Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4dAA0ey5bDAdMCGtR2X92X83GeQ.roa
File: 4dAA0ey5bDAdMCGtR2X92X83GeQ.roa (raw, json)
Hash identifier: ARHOPTfgROFqgS6cfXxyMAxSfY6zKc/N2a+UfXcCNEs=
Subject key identifier: E1:D0:00:D1:EC:B9:6C:30:1D:30:21:AD:47:65:FD:D9:7F:37:19:E4
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B2D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4dAA0ey5bDAdMCGtR2X92X83GeQ.roa
Signing time: Sun 22 Dec 2024 23:55:03 +0000
ROA not before: Sun 22 Dec 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2861 (0xb2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 22 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=E1D000D1ECB96C301D3021AD4765FDD97F3719E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9f:34:29:85:9e:5e:ae:65:a0:3e:bc:b0:ab:
9d:45:31:6e:27:ee:87:1d:4c:83:f8:dc:cd:9b:af:
b7:50:11:c6:a1:8f:f9:91:45:1a:4b:6e:df:a9:9b:
dc:b1:ac:bf:56:93:82:56:0c:de:24:96:4d:a0:c6:
ec:ab:97:55:ac:fd:33:6c:05:af:10:4a:9f:64:88:
11:ee:eb:48:eb:be:ae:b5:c2:6f:f9:50:ad:28:3d:
dc:60:b8:ed:ae:e1:fa:f6:d3:f3:f8:0b:86:60:25:
fe:e6:b1:4b:f7:86:f4:fb:73:b1:e5:29:27:94:db:
dd:2d:85:0a:47:47:30:67:f6:e6:4c:ed:15:39:2e:
18:1f:c1:5b:46:49:0c:95:07:0e:c8:f3:61:07:2f:
4e:f8:68:98:0e:88:fe:4b:25:50:dd:33:11:d9:77:
2b:b5:9a:1e:8b:a3:84:46:e9:26:58:84:91:d3:23:
6d:bf:c9:04:18:d3:e8:54:a7:3f:40:d6:7d:67:6a:
20:6d:99:69:c9:22:b5:80:c2:e5:0d:60:eb:69:7f:
fc:ae:91:cd:7d:70:b9:7c:17:55:72:29:67:f0:a7:
f8:db:60:a8:50:c2:47:2f:fc:35:e6:cf:d5:23:9e:
1b:8d:a6:86:d7:38:c0:10:da:82:2b:d2:b9:de:25:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D0:00:D1:EC:B9:6C:30:1D:30:21:AD:47:65:FD:D9:7F:37:19:E4
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4dAA0ey5bDAdMCGtR2X92X83GeQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:a3:61:69:a5:32:23:81:c5:3d:ec:6e:ac:d6:80:3f:81:40:
73:8d:b4:ed:ec:39:8c:14:78:d6:8c:87:44:b0:6d:2d:f7:37:
56:bb:6c:35:e5:c8:e6:08:f8:7f:1c:be:ad:b8:db:31:4c:c2:
60:60:2e:a2:bb:0a:20:e3:03:00:b3:f2:bb:b0:a7:a7:4f:44:
b3:0a:16:83:54:45:13:45:48:21:d3:f2:96:d1:05:00:05:da:
20:3d:3c:52:5a:c0:cd:22:6b:a9:11:72:19:c8:93:ee:95:3f:
e1:6c:96:73:80:7d:de:15:47:9e:2b:67:0d:22:10:39:b7:d5:
8b:a0:26:3b:61:88:30:0d:3a:f5:97:35:9a:ff:28:db:97:14:
7f:1d:2d:19:6e:8a:29:1c:3d:fa:59:90:3d:ec:7d:a6:ec:a7:
86:41:76:04:2d:73:dd:26:52:b4:af:35:b3:57:63:96:9a:f2:
ca:1d:77:8d:89:6e:dd:e3:31:36:47:c4:1d:c4:bd:94:44:ee:
c2:d3:6c:0d:82:99:50:1c:7e:fa:ac:98:00:f2:75:ce:51:68:
87:c2:ac:c6:b2:a2:77:a4:19:b3:81:3a:e2:9b:05:06:e4:da:
6c:31:78:ff:92:5f:94:e4:ca:95:96:d7:a8:23:86:1e:9d:a9:
fb:a1:fb:c2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUxRDAwMEQxRUNCOTZD
MzAxRDMwMjFBRDQ3NjVGREQ5N0YzNzE5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVnzQphZ5ermWgPrywq51FMW4n7ocdTIP43M2br7dQEcahj/mR
RRpLbt+pm9yxrL9Wk4JWDN4klk2gxuyrl1Ws/TNsBa8QSp9kiBHu60jrvq61wm/5
UK0oPdxguO2u4fr20/P4C4ZgJf7msUv3hvT7c7HlKSeU290thQpHRzBn9uZM7RU5
LhgfwVtGSQyVBw7I82EHL074aJgOiP5LJVDdMxHZdyu1mh6Lo4RG6SZYhJHTI22/
yQQY0+hUpz9A1n1naiBtmWnJIrWAwuUNYOtpf/yukc19cLl8F1VyKWfwp/jbYKhQ
wkcv/DXmz9UjnhuNpobXOMAQ2oIr0rneJTRXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4dAA0ey5bDAdMCGtR2X92X83GeQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzRkQUEwZXk1YkRBZE1D
R3RSMlg5Mlg4M0dlUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMijYWmlMiOBxT3sbqzWgD+BQHONtO3sOYwU
eNaMh0SwbS33N1a7bDXlyOYI+H8cvq242zFMwmBgLqK7CiDjAwCz8ruwp6dPRLMK
FoNURRNFSCHT8pbRBQAF2iA9PFJawM0ia6kRchnIk+6VP+FslnOAfd4VR54rZw0i
EDm31YugJjthiDANOvWXNZr/KNuXFH8dLRluiikcPfpZkD3sfabsp4ZBdgQtc90m
UrSvNbNXY5aa8sodd42Jbt3jMTZHxB3EvZRE7sLTbA2CmVAcfvqsmADydc5RaIfC
rMayonekGbOBOuKbBQbk2mwxeP+SX5TkypWW16gjhh6dqfuh+8I=
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:16:09 2025 by rpki-client