8:3c:1e:42:fa:51:2e:e0:c2:f5:07:ab:b4:0f:ee:33:32:3a:
03:ed:34:c3:24:db:52:4c:a8:8b:6d:ed:45:b2:20:0b:13:8b:
fc:06:1a:10:3b:16:e0:e9:d3:c0:d9:9f:d1:34:5f:4b:b0:b2:
f9:06:cd:44:b3:34:d9:20:d1:8f:d5:30:e7:34:b9:44:b8:64:
6e:1f:a8:5c:ac:74:53:63:f3:ca:63:5d:4d:4f:77:c6:97:c6:
0b:53:cd:30:94:f0:be:ae:57:67:82:a3:cd:58:d9:ef:d4:db:
ad:b4:b8:9e:be:05:5e:b8:6d:9d:92:11:26:fc:60:ef:21:68:
ce:c1:66:8d:f5:56:93:a4:3a:61:3b:8d:eb:62:9e:15:e5:61:
f7:13:8f:c5:7e:7b:f8:41:3a:45:56:b1:0e:ce:a6:16:60:d2:
fb:bc:64:07:da:bd:1b:dc:b2:77:d9:6f:c8:81:3b:09:b6:94:
45:fa:72:30
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA5MzAy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQxMDlBNEZCMEQ1MjNE
ODQ0RUUwOEU1RUIzREEwMzdDMUE5REQ1MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrw/6YEA9dPc8AX+CsIj1tjYFPvwbka5LDGcIFpUwVYoNjR9s0
2WD659c6OYi7ROIklk3WMMOZtYIEvtJLN5EHCnyxx2hJk360ozm+wTAwbP5hxhUG
IOp+lxM+ljWl3MeW5Wp3+8omvukqR93SpaV7+ajogjHeMtQd8CtvB/JiEpNzIC1Z
RhPHKGl9K64u1lLvpev/zfuDE/3WV1aeU/uKlE6qMH8wElPGhtGTdvnVXCofgvp/
xrbcyHwkml46m+UdO686NOqRcXvyTtMZzf28NpGN5I8n3kXK4OhX+KacbujRdsrZ
9oy/nLxNaJNqx4UZJr6qH8dpK11Y1S6fYmtJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQQmk+w1SPYRO4I5es9oDfBqd1RIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1FRbWstdzFTUFlSTzRJ
NWVzOW9EZkJxZDFSSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJQYPCurR1fWF8tWhxQ6ETYNhCUebOW0+eSw
m/RkQTEqfYrBgtDv5M6bgGUah6OHC3FtrYkUSTkakKl5sKmQeoX1T7GKWfjKB/g8
HkL6US7gwvUHq7QP7jMyOgPtNMMk21JMqItt7UWyIAsTi/wGGhA7FuDp08DZn9E0
X0uwsvkGzUSzNNkg0Y/VMOc0uUS4ZG4fqFysdFNj88pjXU1Pd8aXxgtTzTCU8L6u
V2eCo81Y2e/U2620uJ6+BV64bZ2SESb8YO8haM7BZo31VpOkOmE7jetinhXlYfcT
j8V+e/hBOkVWsQ7OphZg0vu8ZAfavRvcsnfZb8iBOwm2lEX6cjA=
-----END CERTIFICATE-----
Generated at Tue Oct 1 05:45:27 2024 by rpki-client on console-fra.rpki-client.org