Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa
File: TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa (raw, json)
Hash identifier: oIS5ekXyPtQ86gJyX80mE0hVRLikxSHAnoelM/TFT4E=
Subject key identifier: 4D:F4:55:5B:13:F9:5D:0B:C4:5A:0B:1D:AD:23:FA:12:8C:C4:E6:34
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A97
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa
Signing time: Fri 06 Dec 2024 07:55:03 +0000
ROA not before: Fri 06 Dec 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2711 (0xa97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 6 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4DF4555B13F95D0BC45A0B1DAD23FA128CC4E634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:99:f5:4f:59:76:d9:27:1c:13:cb:70:e4:
44:cc:e6:ae:27:3c:58:b3:f2:40:28:f5:36:e5:85:
79:55:14:29:8d:e5:fc:7a:7b:f0:42:1b:04:e1:ef:
9d:f1:d9:db:7e:ad:07:56:2f:20:d8:77:c8:2b:26:
a5:3f:1e:17:37:43:65:a0:00:b7:3b:9b:1c:72:e8:
e0:ff:63:0f:2d:9b:a5:e9:b0:5c:eb:96:cd:b4:7f:
57:06:6a:8f:d2:9e:8e:d0:d5:ee:c0:32:03:9d:97:
a3:73:b6:88:94:97:e2:27:18:37:8c:7b:40:78:e7:
c7:a5:9b:e6:ad:da:b1:7f:86:18:37:15:81:4c:04:
c3:36:c7:a6:70:6e:2b:57:34:4e:9a:b2:d7:0d:60:
59:65:88:36:03:d0:a0:eb:ed:6c:85:26:77:38:3b:
ee:d0:f7:1f:32:80:04:8c:04:3b:b2:5b:65:f5:43:
98:c2:a9:63:46:88:29:7e:a8:6f:96:3e:68:c7:7c:
5b:ad:53:f7:eb:fd:0d:32:2d:11:63:57:c8:a8:73:
d3:22:27:32:a8:58:ed:03:47:55:93:76:aa:a8:d5:
04:cd:b5:29:69:df:cd:00:8f:c6:0e:d0:a2:34:ea:
a8:88:ee:09:70:43:13:3f:ae:fd:c6:6e:66:8b:43:
11:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F4:55:5B:13:F9:5D:0B:C4:5A:0B:1D:AD:23:FA:12:8C:C4:E6:34
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:69:25:d8:03:c3:ea:09:8d:b9:66:eb:57:cc:e8:01:5f:6d:
a2:0e:0a:0f:68:a7:6c:22:6a:51:56:f1:66:b1:8c:93:da:2c:
99:de:87:3f:eb:71:d9:1b:ab:81:f1:d4:d0:be:42:72:ed:38:
fb:e6:f6:5c:7b:57:0a:e6:28:0f:7b:e3:30:bd:6e:f5:4e:36:
d7:2e:ca:20:e2:d1:39:a8:25:6b:b0:86:a1:f0:25:6b:4f:01:
d1:04:d5:c6:2a:22:24:66:fe:e7:d3:5c:1c:fe:ab:61:74:89:
0b:dc:25:4b:3c:ce:80:24:3e:43:68:a8:75:be:54:a7:0a:34:
5b:4b:9e:2e:5e:b4:9c:fa:0a:66:6d:2d:5a:1c:d8:c0:3b:d0:
ff:1b:0b:7e:56:79:4d:69:f0:ca:cc:35:96:c2:b3:e9:2e:be:
2e:d9:29:01:53:2b:61:b8:25:6a:99:a4:3d:5e:10:64:4c:20:
48:ff:13:88:3e:fa:68:5b:fb:91:84:cb:9b:cf:1d:69:ee:2a:
e6:7e:9a:d0:cb:ad:55:90:a0:78:48:7f:c4:63:a7:34:5a:6b:
13:8b:01:32:43:02:89:ce:e4:e8:73:2b:95:2c:e2:65:25:59:
9b:6d:2b:8b:ae:5d:19:96:09:b7:86:51:bd:ac:e8:8c:81:17:
9c:fb:85:e6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDYw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRERjQ1NTVCMTNGOTVE
MEJDNDVBMEIxREFEMjNGQTEyOENDNEU2MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Apn1T1l22SccE8tw5ETM5q4nPFiz8kAo9TblhXlVFCmN5fx6
e/BCGwTh753x2dt+rQdWLyDYd8grJqU/Hhc3Q2WgALc7mxxy6OD/Yw8tm6XpsFzr
ls20f1cGao/Sno7Q1e7AMgOdl6NztoiUl+InGDeMe0B458elm+at2rF/hhg3FYFM
BMM2x6ZwbitXNE6astcNYFlliDYD0KDr7WyFJnc4O+7Q9x8ygASMBDuyW2X1Q5jC
qWNGiCl+qG+WPmjHfFutU/fr/Q0yLRFjV8ioc9MiJzKoWO0DR1WTdqqo1QTNtSlp
380Aj8YO0KI06qiI7glwQxM/rv3GbmaLQxH7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTfRVWxP5XQvEWgsdrSP6EozE5jQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RmUlZXeFA1WFF2RVdn
c2RyU1A2RW96RTVqUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAF9pJdgDw+oJjblm61fM6AFfbaIOCg9op2wi
alFW8WaxjJPaLJnehz/rcdkbq4Hx1NC+QnLtOPvm9lx7VwrmKA974zC9bvVONtcu
yiDi0TmoJWuwhqHwJWtPAdEE1cYqIiRm/ufTXBz+q2F0iQvcJUs8zoAkPkNoqHW+
VKcKNFtLni5etJz6CmZtLVoc2MA70P8bC35WeU1p8MrMNZbCs+kuvi7ZKQFTK2G4
JWqZpD1eEGRMIEj/E4g++mhb+5GEy5vPHWnuKuZ+mtDLrVWQoHhIf8RjpzRaaxOL
ATJDAonO5OhzK5Us4mUlWZttK4uuXRmWCbeGUb2s6IyBF5z7heY=
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:57:52 2025 by rpki-client