Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Qx9syi8boy0wdKv0WY9uEQfes9c.roa
File: Qx9syi8boy0wdKv0WY9uEQfes9c.roa (raw, json)
Hash identifier: Sia94UYXInMtsBUkxMYHV/hAl8qbvkfSd+HsnX9zDUQ=
Subject key identifier: 43:1F:6C:CA:2F:1B:A3:2D:30:74:AB:F4:59:8F:6E:11:07:DE:B3:D7
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09A1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Qx9syi8boy0wdKv0WY9uEQfes9c.roa
Signing time: Fri 08 Nov 2024 23:55:03 +0000
ROA not before: Fri 08 Nov 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Nov 2024 03:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2465 (0x9a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 8 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=431F6CCA2F1BA32D3074ABF4598F6E1107DEB3D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7b:2f:32:eb:e3:3e:29:8d:59:a6:c0:e6:8c:
f6:e0:06:de:5d:78:9c:a6:64:cc:cc:6a:a9:21:5a:
8a:54:93:43:96:18:5a:28:0f:62:6d:f3:60:36:58:
8c:76:49:94:12:11:23:8c:bf:7f:05:88:2b:10:6e:
f9:1e:88:1f:d7:5e:dd:80:44:e3:51:41:4f:05:32:
f4:b5:12:62:01:35:64:43:c8:2c:6c:bb:b2:19:72:
d9:d7:29:84:69:ca:05:66:2b:e9:23:2a:dd:63:f0:
64:29:62:dc:62:e9:9a:e6:17:6e:83:f1:98:17:a4:
66:5f:d2:ad:78:1f:7a:8f:94:28:1a:d1:f3:53:33:
7e:27:ad:33:31:00:78:03:cc:a0:a5:e8:83:ef:9a:
69:62:26:d0:37:eb:31:4d:2e:1c:7b:60:43:8d:f0:
40:87:f3:c4:4b:c7:6b:7d:88:ad:f1:6f:c6:ca:43:
44:58:fa:8c:c5:c8:a3:0c:3f:9a:40:45:71:65:c1:
8e:40:80:20:b1:ad:0e:c9:39:f1:48:a6:cc:91:ab:
36:c2:34:bc:55:22:d9:d2:49:1c:16:38:a9:d8:e8:
26:c3:b8:af:29:f4:d6:ef:33:8c:eb:47:bd:fe:51:
ec:12:59:b3:20:34:81:19:39:12:9d:18:35:11:c1:
79:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1F:6C:CA:2F:1B:A3:2D:30:74:AB:F4:59:8F:6E:11:07:DE:B3:D7
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Qx9syi8boy0wdKv0WY9uEQfes9c.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
37:44:6b:f3:a1:7f:90:c8:7c:48:98:37:b9:df:f1:8e:d4:b5:
f9:65:1c:0c:7a:31:53:1b:1f:bc:32:10:46:5d:24:12:fd:86:
f3:bb:42:11:7e:15:44:8d:4e:4a:01:21:0c:4c:4a:1f:92:4e:
c2:3c:78:39:dd:be:18:80:6c:da:a8:4a:a0:15:86:53:8c:c7:
e6:f6:67:eb:e4:ec:10:02:c5:fd:33:c5:5e:a6:78:da:15:f5:
44:82:dd:39:2a:17:91:89:f3:d5:2a:70:e6:fe:0f:de:6c:71:
ea:ac:d4:09:ae:d6:45:d8:e3:2d:78:11:1e:7f:8b:91:f4:0e:
3e:ae:ff:ce:1f:a2:d4:0b:e6:cc:c4:94:34:d1:51:be:47:72:
7b:af:e7:fe:47:37:ec:93:e6:db:10:ee:81:88:7c:0f:c9:45:
47:a4:2c:db:e3:c1:fa:90:4d:96:69:6d:9a:86:44:d0:c6:ec:
f1:fa:57:c3:c3:c9:84:71:41:8c:07:51:75:02:a2:b3:1c:81:
b4:da:6d:ef:e3:e3:1d:26:d3:bf:45:94:27:ec:ac:b9:89:93:
f1:1c:48:36:1e:8b:09:ce:59:ab:dc:46:4f:53:30:fb:61:ef:
be:d5:6a:42:ec:ba:0b:47:cb:c9:43:87:67:9e:c2:92:55:3a:
7d:11:e1:d2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMDgy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQzMUY2Q0NBMkYxQkEz
MkQzMDc0QUJGNDU5OEY2RTExMDdERUIzRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqey8y6+M+KY1ZpsDmjPbgBt5deJymZMzMaqkhWopUk0OWGFoo
D2Jt82A2WIx2SZQSESOMv38FiCsQbvkeiB/XXt2ARONRQU8FMvS1EmIBNWRDyCxs
u7IZctnXKYRpygVmK+kjKt1j8GQpYtxi6ZrmF26D8ZgXpGZf0q14H3qPlCga0fNT
M34nrTMxAHgDzKCl6IPvmmliJtA36zFNLhx7YEON8ECH88RLx2t9iK3xb8bKQ0RY
+ozFyKMMP5pARXFlwY5AgCCxrQ7JOfFIpsyRqzbCNLxVItnSSRwWOKnY6CbDuK8p
9NbvM4zrR73+UewSWbMgNIEZORKdGDURwXnjAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUQx9syi8boy0wdKv0WY9uEQfes9cwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1F4OXN5aThib3kwd2RL
djBXWTl1RVFmZXM5Yy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADdEa/Ohf5DIfEiYN7nf8Y7UtfllHAx6MVMb
H7wyEEZdJBL9hvO7QhF+FUSNTkoBIQxMSh+STsI8eDndvhiAbNqoSqAVhlOMx+b2
Z+vk7BACxf0zxV6meNoV9USC3TkqF5GJ89UqcOb+D95sceqs1Amu1kXY4y14ER5/
i5H0Dj6u/84fotQL5szElDTRUb5Hcnuv5/5HN+yT5tsQ7oGIfA/JRUekLNvjwfqQ
TZZpbZqGRNDG7PH6V8PDyYRxQYwHUXUCorMcgbTabe/j4x0m079FlCfsrLmJk/Ec
SDYeiwnOWavcRk9TMPth777VakLsugtHy8lDh2eewpJVOn0R4dI=
-----END CERTIFICATE-----
Generated at Sat Nov 9 07:07:38 2024 by rpki-client on console-fra.rpki-client.org