Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/qHMKA8CNuKTc1bpmsoo2ZilRIIM.roa
File: qHMKA8CNuKTc1bpmsoo2ZilRIIM.roa (raw, json)
Hash identifier: iY+/6P2wDNmUEXr7/aFc9BQOlVvPDy6uK6UQomeujEM=
Subject key identifier: A8:73:0A:03:C0:8D:B8:A4:DC:D5:BA:66:B2:8A:36:66:29:51:20:83
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08B0
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qHMKA8CNuKTc1bpmsoo2ZilRIIM.roa
Signing time: Sun 13 Oct 2024 07:55:03 +0000
ROA not before: Sun 13 Oct 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Oct 2024 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2224 (0x8b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 13 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A8730A03C08DB8A4DCD5BA66B28A366629512083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5e:d5:fe:55:a0:e9:55:5b:e9:37:97:35:3f:
11:03:47:7f:aa:64:68:54:b5:02:98:9e:8d:00:07:
52:a1:e1:f1:f0:1a:61:bc:64:8a:f0:0a:8c:52:b9:
0f:fd:16:ec:5b:f6:32:9f:25:56:3d:ac:11:67:39:
12:b8:e8:88:0d:23:d7:b6:97:e5:e7:cd:04:c9:39:
17:b7:0f:b3:91:fd:f0:a5:3d:b9:e1:ab:3d:36:7e:
01:24:f2:f3:af:29:bc:20:6d:fc:d4:7d:b8:4c:e8:
c1:ad:f9:37:8e:2e:62:9c:ed:bf:4e:fa:72:fb:5e:
a8:25:54:55:6d:82:bc:0d:a9:38:06:a8:e5:a4:9b:
8a:10:e7:e9:af:41:93:a0:e6:9e:c8:5c:d0:66:f4:
3e:a8:fa:eb:8f:e0:1d:ee:bf:ca:ad:8c:ae:bb:eb:
ac:d0:ef:7b:50:61:2d:c9:b4:64:b0:cb:08:96:31:
75:b4:d9:f9:21:f3:20:b2:99:0a:fe:f7:f7:5f:ae:
9e:3c:13:ad:42:bc:1b:e4:89:6c:59:75:ff:e3:bc:
20:26:98:b2:7f:40:7c:fd:c4:e5:dd:55:c9:6e:78:
fd:0c:39:a6:1f:c3:be:5c:77:a3:0e:a1:51:73:c7:
fa:fa:85:2b:aa:a7:3d:04:5a:3e:38:cf:b0:e2:01:
39:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:73:0A:03:C0:8D:B8:A4:DC:D5:BA:66:B2:8A:36:66:29:51:20:83
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qHMKA8CNuKTc1bpmsoo2ZilRIIM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
69:1e:6d:e9:7f:b6:c0:f8:07:2d:e1:81:af:b8:12:f0:03:bc:
5e:bf:e0:2e:16:77:2f:41:35:b9:e4:49:26:fe:4d:0c:88:59:
00:a8:3b:02:a7:9f:85:12:15:32:08:01:bb:47:bd:d1:44:99:
2f:08:85:2a:22:cc:21:29:de:47:93:5c:85:9c:6a:37:45:69:
c7:e0:70:29:68:2b:9e:bf:4e:8b:74:10:99:2e:44:e0:4a:4b:
5f:26:01:63:2e:78:a8:b3:c6:46:b6:91:cd:f2:15:dd:43:b4:
8f:70:f9:cc:08:57:e7:43:80:72:e1:dd:5b:26:6b:62:80:c3:
a3:de:62:b3:22:b5:ea:e6:45:b6:46:63:1c:a3:a2:68:6a:cb:
85:22:78:53:7e:c9:6a:29:a9:92:a6:81:52:6a:89:0b:22:65:
b4:13:ce:df:39:00:c8:31:e7:57:d1:64:ef:6e:cd:8a:c3:4a:
f0:ce:24:e8:c0:8f:08:8a:d8:94:0c:ad:d3:b7:de:a8:e4:83:
c3:38:f7:f2:86:5f:83:1f:aa:88:a2:91:1c:60:57:26:4e:47:
38:76:f1:14:17:d9:cb:c0:56:d3:e5:68:f3:d6:03:cf:4c:c7:
8c:81:ed:4a:3d:46:d7:96:3d:18:74:bf:04:9a:5a:7f:ca:fa:
2e:b5:fc:e7
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTMw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEE4NzMwQTAzQzA4REI4
QTREQ0Q1QkE2NkIyOEEzNjY2Mjk1MTIwODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJXtX+VaDpVVvpN5c1PxEDR3+qZGhUtQKYno0AB1Kh4fHwGmG8
ZIrwCoxSuQ/9Fuxb9jKfJVY9rBFnORK46IgNI9e2l+XnzQTJORe3D7OR/fClPbnh
qz02fgEk8vOvKbwgbfzUfbhM6MGt+TeOLmKc7b9O+nL7XqglVFVtgrwNqTgGqOWk
m4oQ5+mvQZOg5p7IXNBm9D6o+uuP4B3uv8qtjK6766zQ73tQYS3JtGSwywiWMXW0
2fkh8yCymQr+9/dfrp48E61CvBvkiWxZdf/jvCAmmLJ/QHz9xOXdVclueP0MOaYf
w75cd6MOoVFzx/r6hSuqpz0EWj44z7DiATmdAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUqHMKA8CNuKTc1bpmsoo2ZilRIIMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3FITUtBOENOdUtUYzFi
cG1zb28yWmlsUklJTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGkebel/tsD4By3hga+4EvADvF6/4C4Wdy9B
NbnkSSb+TQyIWQCoOwKnn4USFTIIAbtHvdFEmS8IhSoizCEp3keTXIWcajdFacfg
cCloK56/Tot0EJkuROBKS18mAWMueKizxka2kc3yFd1DtI9w+cwIV+dDgHLh3Vsm
a2KAw6PeYrMitermRbZGYxyjomhqy4UieFN+yWopqZKmgVJqiQsiZbQTzt85AMgx
51fRZO9uzYrDSvDOJOjAjwiK2JQMrdO33qjkg8M49/KGX4MfqoiikRxgVyZORzh2
8RQX2cvAVtPlaPPWA89Mx4yB7Uo9RteWPRh0vwSaWn/K+i61/Oc=
-----END CERTIFICATE-----
Generated at Sun Oct 13 16:46:24 2024 by rpki-client on console-ams.rpki-client.org