Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/5fxya8vDCLSQeyU7zSrh00FlfjA.roa
File: 5fxya8vDCLSQeyU7zSrh00FlfjA.roa (raw, json)
Hash identifier: aAMUBZX7kNjM/QTHTt9zHWA+b+UgSbpS93XtTVWyJoE=
Subject key identifier: E5:FC:72:6B:CB:C3:08:B4:90:7B:25:3B:CD:2A:E1:D3:41:65:7E:30
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0C84
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/5fxya8vDCLSQeyU7zSrh00FlfjA.roa
Signing time: Wed 29 Jan 2025 23:55:02 +0000
ROA not before: Wed 29 Jan 2025 23:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3204 (0xc84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 29 23:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=E5FC726BCBC308B4907B253BCD2AE1D341657E30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:05:d4:37:da:0c:16:ee:59:1a:c2:78:27:
2c:c3:b6:89:b0:2d:81:2e:09:81:ce:19:e8:7a:2b:
1a:b1:a0:c7:a8:7c:2b:71:16:15:12:05:90:06:cc:
dd:85:01:b4:3e:7d:a0:ad:fd:39:bf:cb:a9:c4:0e:
b9:b8:d3:bf:59:e7:8d:62:ad:fc:2a:4a:9e:03:bb:
99:ff:12:f4:3d:6e:33:54:c4:35:81:b6:81:27:ec:
13:87:b4:91:ce:eb:e1:05:ad:da:5b:42:f8:f3:6a:
f8:72:b3:b0:71:12:d2:48:fb:f7:15:89:a9:4e:7b:
57:af:9f:ec:f8:fd:22:72:6f:f9:06:85:81:1b:99:
d8:46:63:25:65:59:de:a4:d7:86:cb:c9:52:61:53:
07:49:d9:24:6b:7b:d6:51:c8:39:03:08:f0:51:43:
1f:89:c1:ce:dd:40:d5:08:1d:a1:61:62:eb:b3:ac:
73:07:9c:63:8c:57:e8:5e:39:40:33:10:10:24:5a:
3f:27:34:09:49:02:df:4c:43:7d:5e:06:a7:b6:ff:
e2:db:b9:98:39:c5:05:20:e6:ec:28:c1:25:e4:db:
01:a0:cb:97:7e:e5:89:77:f2:3c:b5:5f:32:66:76:
e0:0f:da:84:fd:e8:80:69:67:26:d4:12:b0:3a:da:
fd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FC:72:6B:CB:C3:08:B4:90:7B:25:3B:CD:2A:E1:D3:41:65:7E:30
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/5fxya8vDCLSQeyU7zSrh00FlfjA.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
99:35:74:51:57:a1:78:e3:5d:a8:d8:fd:1b:d0:31:6a:8a:c9:
95:43:35:4c:76:d3:ab:51:1a:0d:bb:23:8c:be:98:52:b1:c7:
e5:0e:3f:6b:59:c0:4c:0e:7d:0e:34:c9:15:5b:12:d8:a3:01:
b3:3d:78:89:a0:90:aa:33:cc:3d:a9:5e:46:4a:98:de:8f:c0:
7d:ce:0a:98:14:62:4d:ea:29:5f:0c:fc:04:c2:fa:f6:81:a4:
ce:dd:70:85:60:15:ce:6e:b3:2a:94:59:66:9f:65:0e:ba:c9:
e4:fd:43:11:e8:14:08:c2:16:72:b1:44:10:c6:03:89:93:f7:
2c:f1:a0:d3:70:4b:b8:54:61:7d:f7:c0:b7:e8:5d:97:be:d9:
93:0e:aa:a1:fd:54:c9:82:26:fa:dc:b0:ee:03:df:81:3d:d7:
3c:aa:bb:89:9c:26:c9:00:2b:57:cc:08:c7:4f:a8:2b:ed:89:
f6:70:3e:6b:e8:d0:ea:fc:28:76:e5:92:6f:32:b6:f7:56:68:
69:85:8e:a8:7d:f8:c9:d5:18:37:53:94:78:a8:47:c8:da:b7:
f0:c1:e4:26:eb:25:79:57:43:3c:6a:34:de:36:3e:f4:d4:12:
19:2e:54:43:58:54:fc:42:fa:de:30:16:e7:5f:bf:22:ec:0c:
5b:d0:44:7a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMjky
MzU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEU1RkM3MjZCQ0JDMzA4
QjQ5MDdCMjUzQkNEMkFFMUQzNDE2NTdFMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrwAXUN9oMFu5ZGsJ4JyzDtomwLYEuCYHOGeh6KxqxoMeofCtx
FhUSBZAGzN2FAbQ+faCt/Tm/y6nEDrm4079Z541irfwqSp4Du5n/EvQ9bjNUxDWB
toEn7BOHtJHO6+EFrdpbQvjzavhys7BxEtJI+/cVialOe1evn+z4/SJyb/kGhYEb
mdhGYyVlWd6k14bLyVJhUwdJ2SRre9ZRyDkDCPBRQx+Jwc7dQNUIHaFhYuuzrHMH
nGOMV+heOUAzEBAkWj8nNAlJAt9MQ31eBqe2/+LbuZg5xQUg5uwowSXk2wGgy5d+
5Yl38jy1XzJmduAP2oT96IBpZybUErA62v2rAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU5fxya8vDCLSQeyU7zSrh00FlfjAwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzVmeHlhOHZEQ0xTUWV5
VTd6U3JoMDBGbGZqQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJk1dFFXoXjjXajY/RvQMWqKyZVDNUx206tR
Gg27I4y+mFKxx+UOP2tZwEwOfQ40yRVbEtijAbM9eImgkKozzD2pXkZKmN6PwH3O
CpgUYk3qKV8M/ATC+vaBpM7dcIVgFc5usyqUWWafZQ66yeT9QxHoFAjCFnKxRBDG
A4mT9yzxoNNwS7hUYX33wLfoXZe+2ZMOqqH9VMmCJvrcsO4D34E91zyqu4mcJskA
K1fMCMdPqCvtifZwPmvo0Or8KHblkm8ytvdWaGmFjqh9+MnVGDdTlHioR8jat/DB
5CbrJXlXQzxqNN42PvTUEhkuVENYVPxC+t4wFudfvyLsDFvQRHo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:54:52 2025 by rpki-client