Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/qVbepZLYZzwTvv3RVUxt93OQ_Ac.roa
File: qVbepZLYZzwTvv3RVUxt93OQ_Ac.roa (raw, json)
Hash identifier: VJnDns6aD/+j6/w7TZjbduZxl3NIK3p25qXzdooUbNM=
Subject key identifier: A9:56:DE:A5:92:D8:67:3C:13:BE:FD:D1:55:4C:6D:F7:73:90:FC:07
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 31
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qVbepZLYZzwTvv3RVUxt93OQ_Ac.roa
Signing time: Wed 14 Feb 2024 15:55:04 +0000
ROA not before: Wed 14 Feb 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49 (0x31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 14 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A956DEA592D8673C13BEFDD1554C6DF77390FC07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:75:2c:31:9a:d6:3f:54:b3:dd:0d:58:1d:
b3:b5:d1:32:d4:37:83:1c:5a:d6:4a:44:b8:07:d0:
e7:86:23:b2:33:74:19:f6:a2:ef:85:54:c6:30:c8:
d4:fd:e3:d0:d1:6a:25:5d:84:6e:53:0e:c4:37:9c:
e8:cd:23:78:9e:3f:bb:55:9a:41:2c:26:4b:64:de:
ea:4b:c1:be:41:3f:6b:d9:4c:7e:1a:24:d4:3d:67:
59:2f:2c:9b:2d:0a:93:b6:21:da:7c:ae:08:41:0c:
d0:c5:63:f2:ec:7b:03:67:9b:4a:48:1f:a0:3a:72:
ce:c3:8f:6d:8b:55:78:0d:d7:f7:50:16:23:c4:ab:
a5:49:a6:fb:43:16:6f:2e:1f:27:d8:2b:3e:22:16:
16:cf:b9:63:6e:dc:43:a0:5c:3e:89:3c:9b:e8:ee:
2a:bb:10:a7:ea:b8:18:0e:d6:9c:8c:ce:cc:c1:07:
cf:60:3f:cf:b8:33:82:08:0a:1f:8d:c0:4c:50:42:
39:92:50:d4:93:93:45:c7:a7:3f:3e:db:94:9b:60:
fd:05:7f:ad:eb:ff:db:ea:e2:fa:98:d4:88:9b:65:
f1:85:1f:cb:92:67:1b:76:d7:16:d8:8e:8f:12:f5:
50:f6:1e:76:43:1c:63:a9:28:26:0b:9c:26:4c:89:
be:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:56:DE:A5:92:D8:67:3C:13:BE:FD:D1:55:4C:6D:F7:73:90:FC:07
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qVbepZLYZzwTvv3RVUxt93OQ_Ac.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
67:5a:30:e1:09:d0:2d:d8:a4:f5:86:87:65:2b:9a:2d:4a:10:
3a:14:cd:ae:f5:65:83:20:33:51:c0:15:80:c5:2e:0b:a4:d0:
71:29:14:83:da:2f:19:9b:a6:7d:d7:5c:3d:15:fc:a0:bf:00:
07:61:46:8a:08:6e:ad:62:02:9f:bb:b9:e3:d5:95:e7:e3:d3:
fd:90:b0:02:b9:c5:7c:9b:a3:21:3d:e7:aa:ff:34:6a:80:44:
bd:5b:35:6c:0b:bd:53:f2:98:53:34:59:12:49:12:9f:5f:14:
5d:2f:02:ed:b6:32:41:67:5b:85:ba:4c:ff:f4:03:bb:bb:aa:
e2:67:00:50:42:e1:06:8c:91:4e:81:79:8c:40:ce:6a:20:bb:
37:e6:84:6b:7f:16:b0:a1:5d:be:06:23:89:89:79:e1:cb:b4:
8c:a8:04:dd:ba:da:4e:45:02:b3:67:2d:21:79:e6:a9:85:c7:
72:91:39:21:eb:50:61:0b:6a:bb:77:75:9c:ec:ca:96:5e:5f:
16:d6:48:b5:78:ca:50:b2:03:cf:94:91:47:5f:a1:08:88:64:
bf:96:b2:d9:e6:fa:9b:33:e0:fd:55:75:c8:de:14:53:36:77:
0e:33:da:41:df:ea:c5:10:4e:be:3c:8b:9c:73:e7:48:0d:25:
d8:7d:71:0f
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNDE1
NTUwNFoXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoQTk1NkRFQTU5MkQ4Njcz
QzEzQkVGREQxNTU0QzZERjc3MzkwRkMwNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJp+dSwxmtY/VLPdDVgds7XRMtQ3gxxa1kpEuAfQ54YjsjN0Gfai
74VUxjDI1P3j0NFqJV2EblMOxDec6M0jeJ4/u1WaQSwmS2Te6kvBvkE/a9lMfhok
1D1nWS8smy0Kk7Yh2nyuCEEM0MVj8ux7A2ebSkgfoDpyzsOPbYtVeA3X91AWI8Sr
pUmm+0MWby4fJ9grPiIWFs+5Y27cQ6BcPok8m+juKrsQp+q4GA7WnIzOzMEHz2A/
z7gzgggKH43ATFBCOZJQ1JOTRcenPz7blJtg/QV/rev/2+ri+pjUiJtl8YUfy5Jn
G3bXFtiOjxL1UPYedkMcY6koJgucJkyJvpUCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSpVt6lkthnPBO+/dFVTG33c5D8BzAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvcVZiZXBaTFlaendUdnYz
UlZVeHQ5M09RX0FjLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAZ1ow4QnQLdik9YaHZSuaLUoQOhTNrvVlgyAz
UcAVgMUuC6TQcSkUg9ovGZumfddcPRX8oL8AB2FGighurWICn7u549WV5+PT/ZCw
ArnFfJujIT3nqv80aoBEvVs1bAu9U/KYUzRZEkkSn18UXS8C7bYyQWdbhbpM//QD
u7uq4mcAUELhBoyRToF5jEDOaiC7N+aEa38WsKFdvgYjiYl54cu0jKgE3braTkUC
s2ctIXnmqYXHcpE5IetQYQtqu3d1nOzKll5fFtZItXjKULIDz5SRR1+hCIhkv5ay
2eb6mzPg/VV1yN4UUzZ3DjPaQd/qxRBOvjyLnHPnSA0l2H1xDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org