Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/L1_aIdRiF8CphjHeIndgzfApE-U.roa
File: L1_aIdRiF8CphjHeIndgzfApE-U.roa (raw, json)
Hash identifier: yDMWQ1AtZeziziMku1U+VoFGekk7rQPBetF1sRUCnXE=
Subject key identifier: 2F:5F:DA:21:D4:62:17:C0:A9:86:31:DE:22:77:60:CD:F0:29:13:E5
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0BAF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/L1_aIdRiF8CphjHeIndgzfApE-U.roa
Signing time: Mon 06 Jan 2025 07:55:02 +0000
ROA not before: Mon 06 Jan 2025 07:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2991 (0xbaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 6 07:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2F5FDA21D46217C0A98631DE227760CDF02913E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0c:81:3b:b9:8e:ed:b3:12:8b:3e:f3:8e:b5:
e9:ea:21:2c:4f:90:4c:fe:0d:45:85:01:6c:1c:96:
ec:a2:ca:a2:bb:87:12:71:53:17:03:c3:87:b6:91:
9b:3a:52:9a:36:e6:1b:b7:12:d4:ed:79:af:71:d4:
00:74:29:01:03:40:79:4a:3b:c6:d5:cc:a7:3f:2d:
60:12:b5:fc:88:50:ef:1e:3b:10:5c:26:3a:30:03:
2e:16:df:0c:5c:7f:98:69:92:d3:25:4a:43:c2:34:
78:45:0a:8b:ec:64:ca:d3:55:23:5b:e5:83:c9:6b:
af:96:47:96:1a:1f:ea:f2:fe:b7:9a:24:09:2c:96:
aa:cb:52:74:8f:94:ec:d6:a0:21:5d:97:5c:8c:ae:
65:52:d4:b4:66:78:4e:dd:b7:82:3e:5c:f2:eb:c5:
4b:e9:7b:ac:12:d6:ab:d3:7a:71:10:c9:47:47:11:
23:e5:b1:b1:68:61:b1:27:fb:f2:5c:8f:f8:7b:42:
0b:e7:55:97:54:c3:56:fa:36:53:fb:be:6e:7b:7a:
b0:ed:bd:bb:94:2f:c4:ac:78:8a:af:f3:c5:7f:8b:
54:93:0f:b3:e0:61:13:65:06:70:34:af:38:1b:1c:
61:4d:7c:9b:0b:1c:23:ff:85:1a:81:f0:8b:0c:d2:
17:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5F:DA:21:D4:62:17:C0:A9:86:31:DE:22:77:60:CD:F0:29:13:E5
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/L1_aIdRiF8CphjHeIndgzfApE-U.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
72:02:0a:1c:76:cb:5e:ae:38:07:dd:39:9a:2a:6a:2d:a2:ce:
23:0e:7a:70:c2:f8:a4:bf:33:20:3c:17:aa:fe:68:70:bf:f0:
89:95:2e:1b:3e:af:b0:12:66:88:45:e9:95:a7:03:70:16:ad:
98:d5:e9:cc:2d:53:00:63:4f:48:a5:d3:6b:08:3e:7d:e2:83:
ef:4f:4c:53:e3:23:b5:0b:aa:f3:4a:46:4a:52:7c:93:e7:59:
67:2b:95:98:e4:1b:bf:81:01:16:e3:a7:0e:9f:6b:2d:86:bb:
3d:78:ab:48:98:64:9a:d3:33:64:92:ce:c6:69:b4:92:59:2b:
65:3a:98:ec:2b:04:dc:c4:be:9d:a3:c5:de:35:6d:0d:d1:d4:
9e:61:76:b2:8e:4a:c8:1d:92:3f:93:36:f3:0a:e9:55:19:38:
29:f3:89:11:ff:01:6f:ac:cc:d1:17:64:97:45:6a:e2:e1:94:
d2:e0:44:39:2a:d7:fc:4b:ce:14:fc:79:77:80:69:cd:e5:45:
9f:68:0d:d8:14:bc:f4:d3:ac:b6:3a:d9:f8:20:86:4e:3b:d8:
36:b1:49:20:e0:f0:95:98:59:4b:57:65:bc:ba:f7:eb:9b:8e:
4b:5a:2b:5b:c0:47:30:54:11:b9:82:3a:37:d7:3d:0f:20:4c:
dc:11:6a:1d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDYw
NzU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJGNUZEQTIxRDQ2MjE3
QzBBOTg2MzFERTIyNzc2MENERjAyOTEzRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGDIE7uY7tsxKLPvOOtenqISxPkEz+DUWFAWwcluyiyqK7hxJx
UxcDw4e2kZs6Upo25hu3EtTtea9x1AB0KQEDQHlKO8bVzKc/LWAStfyIUO8eOxBc
JjowAy4W3wxcf5hpktMlSkPCNHhFCovsZMrTVSNb5YPJa6+WR5YaH+ry/reaJAks
lqrLUnSPlOzWoCFdl1yMrmVS1LRmeE7dt4I+XPLrxUvpe6wS1qvTenEQyUdHESPl
sbFoYbEn+/Jcj/h7QgvnVZdUw1b6NlP7vm57erDtvbuUL8SseIqv88V/i1STD7Pg
YRNlBnA0rzgbHGFNfJsLHCP/hRqB8IsM0he/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUL1/aIdRiF8CphjHeIndgzfApE+UwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0wxX2FJZFJpRjhDcGhq
SGVJbmRnemZBcEUtVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHICChx2y16uOAfdOZoqai2iziMOenDC+KS/
MyA8F6r+aHC/8ImVLhs+r7ASZohF6ZWnA3AWrZjV6cwtUwBjT0il02sIPn3ig+9P
TFPjI7ULqvNKRkpSfJPnWWcrlZjkG7+BARbjpw6fay2Guz14q0iYZJrTM2SSzsZp
tJJZK2U6mOwrBNzEvp2jxd41bQ3R1J5hdrKOSsgdkj+TNvMK6VUZOCnziRH/AW+s
zNEXZJdFauLhlNLgRDkq1/xLzhT8eXeAac3lRZ9oDdgUvPTTrLY62fgghk472Dax
SSDg8JWYWUtXZby69+ubjktaK1vARzBUEbmCOjfXPQ8gTNwRah0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:26:05 2025 by rpki-client