Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TNP7xhBTixrgU4VKhEC8mkhRR8I.roa
File: TNP7xhBTixrgU4VKhEC8mkhRR8I.roa (raw, json)
Hash identifier: FdnfX5o0/F4PG+aNzQI7iwH2DlBoLNXvm1MjSfymxjY=
Subject key identifier: 4C:D3:FB:C6:10:53:8B:1A:E0:53:85:4A:84:40:BC:9A:48:51:47:C2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B91
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TNP7xhBTixrgU4VKhEC8mkhRR8I.roa
Signing time: Thu 02 Jan 2025 23:55:03 +0000
ROA not before: Thu 02 Jan 2025 23:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2961 (0xb91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 2 23:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4CD3FBC610538B1AE053854A8440BC9A485147C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:27:d2:79:a3:13:65:2d:44:39:2c:97:32:
d6:7d:1a:31:20:58:fe:65:88:6b:46:ff:19:3e:af:
e5:3a:d9:ec:eb:94:50:e3:2e:30:ee:9f:fa:c2:4a:
b7:44:59:d2:18:e9:bc:bb:99:92:1c:3b:bb:6b:c0:
be:a9:b8:87:ff:69:aa:19:31:9c:22:55:bf:e1:96:
44:77:4b:1e:43:40:84:08:eb:b2:79:00:45:cb:10:
fe:b4:d7:db:25:bf:28:30:9a:4a:03:47:29:24:50:
10:0e:47:f7:d7:9e:87:f0:a3:7c:c3:34:18:50:83:
87:f7:af:61:69:eb:37:26:0c:a6:f2:9f:b3:6c:10:
8f:13:76:4b:0b:3f:3b:57:a3:c2:2e:b8:65:b3:7f:
d0:f0:a8:e5:c7:10:3c:81:20:51:8b:03:6f:7f:5d:
90:a5:ac:9b:91:f5:cb:92:dc:bc:a1:c3:e1:73:59:
bb:3b:76:65:c2:d5:17:3a:80:07:25:0d:28:6a:60:
45:22:ee:4a:0b:51:91:54:0e:99:73:bc:27:cf:a7:
19:03:77:3e:06:06:08:ae:b9:46:45:19:07:1f:91:
2b:d3:75:6a:7a:03:99:e9:51:43:27:f9:82:8e:2c:
3e:e3:33:2e:62:20:d3:f6:b9:6e:a4:91:c0:dd:47:
4c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D3:FB:C6:10:53:8B:1A:E0:53:85:4A:84:40:BC:9A:48:51:47:C2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TNP7xhBTixrgU4VKhEC8mkhRR8I.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:ec:58:4a:af:74:c3:74:7d:a1:d0:44:e0:27:c4:87:03:01:
4f:4e:4b:ff:76:66:18:30:a2:f1:58:06:ce:90:e6:61:3a:c6:
68:b0:48:f7:64:64:58:a9:d0:88:20:d9:91:a7:bf:d8:a9:b3:
15:2e:80:67:0f:c6:0c:b4:a3:46:88:17:1d:6b:5c:4c:de:3a:
08:a8:17:ab:02:2f:5e:cf:66:82:a8:dc:93:b8:1f:7d:db:c3:
d7:cf:fb:79:55:ca:9a:00:db:89:ac:6e:eb:e5:20:cb:b1:26:
61:5d:3c:20:e2:1e:0a:71:c6:eb:8a:bd:7e:cc:53:18:0b:56:
35:98:d1:d5:bf:4a:74:a0:d2:db:34:d7:2b:9c:d4:53:61:70:
f1:20:98:9e:be:1e:df:cc:2e:9d:67:6b:63:1c:ce:1d:4e:ca:
e9:18:42:aa:f7:cf:81:d3:d6:40:95:a5:e7:99:d5:9c:32:03:
e8:d6:74:a9:73:72:9c:a9:4c:e3:c2:53:68:d3:2d:99:51:e0:
b7:d8:9d:a8:60:c0:a7:dd:08:7b:d4:71:de:58:73:dd:79:12:
fd:9a:65:a2:8f:1f:49:73:cc:1c:d8:5b:1e:e6:10:ad:a6:fd:
5e:4e:96:fc:ce:d8:b3:30:0b:38:f4:7b:91:f9:21:75:f7:b1:
16:0f:93:36
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDIy
MzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRDRDNGQkM2MTA1MzhC
MUFFMDUzODU0QTg0NDBCQzlBNDg1MTQ3QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+UCfSeaMTZS1EOSyXMtZ9GjEgWP5liGtG/xk+r+U62ezrlFDj
LjDun/rCSrdEWdIY6by7mZIcO7trwL6puIf/aaoZMZwiVb/hlkR3Sx5DQIQI67J5
AEXLEP6019slvygwmkoDRykkUBAOR/fXnofwo3zDNBhQg4f3r2Fp6zcmDKbyn7Ns
EI8TdksLPztXo8IuuGWzf9DwqOXHEDyBIFGLA29/XZClrJuR9cuS3Lyhw+FzWbs7
dmXC1Rc6gAclDShqYEUi7koLUZFUDplzvCfPpxkDdz4GBgiuuUZFGQcfkSvTdWp6
A5npUUMn+YKOLD7jMy5iINP2uW6kkcDdR0xnAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTNP7xhBTixrgU4VKhEC8mkhRR8IwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1ROUDd4aEJUaXhyZ1U0
VktoRUM4bWtoUlI4SS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALjsWEqvdMN0faHQROAnxIcDAU9OS/92Zhgw
ovFYBs6Q5mE6xmiwSPdkZFip0Igg2ZGnv9ipsxUugGcPxgy0o0aIFx1rXEzeOgio
F6sCL17PZoKo3JO4H33bw9fP+3lVypoA24msbuvlIMuxJmFdPCDiHgpxxuuKvX7M
UxgLVjWY0dW/SnSg0ts01yuc1FNhcPEgmJ6+Ht/MLp1na2Mczh1OyukYQqr3z4HT
1kCVpeeZ1ZwyA+jWdKlzcpypTOPCU2jTLZlR4LfYnahgwKfdCHvUcd5Yc915Ev2a
ZaKPH0lzzBzYWx7mEK2m/V5OlvzO2LMwCzj0e5H5IXX3sRYPkzY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:19:43 2025 by rpki-client