Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/7sdlYCuCQoRfu1_dqgddwBpiHaY.roa
File: 7sdlYCuCQoRfu1_dqgddwBpiHaY.roa (raw, json)
Hash identifier: Q7QzNHzQkjFsr4YDdW+iyA50X8K+nHtMIhgDqK3S0II=
Subject key identifier: EE:C7:65:60:2B:82:42:84:5F:BB:5F:DD:AA:07:5D:C0:1A:62:1D:A6
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B9D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/7sdlYCuCQoRfu1_dqgddwBpiHaY.roa
Signing time: Sat 04 Jan 2025 07:55:03 +0000
ROA not before: Sat 04 Jan 2025 07:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2973 (0xb9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 4 07:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=EEC765602B8242845FBB5FDDAA075DC01A621DA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:78:ad:5b:24:6c:24:fc:20:b0:e6:ce:8c:22:
32:1c:72:4a:b7:8d:1f:3b:f6:34:29:33:3d:3e:6c:
73:39:01:d4:9a:ed:4e:8f:51:69:da:6a:22:34:5c:
ea:74:3d:d3:d8:98:63:f6:30:f3:72:8c:f5:c3:18:
ca:78:6c:9a:f7:58:cd:66:fe:0f:62:c2:c5:31:5d:
f9:01:e0:1c:4d:c4:72:62:47:62:32:ef:d6:fa:8a:
f3:ac:57:35:dc:d9:4f:41:65:c5:19:63:7d:25:47:
02:fe:ca:84:25:07:8d:51:8d:a0:3e:97:a9:3a:b6:
4f:be:56:bf:b7:4a:f0:c2:83:a5:0b:1d:26:83:43:
a9:6e:7b:5f:c3:8a:39:9a:c3:16:7c:4b:54:4f:1a:
00:c9:0a:70:81:84:ba:9b:3a:d7:3b:30:e1:10:46:
2c:f0:db:3d:36:dd:96:94:a6:04:7c:7b:fa:4f:c5:
af:d2:12:aa:a3:45:ff:47:aa:45:37:c2:b3:7f:6c:
ba:00:99:18:65:01:db:24:0d:7b:33:d9:65:da:ae:
77:46:2e:ce:66:d8:72:d3:c0:49:a0:89:60:77:6a:
3f:12:f8:fb:0d:cd:31:3e:f3:8d:56:50:13:2f:93:
1b:d6:cd:50:f2:59:ab:46:5b:32:fa:7e:7c:46:d5:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C7:65:60:2B:82:42:84:5F:BB:5F:DD:AA:07:5D:C0:1A:62:1D:A6
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/7sdlYCuCQoRfu1_dqgddwBpiHaY.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
84:6b:40:ed:99:d8:eb:58:82:0f:d0:eb:aa:c5:94:4d:05:cd:
9b:09:7d:52:dd:8f:72:8c:87:d1:9e:64:e4:b6:c9:d7:f1:c9:
59:6c:d2:ea:8b:59:61:a2:6d:fa:0f:dd:c4:d9:5c:06:b1:67:
24:df:fc:1b:2f:0e:30:78:72:06:6f:ca:bd:cb:2f:8b:aa:14:
92:1a:bb:26:11:94:e0:f9:16:4b:3e:83:26:18:68:2c:ab:f6:
9c:60:00:6f:ce:1c:80:2b:5d:19:61:1b:64:3f:74:de:8b:2e:
e3:fe:fc:e6:8a:9f:98:84:a4:eb:ce:e0:c4:fa:aa:65:45:f1:
80:d5:76:78:2b:86:95:06:ae:34:b2:c7:26:13:4d:f7:a6:67:
70:48:d8:5b:3e:99:6b:03:93:67:2d:b0:64:c8:3e:9a:75:db:
60:dd:22:c2:df:cc:78:29:f0:6f:8f:62:2a:fe:dc:b8:cc:c8:
52:9a:37:63:db:79:2f:94:d5:a6:98:ae:65:b8:50:eb:33:b7:
ca:5c:2c:4d:ee:05:75:f8:88:01:18:17:95:8c:72:e3:c1:17:
85:d1:af:2c:a9:83:fe:d3:67:84:cb:9b:14:48:1f:71:0e:ee:
3d:44:3d:a6:49:19:16:b8:ec:05:aa:12:a3:56:0b:f0:fa:fc:
bb:95:37:56
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC50wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDQw
NzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEVFQzc2NTYwMkI4MjQy
ODQ1RkJCNUZEREFBMDc1REMwMUE2MjFEQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOeK1bJGwk/CCw5s6MIjIcckq3jR879jQpMz0+bHM5AdSa7U6P
UWnaaiI0XOp0PdPYmGP2MPNyjPXDGMp4bJr3WM1m/g9iwsUxXfkB4BxNxHJiR2Iy
79b6ivOsVzXc2U9BZcUZY30lRwL+yoQlB41RjaA+l6k6tk++Vr+3SvDCg6ULHSaD
Q6lue1/DijmawxZ8S1RPGgDJCnCBhLqbOtc7MOEQRizw2z023ZaUpgR8e/pPxa/S
EqqjRf9HqkU3wrN/bLoAmRhlAdskDXsz2WXarndGLs5m2HLTwEmgiWB3aj8S+PsN
zTE+841WUBMvkxvWzVDyWatGWzL6fnxG1UIPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU7sdlYCuCQoRfu1/dqgddwBpiHaYwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzdzZGxZQ3VDUW9SZnUx
X2RxZ2Rkd0JwaUhhWS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIRrQO2Z2OtYgg/Q66rFlE0FzZsJfVLdj3KM
h9GeZOS2ydfxyVls0uqLWWGibfoP3cTZXAaxZyTf/BsvDjB4cgZvyr3LL4uqFJIa
uyYRlOD5Fks+gyYYaCyr9pxgAG/OHIArXRlhG2Q/dN6LLuP+/OaKn5iEpOvO4MT6
qmVF8YDVdngrhpUGrjSyxyYTTfemZ3BI2Fs+mWsDk2ctsGTIPpp122DdIsLfzHgp
8G+PYir+3LjMyFKaN2PbeS+U1aaYrmW4UOszt8pcLE3uBXX4iAEYF5WMcuPBF4XR
ryypg/7TZ4TLmxRIH3EO7j1EPaZJGRa47AWqEqNWC/D6/LuVN1Y=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:00:32 2025 by rpki-client