Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa
File: SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa (raw, json)
Hash identifier: /sCCcy1nhvkiBxyP4mBlFFDPNMkT/A+F6xJd+P2cPX0=
Subject key identifier: 48:76:33:E9:D8:07:82:35:23:1D:9A:47:16:4D:DB:2E:50:D2:E4:E5
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A46
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa
Signing time: Wed 27 Nov 2024 07:55:02 +0000
ROA not before: Wed 27 Nov 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2630 (0xa46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 27 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=487633E9D8078235231D9A47164DDB2E50D2E4E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a8:23:55:e9:83:51:5e:b4:6a:37:2c:c0:fd:
d8:0d:ed:89:42:67:02:69:bd:ec:c2:28:f3:39:2d:
51:52:8b:32:7d:50:b6:c3:9e:24:2e:91:c2:75:38:
d8:a1:e0:a0:f2:1b:fe:03:71:65:64:ee:54:70:26:
36:47:4b:08:c8:03:36:91:0c:62:54:28:13:f8:b9:
f7:77:9a:24:37:c9:eb:68:ba:77:af:04:2e:c9:48:
d9:64:44:de:4c:d7:a2:89:59:71:72:91:03:c9:25:
4c:cb:b9:d2:ec:14:70:38:24:09:13:9b:ff:c8:fc:
ed:d6:25:c5:57:2e:f6:29:17:bf:de:30:f1:2f:a2:
12:a4:4e:7c:78:5c:a8:c7:e2:b5:b1:d9:41:2f:6b:
01:ea:ff:41:06:b8:3a:47:e2:b2:27:f2:4a:17:18:
44:71:5f:2e:c8:d4:6f:ad:a9:dd:28:75:5f:ee:32:
67:b4:32:f7:37:d4:ff:41:92:db:8e:79:89:ff:f9:
72:cd:59:2f:dd:f0:d2:4b:86:8a:7b:e3:f3:fa:6b:
77:9f:4a:50:b3:b2:df:ef:1c:1f:f1:a0:17:f3:f9:
8b:f3:fb:a8:00:58:13:51:2a:b3:a6:13:8a:9f:01:
33:b3:66:70:2f:15:19:8b:86:ba:da:47:12:53:bc:
58:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:76:33:E9:D8:07:82:35:23:1D:9A:47:16:4D:DB:2E:50:D2:E4:E5
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
43:51:0c:ea:25:bc:0d:64:60:f1:6a:ba:32:9f:67:2b:71:94:
40:de:e8:3e:c5:d4:4c:ab:f7:81:43:e6:81:98:71:7a:9d:19:
e2:c2:88:b3:54:79:de:af:12:c1:09:a1:69:97:d3:ba:b2:c7:
c9:51:18:1c:d8:50:9f:5f:25:3f:27:e9:65:85:9c:24:78:10:
14:ba:5f:c8:fc:78:c9:05:90:21:99:fd:32:49:5f:04:51:95:
51:7c:c1:55:62:99:eb:fd:41:a7:e5:1f:d7:7f:25:a3:9d:42:
88:9c:78:0d:52:e1:f0:dd:50:06:13:b0:48:f5:ce:62:db:b3:
c3:14:56:74:da:53:5f:18:6b:2c:bd:8b:43:f8:9a:8f:ed:ad:
f7:74:fc:7a:99:d6:e3:0a:32:0f:dc:7b:56:40:a4:2e:33:1b:
e9:5e:68:42:c7:ab:d1:09:01:e1:29:52:15:17:96:c0:cd:cf:
b2:3a:2f:dc:13:11:5c:01:1d:c5:c4:b5:a9:e3:d8:6b:83:de:
e9:e4:85:d1:b9:20:6c:c4:9d:75:a0:93:56:6e:a7:b2:cb:b5:
f8:41:98:53:41:45:e0:af:31:fa:8b:c7:e1:0b:f7:72:2f:1d:
85:47:8f:ee:eb:35:8e:d9:fd:0f:85:32:36:d1:bc:48:60:22:
00:69:44:09
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjcw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ4NzYzM0U5RDgwNzgy
MzUyMzFEOUE0NzE2NEREQjJFNTBEMkU0RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPqCNV6YNRXrRqNyzA/dgN7YlCZwJpvezCKPM5LVFSizJ9ULbD
niQukcJ1ONih4KDyG/4DcWVk7lRwJjZHSwjIAzaRDGJUKBP4ufd3miQ3yetounev
BC7JSNlkRN5M16KJWXFykQPJJUzLudLsFHA4JAkTm//I/O3WJcVXLvYpF7/eMPEv
ohKkTnx4XKjH4rWx2UEvawHq/0EGuDpH4rIn8koXGERxXy7I1G+tqd0odV/uMme0
Mvc31P9BktuOeYn/+XLNWS/d8NJLhop74/P6a3efSlCzst/vHB/xoBfz+Yvz+6gA
WBNRKrOmE4qfATOzZnAvFRmLhrraRxJTvFh/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUSHYz6dgHgjUjHZpHFk3bLlDS5OUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1NIWXo2ZGdIZ2pVakha
cEhGazNiTGxEUzVPVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAENRDOolvA1kYPFqujKfZytxlEDe6D7F1Eyr
94FD5oGYcXqdGeLCiLNUed6vEsEJoWmX07qyx8lRGBzYUJ9fJT8n6WWFnCR4EBS6
X8j8eMkFkCGZ/TJJXwRRlVF8wVVimev9QaflH9d/JaOdQoiceA1S4fDdUAYTsEj1
zmLbs8MUVnTaU18Yayy9i0P4mo/trfd0/HqZ1uMKMg/ce1ZApC4zG+leaELHq9EJ
AeEpUhUXlsDNz7I6L9wTEVwBHcXEtanj2GuD3unkhdG5IGzEnXWgk1Zup7LLtfhB
mFNBReCvMfqLx+EL93IvHYVHj+7rNY7Z/Q+FMjbRvEhgIgBpRAk=
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:39:49 2025 by rpki-client