Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/-LBwDggILpyhijZM3mALCU6_uCM.roa
File: -LBwDggILpyhijZM3mALCU6_uCM.roa (raw, json)
Hash identifier: fSh3Z22FHlL1HjddO+D41Y2euiw1NmUk6P/qODM5CpM=
Subject key identifier: F8:B0:70:0E:08:08:2E:9C:A1:8A:36:4C:DE:60:0B:09:4E:BF:B8:23
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A2B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-LBwDggILpyhijZM3mALCU6_uCM.roa
Signing time: Sun 24 Nov 2024 07:55:02 +0000
ROA not before: Sun 24 Nov 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2603 (0xa2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 24 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=F8B0700E08082E9CA18A364CDE600B094EBFB823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9d:46:c7:8b:dc:8e:94:17:88:76:33:ea:27:
1f:b5:39:95:6e:68:bb:bc:2a:6a:a5:32:1b:8a:f1:
1e:b5:55:af:aa:0f:75:a4:c9:43:2a:9e:8f:4e:32:
2a:21:8a:f0:34:94:ca:23:5b:21:37:42:e2:f8:03:
8e:f8:cb:3f:a3:10:95:20:9d:24:8b:e5:23:bb:96:
70:71:84:23:04:3b:51:3c:fd:03:b9:95:bd:9f:64:
5a:23:36:ea:b3:dc:53:44:36:06:83:64:f2:4e:ce:
58:01:f9:ee:83:34:e7:f2:fd:96:a5:1d:20:7c:f9:
e3:d7:ad:29:19:22:ae:b7:bd:3d:61:37:be:8b:ed:
f8:30:14:dc:9d:e9:d1:e4:7c:a2:4d:9d:85:4d:fe:
78:3d:2f:36:71:70:2a:11:76:23:35:19:ba:f2:c9:
72:c0:55:8a:09:05:ba:f1:bf:e8:20:6d:2d:74:4f:
56:96:c8:e4:22:fd:fc:d0:c4:47:c2:16:cf:2d:08:
e5:cc:88:98:26:7e:dd:1b:f7:98:b3:25:1b:ac:57:
5b:94:46:cd:d9:ba:35:73:fa:b9:32:14:cb:09:23:
0f:f7:71:4e:39:62:4f:78:49:55:71:b0:63:c4:a5:
e0:e7:2e:77:4f:25:29:b4:54:00:58:30:73:d7:41:
ec:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B0:70:0E:08:08:2E:9C:A1:8A:36:4C:DE:60:0B:09:4E:BF:B8:23
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/-LBwDggILpyhijZM3mALCU6_uCM.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:41:2b:81:8e:9b:33:54:ad:93:22:c1:78:f6:af:37:4e:9a:
c5:4e:e4:70:c7:4f:b6:9e:90:a1:46:e3:72:4f:ac:ed:02:32:
7f:43:aa:0f:84:db:72:47:69:c3:80:70:c4:80:71:eb:2e:94:
5e:fd:c2:64:3a:13:9f:f4:6a:2c:28:2c:45:58:c2:dc:e6:57:
00:b3:4c:18:33:3b:4e:50:10:af:f6:37:5c:16:1e:1c:92:22:
3d:36:48:63:79:3e:8c:68:11:0c:05:b9:dc:b9:69:fb:3e:e0:
ed:bf:f3:3f:e5:11:70:09:d6:01:c2:79:c2:24:da:f0:48:ac:
30:5e:98:9d:11:e0:f4:8b:bf:33:d3:19:b7:b3:62:0a:ea:b2:
c1:05:96:2e:98:b6:1a:c9:a4:34:2e:76:d9:21:1b:7b:3b:94:
7e:d9:b4:41:53:f7:70:76:fc:77:30:1a:26:0d:1b:0f:09:ca:
22:ab:3e:31:80:9c:7f:b3:c8:a6:c3:46:0b:9e:db:89:a8:7e:
64:a7:f0:75:ef:c9:6f:42:1c:8d:37:4a:38:3e:f4:af:ab:cc:
7c:0e:56:c7:31:c5:6e:18:de:1a:58:af:42:fc:c7:dc:be:ed:
6f:75:a4:3c:b4:63:94:54:b8:1f:18:25:60:82:97:f8:ed:40:
60:b6:d0:b7
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjQw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEY4QjA3MDBFMDgwODJF
OUNBMThBMzY0Q0RFNjAwQjA5NEVCRkI4MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAnUbHi9yOlBeIdjPqJx+1OZVuaLu8KmqlMhuK8R61Va+qD3Wk
yUMqno9OMiohivA0lMojWyE3QuL4A474yz+jEJUgnSSL5SO7lnBxhCMEO1E8/QO5
lb2fZFojNuqz3FNENgaDZPJOzlgB+e6DNOfy/ZalHSB8+ePXrSkZIq63vT1hN76L
7fgwFNyd6dHkfKJNnYVN/ng9LzZxcCoRdiM1GbryyXLAVYoJBbrxv+ggbS10T1aW
yOQi/fzQxEfCFs8tCOXMiJgmft0b95izJRusV1uURs3ZujVz+rkyFMsJIw/3cU45
Yk94SVVxsGPEpeDnLndPJSm0VABYMHPXQeyZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU+LBwDggILpyhijZM3mALCU6/uCMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLy1MQndEZ2dJTHB5aGlq
Wk0zbUFMQ1U2X3VDTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANZBK4GOmzNUrZMiwXj2rzdOmsVO5HDHT7ae
kKFG43JPrO0CMn9Dqg+E23JHacOAcMSAcesulF79wmQ6E5/0aiwoLEVYwtzmVwCz
TBgzO05QEK/2N1wWHhySIj02SGN5PoxoEQwFudy5afs+4O2/8z/lEXAJ1gHCecIk
2vBIrDBemJ0R4PSLvzPTGbezYgrqssEFli6YthrJpDQudtkhG3s7lH7ZtEFT93B2
/HcwGiYNGw8JyiKrPjGAnH+zyKbDRgue24mofmSn8HXvyW9CHI03Sjg+9K+rzHwO
VscxxW4Y3hpYr0L8x9y+7W91pDy0Y5RUuB8YJWCCl/jtQGC20Lc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:34:32 2025 by rpki-client