Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TjuqtnwDRhKU7_8Im7YtReF7qpE.roa
File: TjuqtnwDRhKU7_8Im7YtReF7qpE.roa (raw, json)
Hash identifier: 144GODG+u9yhkBNAXgeSnrie1rBfXwrPgbYQ32o2Ieg=
Subject key identifier: 4E:3B:AA:B6:7C:03:46:12:94:EF:FF:08:9B:B6:2D:45:E1:7B:AA:91
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0BDF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TjuqtnwDRhKU7_8Im7YtReF7qpE.roa
Signing time: Sat 11 Jan 2025 15:55:03 +0000
ROA not before: Sat 11 Jan 2025 15:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3039 (0xbdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 11 15:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4E3BAAB67C03461294EFFF089BB62D45E17BAA91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5d:5b:98:b1:a9:9f:89:4a:10:e8:0d:fb:50:
14:79:11:4c:3e:f8:3e:1e:51:81:f4:03:e2:c3:21:
f8:2a:1c:e1:60:33:a2:32:fa:89:8c:40:f1:82:fb:
87:8b:cc:c7:6a:56:87:55:5f:32:f7:ff:c6:71:03:
66:09:8e:94:ef:33:60:c2:f4:84:68:4a:98:2f:e8:
e5:ce:17:32:94:57:9a:26:47:d9:86:d0:a2:db:0a:
15:2f:e4:14:27:93:ff:60:a5:2d:25:5f:66:62:1f:
d0:2c:c3:5e:ae:c5:f7:33:15:66:01:b3:38:e5:1a:
f2:a1:8e:47:bd:e9:5a:13:4a:fe:ee:31:24:d2:cd:
d1:c6:38:a7:f3:20:4b:cd:03:3e:ff:31:3a:60:60:
86:f1:76:4e:50:c1:e2:46:ea:50:11:b3:a8:9e:6f:
3f:c6:a5:8a:fe:44:67:19:74:01:2a:8f:19:d1:e0:
4f:8a:00:61:ef:19:c7:81:72:a9:77:42:f2:aa:40:
f2:35:55:a3:dd:e8:c3:a8:b5:2d:66:e6:ed:16:ab:
28:23:1f:a1:ae:65:ff:f9:67:d4:77:57:5b:10:46:
02:3d:da:af:95:66:d8:fd:f5:31:fd:94:1c:4a:e6:
ad:93:37:52:38:81:99:d4:0f:cd:e1:6a:e4:eb:21:
a5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3B:AA:B6:7C:03:46:12:94:EF:FF:08:9B:B6:2D:45:E1:7B:AA:91
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TjuqtnwDRhKU7_8Im7YtReF7qpE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
56:1a:65:0f:89:c6:21:93:7b:ac:04:f7:86:d7:c3:5f:39:fd:
4a:82:14:bd:67:b4:f5:31:db:64:72:37:3f:4b:af:26:07:fb:
79:af:0a:21:b3:b8:51:1e:7f:d0:91:bb:4c:18:61:a0:7d:cb:
6c:04:1f:f2:a9:94:60:09:c5:e0:1f:66:56:79:03:a9:cd:59:
01:3b:a9:f2:f6:49:b1:06:85:9a:2f:42:1a:ca:dc:a7:08:00:
4e:28:12:7b:0b:85:77:72:42:d9:d0:e4:09:23:74:e5:25:06:
36:32:33:1d:af:87:03:2b:83:2f:de:23:d0:f8:5a:c4:ab:b3:
a9:23:bb:ce:2d:c7:87:77:96:5c:1b:a0:1e:a5:57:3a:63:44:
a9:05:ee:7a:59:48:15:2a:37:ea:f6:1a:99:b7:67:b9:cf:f7:
e7:2b:d0:f1:06:b5:8b:9b:2b:02:96:8b:c9:dd:02:2f:87:58:
1f:09:dd:52:e6:30:40:40:24:8a:23:95:4c:f5:5e:bc:46:88:
08:bf:e7:91:f3:5b:05:e1:86:86:c0:68:1a:45:39:70:fd:55:
21:48:2c:49:26:d5:ca:4e:54:82:2c:00:d3:d4:74:5a:82:2c:
7d:ed:0d:ed:de:96:85:ef:4b:c7:1a:04:ec:38:32:ee:ae:c1:
9b:61:97:0d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMTEx
NTU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRFM0JBQUI2N0MwMzQ2
MTI5NEVGRkYwODlCQjYyRDQ1RTE3QkFBOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7XVuYsamfiUoQ6A37UBR5EUw++D4eUYH0A+LDIfgqHOFgM6Iy
+omMQPGC+4eLzMdqVodVXzL3/8ZxA2YJjpTvM2DC9IRoSpgv6OXOFzKUV5omR9mG
0KLbChUv5BQnk/9gpS0lX2ZiH9Asw16uxfczFWYBszjlGvKhjke96VoTSv7uMSTS
zdHGOKfzIEvNAz7/MTpgYIbxdk5QweJG6lARs6iebz/GpYr+RGcZdAEqjxnR4E+K
AGHvGceBcql3QvKqQPI1VaPd6MOotS1m5u0WqygjH6GuZf/5Z9R3V1sQRgI92q+V
Ztj99TH9lBxK5q2TN1I4gZnUD83hauTrIaWrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTjuqtnwDRhKU7/8Im7YtReF7qpEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RqdXF0bndEUmhLVTdf
OEltN1l0UmVGN3FwRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFYaZQ+JxiGTe6wE94bXw185/UqCFL1ntPUx
22RyNz9LryYH+3mvCiGzuFEef9CRu0wYYaB9y2wEH/KplGAJxeAfZlZ5A6nNWQE7
qfL2SbEGhZovQhrK3KcIAE4oEnsLhXdyQtnQ5AkjdOUlBjYyMx2vhwMrgy/eI9D4
WsSrs6kju84tx4d3llwboB6lVzpjRKkF7npZSBUqN+r2Gpm3Z7nP9+cr0PEGtYub
KwKWi8ndAi+HWB8J3VLmMEBAJIojlUz1XrxGiAi/55HzWwXhhobAaBpFOXD9VSFI
LEkm1cpOVIIsANPUdFqCLH3tDe3eloXvS8caBOw4Mu6uwZthlw0=
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:22:43 2025 by rpki-client