Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/qo-gvwCpnyggf7lZ8JYXmKHykf0.roa
File: qo-gvwCpnyggf7lZ8JYXmKHykf0.roa (raw, json)
Hash identifier: gB7HL2BGerLHOWYmRXv1j9c46fxrUnthEg7gIDyXmW8=
Subject key identifier: AA:8F:A0:BF:00:A9:9F:28:20:7F:B9:59:F0:96:17:98:A1:F2:91:FD
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 08CE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qo-gvwCpnyggf7lZ8JYXmKHykf0.roa
Signing time: Wed 16 Oct 2024 15:55:03 +0000
ROA not before: Wed 16 Oct 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254 (0x8ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 16 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=AA8FA0BF00A99F28207FB959F0961798A1F291FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:74:7a:91:61:2f:9a:11:29:ec:4f:bb:58:66:
e7:2c:d1:77:10:06:19:39:de:4a:0f:3f:e1:5c:ca:
85:39:a9:df:a2:b0:58:72:55:e7:d3:25:41:09:5c:
c2:15:1f:1b:f7:d6:6e:b6:b5:e0:f0:9c:5f:fc:e1:
63:46:84:ab:05:c5:d8:c0:84:2f:a0:9c:20:1b:41:
29:73:12:98:80:b5:e5:bc:d2:b7:dc:bc:56:4d:22:
1e:38:4f:7d:a6:84:e9:c4:28:44:02:38:4c:50:0a:
0c:9f:ef:2e:7d:72:7d:b5:08:ad:84:ca:22:cd:cc:
a3:77:b1:c6:e0:0a:bd:88:1f:21:d6:8b:b3:2d:f0:
a0:2d:8d:aa:f5:69:17:c5:2d:38:b1:7c:da:ef:68:
6a:40:b7:9f:e4:f4:4e:02:f2:f1:8f:9d:a4:c2:6b:
67:c4:e3:48:ce:45:06:7b:eb:08:04:7b:87:ba:a0:
d5:94:ed:14:28:d2:eb:a8:40:05:fc:f0:2d:77:0b:
42:d2:04:82:3e:ee:a8:f3:f7:58:9b:9e:fb:bf:be:
0d:59:63:36:3a:62:c8:d5:5d:5d:f5:6a:fa:2b:92:
ed:35:01:86:50:be:a9:5a:26:0c:34:a6:91:d7:12:
6b:5e:b3:f2:87:4d:41:74:5d:10:da:05:a5:22:c3:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8F:A0:BF:00:A9:9F:28:20:7F:B9:59:F0:96:17:98:A1:F2:91:FD
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qo-gvwCpnyggf7lZ8JYXmKHykf0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:e9:14:ea:2b:ea:7c:4b:bc:2a:64:75:ac:4e:ba:31:61:29:
56:56:0d:3e:52:f6:17:72:ef:4c:82:a3:f3:28:cd:b4:0e:08:
b7:aa:06:b4:9b:26:5d:a4:c1:5c:7a:6d:ae:ba:50:a9:42:86:
60:d6:e3:02:d8:de:44:72:db:5e:f2:13:db:c6:8a:e5:27:98:
35:d7:fc:0e:11:c9:ff:81:1a:d5:60:57:5c:9d:15:7b:ff:80:
1e:44:36:73:9c:3f:af:ad:fa:60:ab:a0:98:6a:63:4d:21:61:
ef:ad:98:ee:15:5d:b7:92:38:42:12:a5:35:9e:ea:c0:ff:16:
70:5a:a6:77:6b:07:71:8d:c4:19:1b:fd:ab:29:78:39:1b:5e:
4e:00:92:ce:f9:51:bd:89:62:6e:32:be:c1:40:fd:bb:7b:13:
cf:1a:79:cd:a0:0e:f9:6c:81:da:64:6b:88:45:f8:d1:a6:8d:
54:aa:11:57:26:e4:94:5d:cf:e7:94:98:07:22:8c:3f:39:73:
6c:88:c9:c9:b8:04:43:42:10:4a:cc:b6:41:63:c5:c4:07:12:
2f:af:7b:aa:ca:42:6f:c3:f9:0b:ca:a1:e1:37:4d:4e:bd:4a:
1d:b4:9d:4d:1a:a1:65:5b:ff:c6:f7:54:db:95:ef:ae:7c:a5:
68:75:6d:00
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCM4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMTYx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEFBOEZBMEJGMDBBOTlG
MjgyMDdGQjk1OUYwOTYxNzk4QTFGMjkxRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4dHqRYS+aESnsT7tYZucs0XcQBhk53koPP+FcyoU5qd+isFhy
VefTJUEJXMIVHxv31m62teDwnF/84WNGhKsFxdjAhC+gnCAbQSlzEpiAteW80rfc
vFZNIh44T32mhOnEKEQCOExQCgyf7y59cn21CK2EyiLNzKN3scbgCr2IHyHWi7Mt
8KAtjar1aRfFLTixfNrvaGpAt5/k9E4C8vGPnaTCa2fE40jORQZ76wgEe4e6oNWU
7RQo0uuoQAX88C13C0LSBII+7qjz91ibnvu/vg1ZYzY6YsjVXV31avorku01AYZQ
vqlaJgw0ppHXEmtes/KHTUF0XRDaBaUiw4DLAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUqo+gvwCpnyggf7lZ8JYXmKHykf0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3FvLWd2d0NwbnlnZ2Y3
bFo4SllYbUtIeWtmMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMrpFOor6nxLvCpkdaxOujFhKVZWDT5S9hdy
70yCo/MozbQOCLeqBrSbJl2kwVx6ba66UKlChmDW4wLY3kRy217yE9vGiuUnmDXX
/A4Ryf+BGtVgV1ydFXv/gB5ENnOcP6+t+mCroJhqY00hYe+tmO4VXbeSOEISpTWe
6sD/FnBapndrB3GNxBkb/aspeDkbXk4Aks75Ub2JYm4yvsFA/bt7E88aec2gDvls
gdpka4hF+NGmjVSqEVcm5JRdz+eUmAcijD85c2yIycm4BENCEErMtkFjxcQHEi+v
e6rKQm/D+QvKoeE3TU69Sh20nU0aoWVb/8b3VNuV7658pWh1bQA=
-----END CERTIFICATE-----
Generated at Wed Oct 16 23:10:06 2024 by rpki-client on console-ams.rpki-client.org