Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/XJFd_PEkznhJOaK2so0KTvAKnwc.roa
File: XJFd_PEkznhJOaK2so0KTvAKnwc.roa (raw, json)
Hash identifier: AVcsgWAmplOnkh2VBI1wkU6iIaS+59V9MpsZ0nxdNVA=
Subject key identifier: 5C:91:5D:FC:F1:24:CE:78:49:39:A2:B6:B2:8D:0A:4E:F0:0A:9F:07
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: 01CA05
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/XJFd_PEkznhJOaK2so0KTvAKnwc.roa
Signing time: Tue 22 Oct 2024 13:32:09 +0000
ROA not before: Tue 22 Oct 2024 13:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0e:b240::/29 maxlen: 29
Validation: OK
Signature path: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 20:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117253 (0x1ca05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Oct 22 13:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5C915DFCF124CE784939A2B6B28D0A4EF00A9F07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:40:13:5b:af:1e:f5:6a:4e:f1:dc:54:88:52:
61:a8:27:c7:f4:b8:53:e7:e7:e8:7b:fa:9f:a7:10:
21:41:30:6d:cf:15:a1:c8:c2:d0:66:77:19:17:24:
db:3a:8f:6d:1c:39:a1:45:41:d7:e1:85:88:a9:21:
0c:84:0b:cf:88:be:44:6e:2d:50:12:7f:fa:b0:8d:
0b:fd:63:fc:4d:71:26:77:d9:df:4b:73:dc:a0:3e:
ad:fb:ab:f5:25:e2:85:aa:a5:65:21:b4:70:2c:e4:
e0:a6:5f:8a:9f:f3:f4:be:2d:90:3d:49:b7:5f:f7:
70:a9:5b:38:5f:91:f0:e7:bf:fa:07:e4:3c:8c:f0:
c9:5a:7c:5e:2f:61:53:6b:85:d7:50:5f:83:50:23:
2d:79:40:fe:b1:c9:a3:38:bf:0e:56:fb:53:16:fd:
44:bb:a4:8a:ed:d4:c9:ce:b9:13:c7:db:78:92:52:
48:75:ef:ea:00:1c:2b:06:47:37:66:15:02:45:42:
ae:55:63:f3:1f:a1:02:70:f3:26:77:9c:f4:a8:dc:
82:ff:97:39:32:65:d1:00:80:9c:2b:3c:7a:28:3f:
32:80:ad:22:f7:9d:08:a5:35:45:70:04:9c:63:fb:
d4:8f:da:23:a2:cc:da:bc:4e:27:4d:47:ff:e2:52:
c9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:91:5D:FC:F1:24:CE:78:49:39:A2:B6:B2:8D:0A:4E:F0:0A:9F:07
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/XJFd_PEkznhJOaK2so0KTvAKnwc.roa
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b240::/29
Signature Algorithm: sha256WithRSAEncryption
10:fa:9b:06:a8:73:8e:ce:db:53:31:f5:8a:38:68:fc:fd:ff:
54:52:3a:1b:6b:30:c3:84:f8:16:dc:a4:13:f9:5a:8b:3b:6a:
98:51:99:2d:eb:71:5a:c9:79:ce:8f:78:e5:2c:78:40:bb:ab:
14:d6:dd:02:e5:e9:14:a7:5b:4d:15:d7:de:ad:9f:9b:71:05:
ac:21:51:8f:26:12:59:b2:6c:68:30:14:b0:19:7c:65:cc:0d:
b0:90:c1:84:1f:bd:d1:a6:bf:77:85:80:c8:31:34:4b:66:fa:
f5:73:96:47:43:b7:0f:d4:64:06:ff:4a:6b:fe:89:d0:40:0d:
de:35:02:a7:79:3d:f8:ea:c6:4d:ab:80:0a:0d:e5:79:59:1f:
b8:46:fe:bd:de:2a:82:73:f6:f4:92:bb:2e:2a:71:1a:c3:90:
b7:74:63:ed:40:e8:70:73:70:97:84:3f:52:5e:5a:38:e1:49:
a7:75:77:f7:94:85:8c:b3:f8:05:45:db:63:7d:ae:88:42:86:
4a:f6:30:01:d9:5c:a6:22:b0:29:e8:ea:2d:ad:98:f9:b0:5b:
da:aa:3b:b4:c8:1a:05:6d:e9:d8:05:54:75:66:e6:1e:fd:8d:
1b:7a:a4:09:80:0a:c1:62:c7:d1:d6:11:71:26:8d:66:45:47:
15:90:dd:47
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDAcoFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjQxMDIy
MTMzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1QzkxNURGQ0YxMjRD
RTc4NDkzOUEyQjZCMjhEMEE0RUYwMEE5RjA3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0kATW68e9WpO8dxUiFJhqCfH9LhT5+foe/qfpxAhQTBtzxWh
yMLQZncZFyTbOo9tHDmhRUHX4YWIqSEMhAvPiL5Ebi1QEn/6sI0L/WP8TXEmd9nf
S3PcoD6t+6v1JeKFqqVlIbRwLOTgpl+Kn/P0vi2QPUm3X/dwqVs4X5Hw57/6B+Q8
jPDJWnxeL2FTa4XXUF+DUCMteUD+scmjOL8OVvtTFv1Eu6SK7dTJzrkTx9t4klJI
de/qABwrBkc3ZhUCRUKuVWPzH6ECcPMmd5z0qNyC/5c5MmXRAICcKzx6KD8ygK0i
950IpTVFcAScY/vUj9ojoszavE4nTUf/4lLJXQIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFFyRXfzxJM54STmitrKNCk7wCp8HMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L1hKRmRfUEVrem5oSk9hSzJzbzBLVHZBS253Yy5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ+psGqHOOzttT
MfWKOGj8/f9UUjobazDDhPgW3KQT+VqLO2qYUZkt63FayXnOj3jlLHhAu6sU1t0C
5ekUp1tNFdferZ+bcQWsIVGPJhJZsmxoMBSwGXxlzA2wkMGEH73Rpr93hYDIMTRL
Zvr1c5ZHQ7cP1GQG/0pr/onQQA3eNQKneT346sZNq4AKDeV5WR+4Rv693iqCc/b0
krsuKnEaw5C3dGPtQOhwc3CXhD9SXlo44UmndXf3lIWMs/gFRdtjfa6IQoZK9jAB
2VymIrAp6OotrZj5sFvaqju0yBoFbenYBVR1ZuYe/Y0beqQJgArBYsfR1hFxJo1m
RUcVkN1H
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:23 2024 by rpki-client on console-ams.rpki-client.org