Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/KgEyC2-B-wkyt6V7DsaauYn7W-M.roa
File: KgEyC2-B-wkyt6V7DsaauYn7W-M.roa (raw, json)
Hash identifier: AXUkmU0xzGZ8tZxqN+cE0BlIwk/QzpcgfNWms2fCSSY=
Subject key identifier: 2A:01:32:0B:6F:81:FB:09:32:B7:A5:7B:0E:C6:9A:B9:89:FB:5B:E3
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0BB5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/KgEyC2-B-wkyt6V7DsaauYn7W-M.roa
Signing time: Mon 06 Jan 2025 23:55:02 +0000
ROA not before: Mon 06 Jan 2025 23:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2997 (0xbb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 6 23:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2A01320B6F81FB0932B7A57B0EC69AB989FB5BE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:98:3b:23:82:4a:ad:57:09:95:ce:f1:10:
13:f2:72:2a:7e:bb:17:97:17:ff:fb:d3:3f:5f:d0:
a7:40:5d:95:23:11:06:6a:75:59:a0:31:b2:d8:9f:
7a:45:1b:51:50:c0:d5:1a:d9:e5:09:8c:c9:3b:a4:
67:12:52:33:c8:65:77:46:d0:85:d2:eb:fa:d8:b2:
61:bb:cb:bf:c0:e0:a7:dc:5b:73:be:d4:51:2d:50:
34:9b:c3:ae:36:a5:ad:13:61:2c:22:fc:3d:f9:0b:
54:d3:2c:46:1c:b4:b6:09:3a:91:bb:29:a4:cb:f1:
2a:2c:79:91:84:6f:ec:9c:ee:67:e0:98:9c:d3:2e:
95:5a:e1:12:dd:45:71:ee:8c:77:e0:8c:3f:46:d8:
61:23:21:fd:59:69:fa:23:c4:af:0f:a5:72:86:c0:
b4:74:a5:be:dd:40:21:eb:47:e0:3d:b0:3f:a4:8d:
8c:47:13:24:e1:e9:28:d7:98:67:56:23:22:87:6e:
5c:29:b9:f0:cb:ef:ee:6c:5f:de:26:b7:9f:29:0b:
4b:62:a7:d7:21:ee:a2:d3:06:4e:e5:7e:c9:87:ad:
a9:50:e8:05:2f:f5:7a:91:db:c6:d5:7f:e5:af:70:
ee:75:a3:ea:5a:03:64:ce:e8:8c:0a:c8:eb:73:ac:
1a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:01:32:0B:6F:81:FB:09:32:B7:A5:7B:0E:C6:9A:B9:89:FB:5B:E3
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/KgEyC2-B-wkyt6V7DsaauYn7W-M.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:19:47:8a:90:df:4c:ad:99:00:a1:9d:ce:65:59:ff:d3:7d:
f1:47:0f:ff:5f:1a:68:a2:d7:94:52:d9:9e:0f:f9:a2:7c:30:
8a:c8:bc:28:c2:9b:c0:2c:20:eb:75:a3:1e:df:55:a0:c0:4b:
9f:67:15:dd:b4:81:82:21:b9:a4:9e:a4:82:00:c6:af:d8:7e:
b3:31:f3:2b:f2:72:ad:37:a2:2e:33:59:50:ac:29:c6:e5:39:
99:89:e2:c8:68:f2:19:5c:78:3a:18:74:23:0d:69:17:d2:f8:
30:fe:4e:d8:1c:d0:1b:aa:2d:90:01:f9:8d:29:58:0b:63:85:
24:f1:0a:77:42:cb:df:87:6c:42:7c:38:fb:d2:a9:7b:78:ad:
18:18:9c:ce:d0:3d:51:17:87:93:36:ea:28:08:32:4b:4f:68:
6d:ac:49:d4:3f:94:d6:b1:a0:bb:e2:ef:06:f3:96:33:86:ee:
52:f7:07:6d:49:a2:e9:69:74:30:23:e5:62:88:65:e7:89:b2:
d0:8f:76:e5:83:87:0e:7b:ae:a5:24:72:c4:8c:81:2d:76:f3:
57:7d:14:9d:47:36:bc:29:16:2a:6f:9d:50:7a:f9:fa:5a:f9:
6c:6a:70:3e:3b:5f:57:0d:ab:13:a8:97:5a:c1:00:71:0a:33:
28:8f:ca:b8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDYy
MzU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJBMDEzMjBCNkY4MUZC
MDkzMkI3QTU3QjBFQzY5QUI5ODlGQjVCRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5lJg7I4JKrVcJlc7xEBPycip+uxeXF//70z9f0KdAXZUjEQZq
dVmgMbLYn3pFG1FQwNUa2eUJjMk7pGcSUjPIZXdG0IXS6/rYsmG7y7/A4KfcW3O+
1FEtUDSbw642pa0TYSwi/D35C1TTLEYctLYJOpG7KaTL8SoseZGEb+yc7mfgmJzT
LpVa4RLdRXHujHfgjD9G2GEjIf1ZafojxK8PpXKGwLR0pb7dQCHrR+A9sD+kjYxH
EyTh6SjXmGdWIyKHblwpufDL7+5sX94mt58pC0tip9ch7qLTBk7lfsmHralQ6AUv
9XqR28bVf+WvcO51o+paA2TO6IwKyOtzrBq9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUKgEyC2+B+wkyt6V7DsaauYn7W+MwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0tnRXlDMi1CLXdreXQ2
VjdEc2FhdVluN1ctTS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALwZR4qQ30ytmQChnc5lWf/TffFHD/9fGmii
15RS2Z4P+aJ8MIrIvCjCm8AsIOt1ox7fVaDAS59nFd20gYIhuaSepIIAxq/YfrMx
8yvycq03oi4zWVCsKcblOZmJ4sho8hlceDoYdCMNaRfS+DD+Ttgc0BuqLZAB+Y0p
WAtjhSTxCndCy9+HbEJ8OPvSqXt4rRgYnM7QPVEXh5M26igIMktPaG2sSdQ/lNax
oLvi7wbzljOG7lL3B21JoulpdDAj5WKIZeeJstCPduWDhw57rqUkcsSMgS1281d9
FJ1HNrwpFipvnVB6+fpa+WxqcD47X1cNqxOol1rBAHEKMyiPyrg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:59:27 2025 by rpki-client