Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/NR4OItEv__B3UrdAlDXj6wkSrpE.roa
File: NR4OItEv__B3UrdAlDXj6wkSrpE.roa (raw, json)
Hash identifier: 5OhD+PudQ0dDB6eo3yWz6vXP55R29kr45lW12OY2B+U=
Subject key identifier: 35:1E:0E:22:D1:2F:FF:F0:77:52:B7:40:94:35:E3:EB:09:12:AE:91
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B3F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NR4OItEv__B3UrdAlDXj6wkSrpE.roa
Signing time: Tue 24 Dec 2024 23:55:03 +0000
ROA not before: Tue 24 Dec 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2879 (0xb3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 24 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=351E0E22D12FFFF07752B7409435E3EB0912AE91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:68:90:a5:72:56:7d:b0:c8:73:49:ac:75:8e:
36:d8:cb:eb:55:09:32:29:38:c4:a0:41:f1:1b:2f:
75:92:93:af:f8:e9:d4:64:39:2b:26:36:13:e1:cb:
5c:9c:4d:c8:f2:9c:15:0f:a6:0c:3c:2a:80:96:91:
28:f4:52:24:6a:4c:77:96:bb:c0:43:9d:00:f4:c2:
d0:35:0a:d6:f7:aa:c2:e8:1c:9b:9b:65:c3:ed:1c:
81:88:e8:54:28:0d:8c:1a:4f:04:c4:53:9d:1d:3d:
77:15:b4:6c:97:aa:87:56:b3:e9:fe:a2:bf:24:1a:
69:aa:b8:a7:fa:9e:25:af:90:a0:d0:11:50:fe:18:
e0:03:eb:ef:ab:c5:09:0d:d3:3a:ba:ff:e5:cd:14:
43:40:43:09:6c:7e:87:39:9a:eb:3c:69:14:9c:67:
1b:07:6b:49:7a:12:1c:d6:83:00:cf:a7:8b:37:af:
4d:54:a8:b8:05:7b:f1:f6:50:89:dd:f4:08:85:e1:
9f:b8:55:d8:9c:fb:b1:4b:da:ce:46:b4:62:fe:b1:
1e:ac:ca:47:c2:72:1a:57:15:78:8e:69:cc:c0:76:
37:9c:d5:9a:4e:fc:89:d8:24:25:ce:9d:4e:19:91:
11:9a:e0:71:95:bc:ac:1e:24:54:69:36:e2:dd:82:
87:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1E:0E:22:D1:2F:FF:F0:77:52:B7:40:94:35:E3:EB:09:12:AE:91
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NR4OItEv__B3UrdAlDXj6wkSrpE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:06:77:f4:bf:59:2b:9b:1c:84:7d:1c:80:cc:8a:75:18:14:
29:44:22:39:63:47:0f:c8:18:78:33:1a:85:f4:eb:05:b8:b1:
7c:e2:6e:8f:67:4b:e1:a3:7a:42:60:3f:a8:8d:47:cb:89:c9:
71:4f:ef:fb:e2:02:07:59:f5:9e:c0:6e:65:c5:cc:6c:59:f6:
b4:73:2c:a5:26:c3:dc:8f:e4:e6:72:00:2b:ed:f2:6f:a8:28:
9c:64:8a:81:8d:20:4b:9a:99:1d:b7:e0:a1:38:54:97:93:15:
e1:bb:30:f6:89:33:2b:11:9a:a0:73:08:0f:0b:69:a9:4c:0f:
3e:d8:0a:02:c1:bd:3e:f8:4c:c3:c6:40:48:f0:11:3b:f2:74:
ff:35:a1:3f:9f:b5:30:e5:69:75:57:86:f0:a7:4a:d5:e4:07:
a6:a5:2f:cd:c5:18:ba:85:8b:50:56:4d:3b:21:be:8d:f8:ce:
08:a5:9d:09:f0:2e:19:c5:3f:f3:58:b9:90:5e:60:f7:ad:d8:
8d:e8:ad:7d:c3:ce:31:88:06:c2:50:73:66:42:8f:b3:82:fe:
bc:a1:03:25:af:63:e0:41:67:12:05:ac:f2:cd:14:f2:4e:5b:
1f:1d:77:3d:0c:3c:9c:95:2e:11:da:c3:cf:5f:21:17:47:02:
e7:02:8d:a5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjQy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM1MUUwRTIyRDEyRkZG
RjA3NzUyQjc0MDk0MzVFM0VCMDkxMkFFOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMaJClclZ9sMhzSax1jjbYy+tVCTIpOMSgQfEbL3WSk6/46dRk
OSsmNhPhy1ycTcjynBUPpgw8KoCWkSj0UiRqTHeWu8BDnQD0wtA1Ctb3qsLoHJub
ZcPtHIGI6FQoDYwaTwTEU50dPXcVtGyXqodWs+n+or8kGmmquKf6niWvkKDQEVD+
GOAD6++rxQkN0zq6/+XNFENAQwlsfoc5mus8aRScZxsHa0l6EhzWgwDPp4s3r01U
qLgFe/H2UInd9AiF4Z+4Vdic+7FL2s5GtGL+sR6sykfCchpXFXiOaczAdjec1ZpO
/InYJCXOnU4ZkRGa4HGVvKweJFRpNuLdgodBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUNR4OItEv//B3UrdAlDXj6wkSrpEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL05SNE9JdEV2X19CM1Vy
ZEFsRFhqNndrU3JwRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD4Gd/S/WSubHIR9HIDMinUYFClEIjljRw/I
GHgzGoX06wW4sXzibo9nS+GjekJgP6iNR8uJyXFP7/viAgdZ9Z7AbmXFzGxZ9rRz
LKUmw9yP5OZyACvt8m+oKJxkioGNIEuamR234KE4VJeTFeG7MPaJMysRmqBzCA8L
aalMDz7YCgLBvT74TMPGQEjwETvydP81oT+ftTDlaXVXhvCnStXkB6alL83FGLqF
i1BWTTshvo34zgilnQnwLhnFP/NYuZBeYPet2I3orX3DzjGIBsJQc2ZCj7OC/ryh
AyWvY+BBZxIFrPLNFPJOWx8ddz0MPJyVLhHaw89fIRdHAucCjaU=
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:53:07 2025 by rpki-client