Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/q5E2Y5BwAWOI5oOUIzUcgEWb7PE.roa
File: q5E2Y5BwAWOI5oOUIzUcgEWb7PE.roa (raw, json)
Hash identifier: gWQX+rTzWWm3DOuP5Mq4cwfIbiNTald4v/xgziwhFFw=
Subject key identifier: AB:91:36:63:90:70:01:63:88:E6:83:94:23:35:1C:80:45:9B:EC:F1
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 09EF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/q5E2Y5BwAWOI5oOUIzUcgEWb7PE.roa
Signing time: Sun 17 Nov 2024 15:55:02 +0000
ROA not before: Sun 17 Nov 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2543 (0x9ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 17 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=AB9136639070016388E6839423351C80459BECF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0b:a8:6a:c1:96:93:a3:96:8b:8f:1c:0d:b8:
6d:2f:d6:01:38:bf:59:b8:4d:39:42:74:d3:e0:ff:
14:61:a1:db:46:53:68:e8:11:5e:87:23:39:bb:f4:
7a:c0:4f:44:7b:73:bc:fe:60:c6:ac:2c:0a:48:72:
cf:10:8c:1d:b6:ec:84:d0:a5:2c:70:2c:ad:b4:1d:
27:45:ca:52:53:36:40:35:47:19:b8:df:16:41:8c:
cf:bc:e4:c9:b6:83:cb:2a:fb:52:90:2a:c5:e3:02:
30:02:57:e9:32:3c:c8:6b:46:a9:a3:bc:99:9e:92:
ab:b1:3f:e6:bc:e4:f1:52:48:53:54:67:20:85:ae:
fb:06:9c:57:7d:93:85:2b:bb:95:a1:42:fa:91:5a:
29:af:90:d9:88:d6:eb:41:ae:2d:72:34:f5:26:88:
10:e6:ee:75:4d:9b:d9:49:40:d5:67:66:bd:2f:d6:
fd:2c:00:52:c6:96:8d:69:22:ed:0b:2e:c9:e9:37:
a9:ac:01:46:e7:47:88:61:5b:33:23:03:1f:08:dc:
ce:77:7f:dc:e1:30:dd:db:0f:a8:5b:cd:09:f4:fa:
6f:a3:65:1b:fa:b4:f5:ae:a6:29:37:ee:58:3e:48:
3b:82:ed:6f:58:5b:58:41:cc:1c:99:b4:83:4e:32:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:91:36:63:90:70:01:63:88:E6:83:94:23:35:1C:80:45:9B:EC:F1
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/q5E2Y5BwAWOI5oOUIzUcgEWb7PE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:0f:03:c5:e1:41:81:2f:b0:ce:17:ac:12:43:e1:43:b2:01:
4c:3d:11:e3:43:dd:d8:92:45:ff:2b:e3:e9:52:de:c2:35:eb:
c7:87:5e:cc:14:42:54:3f:85:85:42:c9:b0:0d:03:b2:e2:ca:
49:37:d6:e8:5a:ae:72:bf:25:b2:37:9c:a7:6a:c9:85:00:38:
3b:bf:d7:43:da:c4:d4:d8:c6:d3:d6:0c:0d:62:4d:fc:16:97:
1e:49:aa:95:6a:e0:9e:49:9f:7b:32:df:16:81:5b:d9:79:56:
dc:d8:a2:59:87:88:ea:37:7a:17:22:e9:53:ce:4e:10:b9:e9:
57:55:a3:b9:bd:3e:37:bb:87:96:88:0e:cf:14:c1:a0:ee:fe:
04:a1:aa:8c:27:c2:30:22:41:07:ed:a1:c4:19:17:15:a5:e5:
c0:89:d9:0c:d3:cc:c2:7b:4f:d4:3a:f8:08:60:2f:92:97:98:
1f:f5:27:60:74:ca:f0:b9:f7:b2:c8:f3:59:70:81:ed:2a:68:
a6:86:97:7f:8c:65:dc:ef:6f:e0:2b:82:90:d9:e9:df:58:89:
61:84:c9:aa:1b:aa:1d:0d:43:22:2a:0a:ca:cd:f9:c6:45:56:
76:83:70:18:0a:16:14:dc:20:d2:de:cc:58:b9:22:b8:81:4b:
c7:76:6d:28
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMTcx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEFCOTEzNjYzOTA3MDAx
NjM4OEU2ODM5NDIzMzUxQzgwNDU5QkVDRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuC6hqwZaTo5aLjxwNuG0v1gE4v1m4TTlCdNPg/xRhodtGU2jo
EV6HIzm79HrAT0R7c7z+YMasLApIcs8QjB227ITQpSxwLK20HSdFylJTNkA1Rxm4
3xZBjM+85Mm2g8sq+1KQKsXjAjACV+kyPMhrRqmjvJmekquxP+a85PFSSFNUZyCF
rvsGnFd9k4Uru5WhQvqRWimvkNmI1utBri1yNPUmiBDm7nVNm9lJQNVnZr0v1v0s
AFLGlo1pIu0LLsnpN6msAUbnR4hhWzMjAx8I3M53f9zhMN3bD6hbzQn0+m+jZRv6
tPWupik37lg+SDuC7W9YW1hBzByZtINOMmkfAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUq5E2Y5BwAWOI5oOUIzUcgEWb7PEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3E1RTJZNUJ3QVdPSTVv
T1VJelVjZ0VXYjdQRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGwPA8XhQYEvsM4XrBJD4UOyAUw9EeND3diS
Rf8r4+lS3sI168eHXswUQlQ/hYVCybANA7Liykk31uharnK/JbI3nKdqyYUAODu/
10PaxNTYxtPWDA1iTfwWlx5JqpVq4J5Jn3sy3xaBW9l5VtzYolmHiOo3ehci6VPO
ThC56VdVo7m9Pje7h5aIDs8UwaDu/gShqownwjAiQQftocQZFxWl5cCJ2QzTzMJ7
T9Q6+AhgL5KXmB/1J2B0yvC597LI81lwge0qaKaGl3+MZdzvb+ArgpDZ6d9YiWGE
yaobqh0NQyIqCsrN+cZFVnaDcBgKFhTcINLezFi5IriBS8d2bSg=
-----END CERTIFICATE-----
Generated at Sun Nov 17 23:31:29 2024 by rpki-client on console-ams.rpki-client.org