Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/IY3pJPW4bOv5MddqUMUygOY8cE8.roa
File: IY3pJPW4bOv5MddqUMUygOY8cE8.roa (raw, json)
Hash identifier: TEAyywDz62kr4YdvqmItpqaaidI5U6V7ZbWSLcg7DBk=
Subject key identifier: 21:8D:E9:24:F5:B8:6C:EB:F9:31:D7:6A:50:C5:32:80:E6:3C:70:4F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A31
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/IY3pJPW4bOv5MddqUMUygOY8cE8.roa
Signing time: Sun 24 Nov 2024 23:55:03 +0000
ROA not before: Sun 24 Nov 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2609 (0xa31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 24 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=218DE924F5B86CEBF931D76A50C53280E63C704F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:66:c3:8b:3c:f6:6a:76:30:eb:02:9f:44:ff:
74:89:11:e4:d5:c3:17:88:38:a2:0f:bd:e6:e2:ff:
6f:2f:d1:5b:f0:1d:0e:79:55:3e:f0:f3:84:91:1f:
46:3f:05:49:fc:dc:88:06:c6:5e:7c:b0:ee:dd:70:
fc:3d:6b:8f:69:27:c5:f5:c9:61:2a:a8:f6:9a:56:
3a:7b:6c:8c:b7:84:9a:a2:12:bc:b6:c1:39:12:8f:
ef:d9:99:d5:d3:0d:d9:35:b3:02:8f:ff:2d:cb:e6:
2a:0e:59:bc:c0:5c:8f:bf:2c:db:31:dd:7f:a3:4e:
0e:2b:a1:ad:53:e2:f2:e0:ec:08:de:7a:18:3a:fc:
07:1d:b6:ec:8f:64:ce:69:dd:52:6b:ad:b0:5e:03:
42:b2:0d:d7:d6:14:ec:dc:37:3c:6f:eb:91:9f:85:
8e:36:c0:a2:6b:c8:ed:32:64:00:2c:ef:5f:ea:e0:
7d:80:67:b5:21:7e:cc:60:34:0d:b7:a7:16:08:4d:
26:a1:10:5f:ae:b7:de:5c:3d:08:0a:a3:6f:4b:67:
53:10:13:c1:05:62:37:9b:2c:be:37:4d:4a:de:74:
34:37:d5:a1:a9:1f:4e:c5:e1:61:86:96:8a:85:3d:
a7:2d:2b:22:3d:e9:60:98:2d:3e:fc:89:f5:4a:96:
0b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8D:E9:24:F5:B8:6C:EB:F9:31:D7:6A:50:C5:32:80:E6:3C:70:4F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/IY3pJPW4bOv5MddqUMUygOY8cE8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
96:cb:d1:07:3f:50:7f:8f:00:ed:15:9e:0c:15:31:49:af:82:
79:e0:77:c8:ac:22:15:43:11:9c:95:a8:82:c0:12:de:b9:57:
1e:61:bd:f1:2b:aa:b4:d0:08:3d:23:4b:5b:26:ba:92:54:5b:
fe:f8:14:75:df:1d:64:74:48:63:88:16:f6:7c:d2:03:2d:0b:
34:4b:c2:74:2e:05:54:2c:f6:d8:3c:df:63:9f:80:83:c2:b1:
a3:46:e7:85:65:bc:1f:14:d6:43:b3:8f:91:47:6f:5d:a3:e5:
66:3f:30:f6:ff:6f:4b:b9:8d:b5:06:b3:e5:38:11:93:f5:2c:
39:3a:4f:c0:ac:cf:d8:d5:d3:4c:a9:a5:14:3a:36:21:5e:61:
05:97:a0:de:b6:ee:a1:e9:1c:7e:c2:52:78:38:b2:51:29:6e:
2a:cf:65:85:67:95:34:23:9e:74:b0:5b:1b:03:c6:83:3f:5e:
d4:1b:8e:38:68:84:0c:e2:86:23:34:b4:f8:1e:7b:5a:a4:75:
3d:61:ef:9e:ed:5f:51:27:41:39:27:14:1b:e6:0d:29:db:0a:
e2:1e:1d:e6:a7:c8:63:f0:ed:f8:f6:56:90:ce:41:85:83:5e:
3e:7a:d9:2e:84:2c:84:8a:82:2d:aa:82:b6:fe:0e:b3:5a:a2:
38:4f:3e:df
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjQy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIxOERFOTI0RjVCODZD
RUJGOTMxRDc2QTUwQzUzMjgwRTYzQzcwNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlZsOLPPZqdjDrAp9E/3SJEeTVwxeIOKIPvebi/28v0VvwHQ55
VT7w84SRH0Y/BUn83IgGxl58sO7dcPw9a49pJ8X1yWEqqPaaVjp7bIy3hJqiEry2
wTkSj+/ZmdXTDdk1swKP/y3L5ioOWbzAXI+/LNsx3X+jTg4roa1T4vLg7Ajeehg6
/AcdtuyPZM5p3VJrrbBeA0KyDdfWFOzcNzxv65GfhY42wKJryO0yZAAs71/q4H2A
Z7UhfsxgNA23pxYITSahEF+ut95cPQgKo29LZ1MQE8EFYjebLL43TUredDQ31aGp
H07F4WGGloqFPactKyI96WCYLT78ifVKlgv9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUIY3pJPW4bOv5MddqUMUygOY8cE8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0lZM3BKUFc0Yk92NU1k
ZHFVTVV5Z09ZOGNFOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJbL0Qc/UH+PAO0VngwVMUmvgnngd8isIhVD
EZyVqILAEt65Vx5hvfErqrTQCD0jS1smupJUW/74FHXfHWR0SGOIFvZ80gMtCzRL
wnQuBVQs9tg832OfgIPCsaNG54VlvB8U1kOzj5FHb12j5WY/MPb/b0u5jbUGs+U4
EZP1LDk6T8Csz9jV00yppRQ6NiFeYQWXoN627qHpHH7CUng4slEpbirPZYVnlTQj
nnSwWxsDxoM/XtQbjjhohAzihiM0tPgee1qkdT1h757tX1EnQTknFBvmDSnbCuIe
HeanyGPw7fj2VpDOQYWDXj562S6ELISKgi2qgrb+DrNaojhPPt8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:01:19 2025 by rpki-client