Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa
File: Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa (raw, json)
Hash identifier: KMjDmI/sHICVrre7CV8eFnKrCvTznVqdHwdkBSDivR8=
Subject key identifier: 4E:37:F0:D1:57:E8:88:E7:83:35:68:DA:15:DF:C2:BC:F3:14:0C:88
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0CB4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa
Signing time: Tue 04 Feb 2025 07:55:02 +0000
ROA not before: Tue 04 Feb 2025 07:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3252 (0xcb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 4 07:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4E37F0D157E888E7833568DA15DFC2BCF3140C88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:14:32:7a:fd:24:76:d6:67:b1:96:c8:63:28:
4b:87:8a:10:a7:60:a1:36:c3:51:2d:9c:f7:a2:21:
07:36:3e:4b:be:6f:bc:20:5d:91:4d:01:b2:12:dd:
5c:94:6e:d7:30:dd:7d:0e:25:bd:02:ae:54:04:a7:
f8:41:a5:ae:03:74:c1:bf:4b:80:8d:fe:ea:c1:0f:
ee:c1:a5:b5:22:03:f5:36:82:2d:31:5f:1e:34:ef:
5b:73:a8:a2:66:43:cd:22:0a:1c:53:6d:10:3e:e6:
5f:ef:ac:59:52:82:17:21:36:6e:61:37:46:8a:17:
71:a3:a8:ea:fb:09:4b:7d:57:56:cd:05:1f:c7:70:
29:80:e2:c9:96:01:78:bf:00:bd:90:e0:1a:5f:81:
51:96:16:f6:a4:8e:4d:80:2d:cc:cf:5a:d8:85:b6:
fd:8d:90:f6:f2:e4:f2:18:b5:4d:12:f9:b1:fe:6b:
ba:8a:5d:bb:fe:b3:6e:e1:3d:d6:03:9a:28:16:6e:
ed:26:79:fe:3c:1c:ea:53:8f:12:71:58:54:a9:9d:
35:00:6e:63:cf:e2:1b:9f:ff:aa:7c:94:b3:1d:d2:
5a:7a:04:86:f3:10:e2:46:dc:27:d4:87:ce:4e:e9:
a3:0d:dc:51:1b:68:e6:f1:c9:0c:2b:59:51:ce:d6:
a9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:37:F0:D1:57:E8:88:E7:83:35:68:DA:15:DF:C2:BC:F3:14:0C:88
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:a3:e1:83:0d:92:1b:a0:ad:e7:bc:cf:bf:3a:cd:68:e9:0e:
9c:61:9b:b0:4b:da:e0:1e:cd:34:6f:46:27:62:09:34:3e:00:
c8:46:4c:3b:9a:63:f0:ec:49:74:01:da:68:0b:79:07:60:f2:
4d:ee:93:1a:5b:3a:41:47:f1:2d:3c:cd:ab:ec:a2:db:5b:cb:
76:2d:b3:4d:28:04:f1:b5:bd:79:51:0a:75:24:77:37:9b:77:
8e:ca:41:bc:7e:e6:ff:75:97:07:a7:73:a5:b9:3c:22:fa:08:
ae:d7:ea:65:ea:25:82:63:52:f5:3d:17:6e:97:a3:1e:be:2e:
67:31:0f:f8:3e:95:4e:5f:e6:57:a0:03:58:31:c2:c9:fd:02:
c2:ab:77:a9:45:22:e7:2f:68:26:d6:1d:35:cb:c6:95:14:fb:
b1:69:3b:10:e1:4a:76:a0:f6:f8:93:1f:c4:ea:8d:3f:97:bb:
89:44:a4:bf:bf:90:d6:73:5e:ab:0e:cb:64:39:3f:e9:81:fe:
cc:ab:b6:3f:1b:78:66:45:d8:fb:e1:4d:cd:b4:aa:af:55:65:
df:52:9b:d0:60:06:6a:90:c0:0a:36:b4:3f:2e:e5:f8:92:d5:
09:1b:b6:52:df:9e:60:d9:dc:94:4e:56:67:1b:0e:ac:ed:31:
88:55:cd:87
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAyMDQw
NzU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRFMzdGMEQxNTdFODg4
RTc4MzM1NjhEQTE1REZDMkJDRjMxNDBDODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAFDJ6/SR21mexlshjKEuHihCnYKE2w1EtnPeiIQc2Pku+b7wg
XZFNAbIS3VyUbtcw3X0OJb0CrlQEp/hBpa4DdMG/S4CN/urBD+7BpbUiA/U2gi0x
Xx4071tzqKJmQ80iChxTbRA+5l/vrFlSghchNm5hN0aKF3GjqOr7CUt9V1bNBR/H
cCmA4smWAXi/AL2Q4BpfgVGWFvakjk2ALczPWtiFtv2NkPby5PIYtU0S+bH+a7qK
Xbv+s27hPdYDmigWbu0mef48HOpTjxJxWFSpnTUAbmPP4huf/6p8lLMd0lp6BIbz
EOJG3CfUh85O6aMN3FEbaObxyQwrWVHO1qk3AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTjfw0VfoiOeDNWjaFd/CvPMUDIgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RqZncwVmZvaU9lRE5X
amFGZF9DdlBNVURJZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANaj4YMNkhugree8z786zWjpDpxhm7BL2uAe
zTRvRidiCTQ+AMhGTDuaY/DsSXQB2mgLeQdg8k3ukxpbOkFH8S08zavsottby3Yt
s00oBPG1vXlRCnUkdzebd47KQbx+5v91lwenc6W5PCL6CK7X6mXqJYJjUvU9F26X
ox6+LmcxD/g+lU5f5legA1gxwsn9AsKrd6lFIucvaCbWHTXLxpUU+7FpOxDhSnag
9viTH8TqjT+Xu4lEpL+/kNZzXqsOy2Q5P+mB/syrtj8beGZF2PvhTc20qq9VZd9S
m9BgBmqQwAo2tD8u5fiS1QkbtlLfnmDZ3JROVmcbDqztMYhVzYc=
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:24:56 2025 by rpki-client