Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/GxokhGxmn3SMCohnusBwg8XAtS0.roa
File: GxokhGxmn3SMCohnusBwg8XAtS0.roa (raw, json)
Hash identifier: OIyBP8dq8ejqd/xOTSn5+ezdTVKYJ30F8vohajqT/Tw=
Subject key identifier: 1B:1A:24:84:6C:66:9F:74:8C:0A:88:67:BA:C0:70:83:C5:C0:B5:2D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B03
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/GxokhGxmn3SMCohnusBwg8XAtS0.roa
Signing time: Wed 18 Dec 2024 07:55:03 +0000
ROA not before: Wed 18 Dec 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2819 (0xb03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 18 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1B1A24846C669F748C0A8867BAC07083C5C0B52D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a5:e2:a3:f4:b7:4c:85:b6:02:3d:b2:26:0b:
6a:97:dd:6a:d0:65:ee:39:a8:a4:2b:b9:63:7d:62:
0e:77:4e:e3:93:43:66:d7:f5:f4:bb:9d:a9:c6:1b:
56:bd:d7:27:d2:ad:c6:b6:0c:f7:f6:15:cb:dc:b5:
b5:c2:f0:96:2c:0a:da:80:82:09:fd:7d:d6:26:5d:
5e:2f:fe:91:2a:7f:b9:89:96:4e:96:7a:10:b0:29:
09:0e:26:de:19:69:3f:96:4b:bf:65:0a:d8:8a:d0:
d1:2c:a7:f5:3d:0d:e7:89:21:45:90:0c:5f:7f:37:
b0:d0:e5:ce:a8:d4:e0:c1:ba:e8:75:3a:44:79:1b:
13:22:b8:26:3f:dc:35:5e:e7:47:a2:38:c5:49:6f:
01:3e:29:28:b8:bb:e2:fc:52:a4:ce:c0:b6:09:32:
88:65:b7:a1:1c:80:87:4b:4e:2a:dd:05:99:bb:0d:
dd:2b:ae:8d:d6:60:20:e2:93:f5:5d:70:e5:0d:8c:
c1:05:27:12:fe:94:a1:3f:af:80:a3:20:05:07:e6:
03:09:99:f9:8c:35:7f:b1:a1:75:04:42:75:6a:1c:
0c:d5:5f:a1:b7:ca:eb:70:57:da:eb:75:20:68:7f:
7a:b0:18:a3:47:31:21:a1:3f:0c:59:53:68:7a:83:
6f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1A:24:84:6C:66:9F:74:8C:0A:88:67:BA:C0:70:83:C5:C0:B5:2D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/GxokhGxmn3SMCohnusBwg8XAtS0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:ff:f6:de:2b:74:3f:43:f0:2f:9b:39:60:65:79:f6:35:36:
c0:21:5d:18:86:44:cb:a6:d8:50:25:6d:e0:fd:9c:16:9b:05:
f8:57:5d:5f:2d:17:e1:35:80:65:e1:49:ae:b2:47:a6:e6:4a:
e1:50:f6:90:57:78:2d:cf:7d:4b:3e:e2:b4:c1:46:b5:b2:ee:
fc:2c:c8:ad:9c:0d:11:e6:7f:e5:7c:21:1c:69:8d:e7:ff:cf:
21:ab:99:de:9b:36:fe:75:23:66:cc:dd:c0:cc:89:ce:18:d7:
66:44:05:a4:aa:9a:0d:11:34:13:44:0f:5d:57:a1:c5:05:0e:
9a:34:18:f4:71:95:5e:5a:f2:43:43:f4:43:a5:c1:6b:f5:c1:
f7:43:7f:ce:36:f6:5e:48:6e:b5:ae:40:79:41:0d:61:14:fc:
db:ff:d0:87:77:6e:51:23:61:2a:85:79:65:aa:00:ff:47:c8:
c5:c1:f9:e6:2b:d3:2c:e1:48:47:66:e7:7b:0e:c7:72:42:59:
e9:32:03:e6:5f:9c:86:82:bc:83:07:13:3e:91:60:87:1b:98:
42:84:3d:ff:ef:5f:d6:84:a3:a1:25:b0:22:14:a9:6e:82:d1:
01:14:d3:4e:e5:da:62:02:99:a9:32:28:16:42:a5:3d:2e:53:
0a:e0:a2:aa
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMTgw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFCMUEyNDg0NkM2NjlG
NzQ4QzBBODg2N0JBQzA3MDgzQzVDMEI1MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDpeKj9LdMhbYCPbImC2qX3WrQZe45qKQruWN9Yg53TuOTQ2bX
9fS7nanGG1a91yfSrca2DPf2FcvctbXC8JYsCtqAggn9fdYmXV4v/pEqf7mJlk6W
ehCwKQkOJt4ZaT+WS79lCtiK0NEsp/U9DeeJIUWQDF9/N7DQ5c6o1ODBuuh1OkR5
GxMiuCY/3DVe50eiOMVJbwE+KSi4u+L8UqTOwLYJMohlt6EcgIdLTirdBZm7Dd0r
ro3WYCDik/VdcOUNjMEFJxL+lKE/r4CjIAUH5gMJmfmMNX+xoXUEQnVqHAzVX6G3
yutwV9rrdSBof3qwGKNHMSGhPwxZU2h6g2/tAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUGxokhGxmn3SMCohnusBwg8XAtS0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0d4b2toR3htbjNTTUNv
aG51c0J3ZzhYQXRTMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAH7/9t4rdD9D8C+bOWBlefY1NsAhXRiGRMum
2FAlbeD9nBabBfhXXV8tF+E1gGXhSa6yR6bmSuFQ9pBXeC3PfUs+4rTBRrWy7vws
yK2cDRHmf+V8IRxpjef/zyGrmd6bNv51I2bM3cDMic4Y12ZEBaSqmg0RNBNED11X
ocUFDpo0GPRxlV5a8kND9EOlwWv1wfdDf8429l5IbrWuQHlBDWEU/Nv/0Id3blEj
YSqFeWWqAP9HyMXB+eYr0yzhSEdm53sOx3JCWekyA+ZfnIaCvIMHEz6RYIcbmEKE
Pf/vX9aEo6ElsCIUqW6C0QEU007l2mICmakyKBZCpT0uUwrgoqo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:40:00 2025 by rpki-client