Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/QfmXCqxLSQ_6XzZ5pBe3c6ANcN4.roa
File: QfmXCqxLSQ_6XzZ5pBe3c6ANcN4.roa (raw, json)
Hash identifier: nsyl3GI0ty3zXXYjUq+AiDEPQ70bSzHASA/4M4QiSbk=
Subject key identifier: 41:F9:97:0A:AC:4B:49:0F:FA:5F:36:79:A4:17:B7:73:A0:0D:70:DE
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0562
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QfmXCqxLSQ_6XzZ5pBe3c6ANcN4.roa
Signing time: Thu 11 Jul 2024 07:55:03 +0000
ROA not before: Thu 11 Jul 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1378 (0x562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jul 11 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41F9970AAC4B490FFA5F3679A417B773A00D70DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d9:ed:4e:63:e6:02:6c:66:ff:c3:88:66:a8:
25:94:b3:d1:18:77:64:15:e1:e3:a2:4d:95:05:88:
19:98:de:c6:b4:ad:d8:d8:2d:36:f5:54:84:5c:c3:
2f:c2:ef:98:1a:7a:ee:34:f2:28:11:17:7e:9a:76:
11:7f:b6:5d:54:53:bd:f9:fd:82:7e:66:df:f6:6a:
70:05:56:dd:37:80:34:77:f7:d5:d4:01:6f:fa:f4:
3b:63:70:fd:e4:41:63:32:69:0a:ee:1c:99:89:ab:
ed:e3:1d:09:60:a8:9b:0b:5e:33:22:9f:6e:2e:80:
f9:ed:38:22:7f:41:5a:53:7a:33:3f:e7:ff:dc:19:
7b:10:b3:4d:c8:ca:80:18:59:52:38:37:08:bd:85:
9e:90:d6:c1:e6:2a:73:83:fd:6d:81:1e:d3:03:05:
cf:27:59:ff:96:a5:c6:d6:c5:bd:61:d8:1f:85:e7:
36:90:f5:cc:24:4c:96:6d:5e:b4:0a:26:2a:88:ec:
4e:34:a0:fe:2b:80:a4:3c:1b:21:ae:3f:a0:7e:46:
ca:70:2a:bc:8d:fe:c2:39:13:14:69:b1:d6:c4:5e:
2e:9e:8c:39:22:c6:c3:f3:a8:cf:5c:67:8d:68:78:
ae:65:2f:53:5b:3d:a5:e4:a5:88:bd:a6:1b:72:33:
a2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F9:97:0A:AC:4B:49:0F:FA:5F:36:79:A4:17:B7:73:A0:0D:70:DE
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/QfmXCqxLSQ_6XzZ5pBe3c6ANcN4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ab:43:d9:fc:e2:4d:5d:0b:8f:81:5f:fe:7c:c3:d5:24:76:
3a:a3:00:c5:bc:47:69:18:46:7a:eb:8e:36:bf:a1:34:3a:8a:
8a:a5:1d:55:7e:77:4f:8e:2a:11:77:aa:39:da:09:6c:93:f8:
9e:c1:b1:00:28:ab:87:d9:3d:40:91:06:6e:13:c6:48:1a:e8:
ed:07:ec:ca:36:fc:33:5c:11:cf:94:db:9b:57:6e:86:99:99:
b9:09:01:1f:af:be:f8:8f:a7:74:e5:82:09:f4:27:f4:79:2d:
81:c9:dc:4e:00:fe:9b:fd:03:66:1b:71:1e:08:bb:6e:f7:91:
0c:e9:e3:ec:d3:a2:3d:3d:e6:f7:30:2f:26:d9:ba:df:0d:a1:
ab:d9:d5:ec:02:a0:13:d4:0f:e3:fd:25:00:47:31:c5:5d:98:
6a:4d:1c:78:f1:a4:91:58:21:1c:11:f4:f4:14:e2:42:3a:4b:
ba:69:d5:d0:b7:d7:e9:ec:0f:33:13:ca:91:77:6f:b2:40:de:
cd:35:77:28:1a:a8:42:b9:c6:45:6a:60:d0:47:09:6b:bc:f7:
d5:67:c7:fe:4e:f5:25:d3:2e:b3:be:29:14:75:e4:67:82:80:
69:0f:6c:ec:dc:41:77:4f:58:03:c3:0d:07:ce:9e:b6:77:2d:
01:cc:83:c5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA3MTEw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQxRjk5NzBBQUM0QjQ5
MEZGQTVGMzY3OUE0MTdCNzczQTAwRDcwREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg2e1OY+YCbGb/w4hmqCWUs9EYd2QV4eOiTZUFiBmY3sa0rdjY
LTb1VIRcwy/C75gaeu408igRF36adhF/tl1UU735/YJ+Zt/2anAFVt03gDR399XU
AW/69DtjcP3kQWMyaQruHJmJq+3jHQlgqJsLXjMin24ugPntOCJ/QVpTejM/5//c
GXsQs03IyoAYWVI4Nwi9hZ6Q1sHmKnOD/W2BHtMDBc8nWf+WpcbWxb1h2B+F5zaQ
9cwkTJZtXrQKJiqI7E40oP4rgKQ8GyGuP6B+RspwKryN/sI5ExRpsdbEXi6ejDki
xsPzqM9cZ41oeK5lL1NbPaXkpYi9phtyM6LxAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQfmXCqxLSQ/6XzZ5pBe3c6ANcN4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1FmbVhDcXhMU1FfNlh6
WjVwQmUzYzZBTmNONC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHGrQ9n84k1dC4+BX/58w9UkdjqjAMW8R2kY
Rnrrjja/oTQ6ioqlHVV+d0+OKhF3qjnaCWyT+J7BsQAoq4fZPUCRBm4Txkga6O0H
7Mo2/DNcEc+U25tXboaZmbkJAR+vvviPp3Tlggn0J/R5LYHJ3E4A/pv9A2YbcR4I
u273kQzp4+zToj095vcwLybZut8NoavZ1ewCoBPUD+P9JQBHMcVdmGpNHHjxpJFY
IRwR9PQU4kI6S7pp1dC31+nsDzMTypF3b7JA3s01dygaqEK5xkVqYNBHCWu899Vn
x/5O9SXTLrO+KRR15GeCgGkPbOzcQXdPWAPDDQfOnrZ3LQHMg8U=
-----END CERTIFICATE-----
Generated at Thu Jul 11 13:05:50 2024 by rpki-client on console-fra.rpki-client.org