Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/qTwJkp0exxIEEj60j0cCvGp0T0I.roa
File: qTwJkp0exxIEEj60j0cCvGp0T0I.roa (raw, json)
Hash identifier: RJ+1L9PxOs/20GXNzWTma+k+sO9rgyp8vTw8ljpLRcs=
Subject key identifier: A9:3C:09:92:9D:1E:C7:12:04:12:3E:B4:8F:47:02:BC:6A:74:4F:42
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0145
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qTwJkp0exxIEEj60j0cCvGp0T0I.roa
Signing time: Sat 16 Mar 2024 07:55:03 +0000
ROA not before: Sat 16 Mar 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325 (0x145)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 16 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A93C09929D1EC71204123EB48F4702BC6A744F42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:d5:f7:89:55:36:86:df:ac:f5:a6:99:31:
f0:18:ce:53:a0:3a:1e:7a:c8:03:06:a3:0a:c2:59:
ca:21:4d:73:e5:9b:f9:27:24:4b:e2:6c:53:78:03:
05:ab:e9:3d:f2:1c:70:38:f3:6c:47:d5:c1:70:25:
16:e7:31:d2:e8:04:ae:65:4d:f3:4b:86:ed:01:e0:
c8:3f:d0:db:d0:88:58:30:e4:6a:95:3a:73:da:31:
3e:a3:a1:de:77:9d:49:fb:d6:61:de:98:b4:da:ea:
c8:1e:99:03:c3:1a:cf:19:99:74:c4:58:1e:38:a8:
ae:8a:75:b8:3d:a1:c2:7b:b6:de:6d:f9:86:b0:c9:
eb:f7:d2:b3:4a:56:fd:04:b7:d1:0e:96:f3:2f:5f:
3f:5e:ac:8d:79:e3:f1:e7:6c:c6:bb:f6:74:07:d8:
5e:28:24:fe:ad:b3:11:d7:55:4c:14:06:32:89:2c:
84:06:b7:22:17:c8:8a:f0:da:19:c0:e5:51:95:87:
ac:7c:4d:e6:5b:c7:53:8d:d0:1d:1c:9d:79:ad:ca:
88:6a:b6:dc:40:01:f9:1f:10:cb:89:75:7b:50:66:
2a:f4:f4:b6:13:8b:95:20:67:dc:74:73:e2:b6:b2:
20:1b:09:a9:02:e4:65:01:42:9d:34:97:70:35:c8:
24:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3C:09:92:9D:1E:C7:12:04:12:3E:B4:8F:47:02:BC:6A:74:4F:42
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qTwJkp0exxIEEj60j0cCvGp0T0I.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:3f:4a:28:9a:50:7e:dc:a2:ce:4e:af:d4:0e:9e:fe:de:af:
a6:26:b5:d5:64:b7:f8:23:fd:3c:8f:01:2a:d1:58:eb:97:e7:
cd:2b:19:4d:17:78:de:b6:68:e7:ce:42:eb:72:0a:e9:bf:0a:
5d:a8:f8:d1:30:6a:d4:68:33:90:b7:42:a5:38:c4:17:47:06:
eb:e1:3c:df:af:d5:6a:0b:1e:30:e9:f0:b1:96:15:99:19:35:
24:02:79:cc:7c:57:f1:df:a3:76:b5:70:e7:1b:37:e4:1c:00:
e2:71:67:fb:8a:ed:88:67:31:a7:b7:a2:0f:6d:f8:81:d3:6e:
56:4d:c9:09:9f:b8:f9:9e:37:13:f1:9e:fb:ad:5d:6f:7d:51:
ec:6d:56:9a:d4:db:58:18:e4:5e:84:ba:3b:a8:94:b0:4b:79:
7f:db:74:16:21:e6:f6:e2:08:e2:8d:7f:44:6a:77:fc:e1:3c:
3b:4a:b8:a0:f8:dc:31:a8:11:e7:0c:39:4a:52:8b:c5:73:3e:
f0:30:9b:1f:68:7b:e9:a8:ad:7f:87:5d:3e:ca:61:31:2f:ce:
14:bd:cd:f3:11:1c:4a:96:ed:76:b9:2b:48:55:97:7b:a7:af:
44:a1:bd:65:a6:5b:2a:8d:1a:23:ce:c8:c2:14:b9:e9:6d:41:
43:06:ce:26
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTYw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEE5M0MwOTkyOUQxRUM3
MTIwNDEyM0VCNDhGNDcwMkJDNkE3NDRGNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3PdX3iVU2ht+s9aaZMfAYzlOgOh56yAMGowrCWcohTXPlm/kn
JEvibFN4AwWr6T3yHHA482xH1cFwJRbnMdLoBK5lTfNLhu0B4Mg/0NvQiFgw5GqV
OnPaMT6jod53nUn71mHemLTa6sgemQPDGs8ZmXTEWB44qK6Kdbg9ocJ7tt5t+Yaw
yev30rNKVv0Et9EOlvMvXz9erI154/HnbMa79nQH2F4oJP6tsxHXVUwUBjKJLIQG
tyIXyIrw2hnA5VGVh6x8TeZbx1ON0B0cnXmtyohqttxAAfkfEMuJdXtQZir09LYT
i5UgZ9x0c+K2siAbCakC5GUBQp00l3A1yCSBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUqTwJkp0exxIEEj60j0cCvGp0T0IwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3FUd0prcDBleHhJRUVq
NjBqMGNDdkdwMFQwSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALc/SiiaUH7cos5Or9QOnv7er6YmtdVkt/gj
/TyPASrRWOuX580rGU0XeN62aOfOQutyCum/Cl2o+NEwatRoM5C3QqU4xBdHBuvh
PN+v1WoLHjDp8LGWFZkZNSQCecx8V/Hfo3a1cOcbN+QcAOJxZ/uK7YhnMae3og9t
+IHTblZNyQmfuPmeNxPxnvutXW99UextVprU21gY5F6EujuolLBLeX/bdBYh5vbi
COKNf0Rqd/zhPDtKuKD43DGoEecMOUpSi8VzPvAwmx9oe+morX+HXT7KYTEvzhS9
zfMRHEqW7Xa5K0hVl3unr0ShvWWmWyqNGiPOyMIUueltQUMGziY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org