Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/uplift/me3K6Q4Bm-Qu6PhL0qEOjnLgvcg.roa
File: me3K6Q4Bm-Qu6PhL0qEOjnLgvcg.roa (raw, json)
Hash identifier: iWW6RUbnMV3qw3dwOPIw9ltYfGW/9UW0Jcd42vtqXoc=
Subject key identifier: 99:ED:CA:E9:0E:01:9B:E4:2E:E8:F8:4B:D2:A1:0E:8E:72:E0:BD:C8
Certificate issuer: /CN=dc9ecb0fb71020496e3bc2240dd29e4208c1ea28
Certificate serial: 1E
Authority key identifier: DC:9E:CB:0F:B7:10:20:49:6E:3B:C2:24:0D:D2:9E:42:08:C1:EA:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3J7LD7cQIEluO8IkDdKeQgjB6ig.cer
Subject info access: rsync://chloe.sobornost.net/rpki/uplift/me3K6Q4Bm-Qu6PhL0qEOjnLgvcg.roa
Signing time: Sun 11 Feb 2024 14:16:29 +0000
ROA not before: Sun 11 Feb 2024 14:16:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1880
IP address blocks: 2001:67c:2938::/48 maxlen: 48
Validation: OK
Signature path: rsync://chloe.sobornost.net/rpki/uplift/3J7LD7cQIEluO8IkDdKeQgjB6ig.crl
rsync://chloe.sobornost.net/rpki/uplift/3J7LD7cQIEluO8IkDdKeQgjB6ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/3J7LD7cQIEluO8IkDdKeQgjB6ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc9ecb0fb71020496e3bc2240dd29e4208c1ea28
Validity
Not Before: Feb 11 14:16:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99EDCAE90E019BE42EE8F84BD2A10E8E72E0BDC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:15:92:25:a4:aa:a8:55:fb:74:ab:dc:0a:42:
ba:21:54:66:18:dc:98:3b:a5:e2:df:93:76:73:0d:
7e:ba:2f:41:e0:5b:52:64:38:52:06:b3:e9:6f:e2:
0a:c9:17:62:f7:a8:0f:80:9c:dc:7c:8d:85:32:86:
7c:b9:c5:aa:b4:9e:39:64:48:88:02:be:7b:76:80:
13:5c:ad:42:c0:69:8e:89:13:c7:eb:6a:dc:1d:4c:
40:f9:a6:4a:9e:b2:be:3b:54:2f:10:ef:26:cc:31:
94:de:8b:57:28:70:0f:dd:45:e8:6f:b9:6e:79:9c:
f0:03:f1:cf:13:5c:a6:bb:57:24:da:cf:df:56:ea:
b1:69:8e:b4:3d:02:af:47:f4:07:25:0a:e7:a6:4a:
da:b6:7b:8c:a9:11:02:8f:cd:6d:7d:2d:23:3b:a3:
68:22:bd:20:f1:e4:ba:e4:e3:a1:10:d6:12:e9:53:
ac:84:99:fd:ba:61:69:c9:16:21:ba:ad:47:bc:11:
a1:d2:0a:bf:e4:99:99:d7:03:3f:87:f2:93:12:8e:
71:65:db:76:a2:15:3c:fc:be:1e:75:d7:fe:95:89:
b5:8d:1c:1b:2b:9f:6a:d1:a6:92:7c:31:de:92:b6:
5c:2e:42:c3:6f:0e:ed:ee:20:06:39:3b:3b:3e:2b:
ec:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:ED:CA:E9:0E:01:9B:E4:2E:E8:F8:4B:D2:A1:0E:8E:72:E0:BD:C8
X509v3 Authority Key Identifier:
keyid:DC:9E:CB:0F:B7:10:20:49:6E:3B:C2:24:0D:D2:9E:42:08:C1:EA:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/uplift/3J7LD7cQIEluO8IkDdKeQgjB6ig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3J7LD7cQIEluO8IkDdKeQgjB6ig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/uplift/me3K6Q4Bm-Qu6PhL0qEOjnLgvcg.roa
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2938::/48
Signature Algorithm: sha256WithRSAEncryption
22:fe:21:43:b6:21:03:c5:a1:ec:a7:49:59:67:46:08:55:5f:
c9:64:97:21:0e:d1:e6:a2:19:0e:77:df:f3:a1:71:46:cb:b0:
12:6f:e8:bd:69:d1:98:11:97:02:ce:b6:0a:9d:3a:7c:4e:49:
0c:43:c7:91:49:f2:2d:dd:a3:6b:e8:fc:3b:19:96:1c:ae:15:
90:f8:e3:f0:84:fb:ba:49:03:1a:5d:35:bd:7f:9f:7e:c1:e9:
a3:72:46:03:58:b0:7d:8f:75:bc:16:cb:59:53:77:d1:ea:43:
79:e4:d8:91:e5:2d:ab:16:80:4e:79:df:32:d4:a0:d1:b3:60:
41:0b:72:09:a9:14:c1:ee:f8:3c:c3:4f:8b:96:35:d3:e4:bf:
95:ff:b4:69:62:ad:de:e6:fd:09:a9:2b:84:2d:c0:b5:da:6c:
6a:c1:23:e2:4f:d4:d4:5e:c6:07:48:65:9f:83:51:19:85:fe:
a4:b4:8f:1b:28:9b:9f:3f:ce:6c:ca:72:ce:08:f8:ec:96:7d:
b7:fa:75:33:9d:c6:8e:56:5c:f8:3e:5d:87:1c:f6:59:14:10:
97:c7:df:2f:2c:e6:ea:cd:2f:17:68:be:6d:82:e8:30:2c:e1:
f2:4b:ae:4a:43:48:dc:01:a8:98:8e:02:a8:6f:c0:54:ea:2f:
77:da:5f:00
-----BEGIN CERTIFICATE-----
MIIEmjCCA4KgAwIBAgIBHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhkYzll
Y2IwZmI3MTAyMDQ5NmUzYmMyMjQwZGQyOWU0MjA4YzFlYTI4MB4XDTI0MDIxMTE0
MTYyOVoXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlFRENBRTkwRTAxOUJF
NDJFRThGODRCRDJBMTBFOEU3MkUwQkRDODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPYVkiWkqqhV+3Sr3ApCuiFUZhjcmDul4t+TdnMNfrovQeBbUmQ4
Ugaz6W/iCskXYveoD4Cc3HyNhTKGfLnFqrSeOWRIiAK+e3aAE1ytQsBpjokTx+tq
3B1MQPmmSp6yvjtULxDvJswxlN6LVyhwD91F6G+5bnmc8APxzxNcprtXJNrP31bq
sWmOtD0Cr0f0ByUK56ZK2rZ7jKkRAo/NbX0tIzujaCK9IPHkuuTjoRDWEulTrISZ
/bphackWIbqtR7wRodIKv+SZmdcDP4fykxKOcWXbdqIVPPy+HnXX/pWJtY0cGyuf
atGmknwx3pK2XC5Cw28O7e4gBjk7Oz4r7MkCAwEAAaOCAbcwggGzMB0GA1UdDgQW
BBSZ7crpDgGb5C7o+EvSoQ6OcuC9yDAfBgNVHSMEGDAWgBTcnssPtxAgSW47wiQN
0p5CCMHqKDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFgGA1UdHwRRME8wTaBL
oEmGR3JzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL3VwbGlmdC8zSjdM
RDdjUUlFbHVPOElrRGRLZVFnakI2aWcuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC8zSjdMRDdjUUlFbHVPOElrRGRLZVFnakI2aWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDBjBggrBgEFBQcBCwRXMFUwUwYIKwYBBQUHMAuGR3JzeW5jOi8vY2hsb2Uuc29i
b3Jub3N0Lm5ldC9ycGtpL3VwbGlmdC9tZTNLNlE0Qm0tUXU2UGhMMHFFT2puTGd2
Y2cucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCk4MA0GCSqG
SIb3DQEBCwUAA4IBAQAi/iFDtiEDxaHsp0lZZ0YIVV/JZJchDtHmohkOd9/zoXFG
y7ASb+i9adGYEZcCzrYKnTp8TkkMQ8eRSfIt3aNr6Pw7GZYcrhWQ+OPwhPu6SQMa
XTW9f59+wemjckYDWLB9j3W8FstZU3fR6kN55NiR5S2rFoBOed8y1KDRs2BBC3IJ
qRTB7vg8w0+LljXT5L+V/7RpYq3e5v0JqSuELcC12mxqwSPiT9TUXsYHSGWfg1EZ
hf6ktI8bKJufP85synLOCPjsln23+nUzncaOVlz4Pl2HHPZZFBCXx98vLObqzS8X
aL5tgugwLOHyS65KQ0jcAaiYjgKob8BU6i932l8A
-----END CERTIFICATE-----
Generated at Sat May 4 14:41:13 2024 by rpki-client on console-fra.rpki-client.org