Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/0q3O5CGvJYV3f_2KuSCUdQ2qr4U.roa
File: 0q3O5CGvJYV3f_2KuSCUdQ2qr4U.roa (raw, json)
Hash identifier: TYO/BIGeWG9alaCl37kUwstZJOGUtLGLKzzjCDLdPs0=
Subject key identifier: D2:AD:CE:E4:21:AF:25:85:77:7F:FD:8A:B9:20:94:75:0D:AA:AF:85
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B48
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/0q3O5CGvJYV3f_2KuSCUdQ2qr4U.roa
Signing time: Wed 25 Dec 2024 23:55:03 +0000
ROA not before: Wed 25 Dec 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2888 (0xb48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 25 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=D2ADCEE421AF2585777FFD8AB92094750DAAAF85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:15:24:0d:06:2d:00:82:7f:16:1a:c3:5b:
ee:8d:ef:18:3c:7a:5a:7d:de:73:a8:d2:f9:a4:81:
c5:fe:8c:fd:89:f6:39:f9:cb:92:10:d0:fb:40:1a:
be:4c:a5:7b:47:9f:ca:05:13:ac:db:73:e9:87:ba:
d0:db:47:13:72:d1:a6:02:4d:23:b4:d6:1d:9c:d1:
58:ce:0a:f2:c6:14:b0:29:6d:f1:2a:ac:bd:32:fc:
2b:da:5c:35:42:21:2a:40:f1:b9:71:ff:21:21:b7:
9a:cd:ec:f9:37:16:15:09:90:e3:01:46:67:cc:39:
f4:65:c8:aa:a7:77:a1:08:2d:f8:fb:20:e4:94:56:
00:f8:cc:e2:b8:77:51:ea:25:b1:83:e7:bf:0e:9b:
91:e0:0a:32:f2:62:74:e4:7a:fb:54:a3:20:9f:61:
f5:07:a9:16:bd:33:99:85:eb:c8:77:b6:42:2f:a8:
b8:1e:7d:3a:d1:9f:c3:64:8f:04:a9:11:b5:85:04:
14:05:50:10:4f:1e:15:1e:7d:79:26:a0:3f:e6:4f:
dc:0f:9e:c8:eb:c5:64:24:e3:28:b8:66:e2:16:44:
24:00:17:da:8e:1f:e4:2b:75:08:a5:c9:a3:cb:37:
6f:ee:18:f0:0f:4c:e1:b8:22:ab:f7:d4:c5:eb:19:
7b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AD:CE:E4:21:AF:25:85:77:7F:FD:8A:B9:20:94:75:0D:AA:AF:85
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/0q3O5CGvJYV3f_2KuSCUdQ2qr4U.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d3:3e:74:79:ac:86:b8:e6:db:30:d0:1e:c6:82:21:cf:1d:
76:6c:d7:b2:e5:4f:38:56:77:d9:49:6b:10:fd:b4:b6:85:e5:
22:cf:3f:7c:a5:cc:32:f3:ff:af:bb:64:e6:86:bc:56:41:e9:
ec:85:5c:f0:a9:3c:7c:81:d4:ee:49:dc:92:61:d8:41:44:33:
12:57:b9:4e:e6:d5:0e:bd:40:46:9a:f5:a9:29:97:86:30:ab:
3f:2e:31:b8:b4:b3:c4:63:40:38:26:61:2f:b4:95:71:61:68:
ac:a5:0d:76:67:7b:d6:2b:8c:8c:02:a5:c0:94:3d:09:29:23:
77:d8:9e:31:21:ce:10:ce:ee:0d:34:73:0c:82:ae:96:35:bc:
9b:ee:1e:9e:31:3e:0e:98:66:f5:ce:02:d2:86:ac:0c:44:27:
f5:f3:36:a8:13:7f:33:ac:45:81:f7:b4:84:10:da:5d:f4:b7:
cd:da:dd:7e:fc:52:f5:b6:ba:c9:ce:18:52:dc:04:de:3a:68:
2f:a4:3b:ae:12:19:fd:8f:b8:1f:71:80:19:e6:88:95:78:b1:
bc:f9:9a:b9:b1:42:f1:f8:51:e4:f9:6b:c7:59:a7:e6:de:a6:
80:32:2f:75:98:ce:b7:c3:8d:12:a4:78:28:6a:35:20:bc:5b:
38:fb:d9:00
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjUy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQyQURDRUU0MjFBRjI1
ODU3NzdGRkQ4QUI5MjA5NDc1MERBQUFGODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtqBUkDQYtAIJ/FhrDW+6N7xg8elp93nOo0vmkgcX+jP2J9jn5
y5IQ0PtAGr5MpXtHn8oFE6zbc+mHutDbRxNy0aYCTSO01h2c0VjOCvLGFLApbfEq
rL0y/CvaXDVCISpA8blx/yEht5rN7Pk3FhUJkOMBRmfMOfRlyKqnd6EILfj7IOSU
VgD4zOK4d1HqJbGD578Om5HgCjLyYnTkevtUoyCfYfUHqRa9M5mF68h3tkIvqLge
fTrRn8NkjwSpEbWFBBQFUBBPHhUefXkmoD/mT9wPnsjrxWQk4yi4ZuIWRCQAF9qO
H+QrdQilyaPLN2/uGPAPTOG4Iqv31MXrGXvNAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU0q3O5CGvJYV3f/2KuSCUdQ2qr4UwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzBxM081Q0d2SllWM2Zf
Mkt1U0NVZFEycXI0VS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKjTPnR5rIa45tsw0B7GgiHPHXZs17LlTzhW
d9lJaxD9tLaF5SLPP3ylzDLz/6+7ZOaGvFZB6eyFXPCpPHyB1O5J3JJh2EFEMxJX
uU7m1Q69QEaa9akpl4Ywqz8uMbi0s8RjQDgmYS+0lXFhaKylDXZne9YrjIwCpcCU
PQkpI3fYnjEhzhDO7g00cwyCrpY1vJvuHp4xPg6YZvXOAtKGrAxEJ/XzNqgTfzOs
RYH3tIQQ2l30t83a3X78UvW2usnOGFLcBN46aC+kO64SGf2PuB9xgBnmiJV4sbz5
mrmxQvH4UeT5a8dZp+bepoAyL3WYzrfDjRKkeChqNSC8Wzj72QA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:01:23 2025 by rpki-client