Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/uplift/RqNwfmFlQF5vDIvYWpQzzZhsPdI.roa
File: RqNwfmFlQF5vDIvYWpQzzZhsPdI.roa (raw, json)
Hash identifier: SvZnjlwT0r4aP51/zw6nJ4tenQX1Z2gj1o5Tke/l5ss=
Subject key identifier: 46:A3:70:7E:61:65:40:5E:6F:0C:8B:D8:5A:94:33:CD:98:6C:3D:D2
Certificate issuer: /CN=2017cc580d273c54ba3064cd2cd6af39b804b887
Certificate serial: 148F
Authority key identifier: 20:17:CC:58:0D:27:3C:54:BA:30:64:CD:2C:D6:AF:39:B8:04:B8:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IBfMWA0nPFS6MGTNLNavObgEuIc.cer
Subject info access: rsync://chloe.sobornost.net/rpki/uplift/RqNwfmFlQF5vDIvYWpQzzZhsPdI.roa
Signing time: Thu 07 Dec 2023 16:45:39 +0000
ROA not before: Thu 07 Dec 2023 16:45:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15562
IP address blocks: 2001:67c:2938::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5263 (0x148f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2017cc580d273c54ba3064cd2cd6af39b804b887
Validity
Not Before: Dec 7 16:45:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46A3707E6165405E6F0C8BD85A9433CD986C3DD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:db:40:2e:82:9b:d5:d5:5b:91:e6:0e:b6:d1:
04:67:5a:25:3c:82:a8:eb:0d:ab:9d:1c:2f:c8:95:
f3:5b:05:38:40:3e:39:8c:7f:43:0f:de:d8:0a:a7:
af:7f:50:b2:62:1d:d8:d7:39:cc:fd:b8:d6:bb:15:
d2:42:53:4d:27:1a:30:db:88:95:41:33:b0:15:e7:
bd:98:c9:fd:65:18:fb:8a:04:b6:27:f4:7b:b1:24:
21:6c:b6:77:fd:16:41:6c:00:c7:36:52:a9:62:00:
b9:99:6f:c9:50:fe:b9:68:07:f1:1d:32:66:3c:dd:
01:ce:42:49:30:97:20:53:8a:6b:89:e0:55:91:1f:
65:47:28:7a:74:67:b7:3a:8a:40:7e:00:f6:30:04:
b6:ef:95:ed:3a:60:24:ab:29:87:a7:94:8f:ce:92:
9e:6b:38:1d:16:1a:2e:35:28:32:6f:6c:ce:36:c7:
01:a9:69:08:dd:29:eb:bf:3d:82:e6:f2:f3:9a:a1:
df:27:5c:17:59:6c:37:ba:fc:fa:89:ed:37:cc:62:
df:47:8c:6b:d3:71:4f:73:b0:c6:74:7f:65:f2:2c:
14:38:d3:5c:2d:81:6e:1f:51:36:cf:0c:16:99:04:
11:80:06:6f:54:b4:40:66:b4:76:69:34:14:1f:da:
09:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A3:70:7E:61:65:40:5E:6F:0C:8B:D8:5A:94:33:CD:98:6C:3D:D2
X509v3 Authority Key Identifier:
keyid:20:17:CC:58:0D:27:3C:54:BA:30:64:CD:2C:D6:AF:39:B8:04:B8:87
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/uplift/IBfMWA0nPFS6MGTNLNavObgEuIc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IBfMWA0nPFS6MGTNLNavObgEuIc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/uplift/RqNwfmFlQF5vDIvYWpQzzZhsPdI.roa
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2938::/48
Signature Algorithm: sha256WithRSAEncryption
52:52:29:44:72:48:4c:01:a8:08:0d:4a:96:f1:05:8b:40:6e:
e9:14:85:69:9f:b8:6c:ff:32:71:5c:d5:12:c0:36:ca:d5:93:
18:ff:19:27:3d:ac:74:c3:64:07:8b:df:10:c1:38:e1:50:e8:
19:0d:6f:a5:7b:2c:03:9a:d0:ac:bd:03:1f:87:95:44:13:15:
7b:05:9f:3f:aa:a2:ca:3e:7e:04:38:5a:e8:79:0d:9d:d0:07:
e8:b4:76:a3:dc:1d:fc:ec:1e:a8:1c:11:8c:ae:b5:69:d3:62:
6e:e6:b9:2b:2b:ba:cd:48:2e:42:1f:69:06:91:e4:f0:ab:bf:
be:be:3d:91:ab:ad:71:7e:3e:c5:84:06:a7:02:e4:c1:08:a3:
2d:d2:72:ea:4a:f3:41:4a:87:e3:6a:7b:70:9f:d1:3b:49:1c:
1d:ae:a9:fd:15:8f:d0:af:74:22:99:c2:c5:1c:cf:0e:72:81:
b4:d0:cb:71:d8:bc:09:5f:32:a9:00:9c:80:d3:a9:b5:3e:21:
98:33:4c:45:69:f9:b1:27:7f:a0:3b:df:03:ee:d8:c3:3c:5d:
ec:5a:ce:8b:c8:6d:05:a1:35:78:7e:10:4d:44:74:59:d0:d1:
d4:1e:1a:05:78:46:33:25:ba:7b:9b:4a:f8:50:f2:24:3d:9f:
9e:04:d2:76
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgICFI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjAx
N2NjNTgwZDI3M2M1NGJhMzA2NGNkMmNkNmFmMzliODA0Yjg4NzAeFw0yMzEyMDcx
NjQ1MzlaFw0yNDA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ2QTM3MDdFNjE2NTQw
NUU2RjBDOEJEODVBOTQzM0NEOTg2QzNERDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn20AugpvV1VuR5g620QRnWiU8gqjrDaudHC/IlfNbBThAPjmM
f0MP3tgKp69/ULJiHdjXOcz9uNa7FdJCU00nGjDbiJVBM7AV572Yyf1lGPuKBLYn
9HuxJCFstnf9FkFsAMc2UqliALmZb8lQ/rloB/EdMmY83QHOQkkwlyBTimuJ4FWR
H2VHKHp0Z7c6ikB+APYwBLbvle06YCSrKYenlI/Okp5rOB0WGi41KDJvbM42xwGp
aQjdKeu/PYLm8vOaod8nXBdZbDe6/PqJ7TfMYt9HjGvTcU9zsMZ0f2XyLBQ401wt
gW4fUTbPDBaZBBGABm9UtEBmtHZpNBQf2gmdAgMBAAGjggG3MIIBszAdBgNVHQ4E
FgQURqNwfmFlQF5vDIvYWpQzzZhsPdIwHwYDVR0jBBgwFoAUIBfMWA0nPFS6MGTN
LNavObgEuIcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBYBgNVHR8EUTBPME2g
S6BJhkdyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS91cGxpZnQvSUJm
TVdBMG5QRlM2TUdUTkxOYXZPYmdFdUljLmNybDBkBggrBgEFBQcBAQRYMFYwVAYI
KwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFV
TFQvSUJmTVdBMG5QRlM2TUdUTkxOYXZPYmdFdUljLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwYwYIKwYBBQUHAQsEVzBVMFMGCCsGAQUFBzALhkdyc3luYzovL2NobG9lLnNv
Ym9ybm9zdC5uZXQvcnBraS91cGxpZnQvUnFOd2ZtRmxRRjV2REl2WVdwUXp6Wmhz
UGRJLnJvYTAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwpODANBgkq
hkiG9w0BAQsFAAOCAQEAUlIpRHJITAGoCA1KlvEFi0Bu6RSFaZ+4bP8ycVzVEsA2
ytWTGP8ZJz2sdMNkB4vfEME44VDoGQ1vpXssA5rQrL0DH4eVRBMVewWfP6qiyj5+
BDha6HkNndAH6LR2o9wd/OweqBwRjK61adNibua5Kyu6zUguQh9pBpHk8Ku/vr49
kautcX4+xYQGpwLkwQijLdJy6krzQUqH42p7cJ/RO0kcHa6p/RWP0K90IpnCxRzP
DnKBtNDLcdi8CV8yqQCcgNOptT4hmDNMRWn5sSd/oDvfA+7Ywzxd7FrOi8htBaE1
eH4QTUR0WdDR1B4aBXhGMyW6e5tK+FDyJD2fngTSdg==
-----END CERTIFICATE-----
Generated at Thu Dec 7 17:47:09 2023 by rpki-client on console-fra.rpki-client.org