Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/WKrLrxaGpAbrjLXkABbBpXSk9mk.roa
File: WKrLrxaGpAbrjLXkABbBpXSk9mk.roa (raw, json)
Hash identifier: hmoDcPBhLTk7N38VnhZQBVfcnlY8pidtS3W6psobtN4=
Subject key identifier: 58:AA:CB:AF:16:86:A4:06:EB:8C:B5:E4:00:16:C1:A5:74:A4:F6:69
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0CAE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WKrLrxaGpAbrjLXkABbBpXSk9mk.roa
Signing time: Mon 03 Feb 2025 15:55:03 +0000
ROA not before: Mon 03 Feb 2025 15:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3246 (0xcae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 3 15:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58AACBAF1686A406EB8CB5E40016C1A574A4F669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b6:14:88:d5:13:9c:56:1a:3a:55:78:ac:e1:
f8:ed:aa:1d:a5:7e:98:c9:97:1b:e2:fe:72:fc:07:
99:d8:8c:3c:f4:99:8d:e0:64:ab:62:e4:b4:49:10:
fb:c2:c0:b0:9c:60:15:97:18:a6:b0:25:55:15:d7:
4b:fa:8d:59:97:f0:59:f1:32:3d:2f:28:4e:8f:80:
43:38:a3:8f:3b:13:93:11:c9:c3:93:c7:73:07:db:
8f:d8:23:aa:76:50:22:b3:0c:af:54:04:be:d7:3d:
2a:2b:70:61:8a:22:af:f3:7f:de:61:10:32:c4:d7:
79:72:f9:b4:91:15:69:b1:16:bd:71:22:f4:44:03:
23:45:bd:c2:e0:64:d4:73:ea:bc:b3:71:56:e2:32:
a1:4a:6e:0c:30:47:9c:b8:3f:21:ef:43:f8:3c:f1:
8f:d3:b0:c8:2e:e7:4d:77:b7:68:98:8b:80:e3:5e:
f6:cb:5a:a8:2a:e0:e7:1a:bc:9f:9f:fe:9b:73:2b:
cb:c5:fe:1f:8d:d0:f2:94:e3:75:76:ba:c9:83:b0:
df:c8:8c:e5:46:69:b3:e8:23:28:00:ab:d3:2b:ac:
8d:e7:a3:c4:fe:e4:5c:cd:58:57:5b:3c:84:af:50:
4e:52:5a:b7:f5:99:20:21:ba:2c:05:3b:34:df:7f:
94:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AA:CB:AF:16:86:A4:06:EB:8C:B5:E4:00:16:C1:A5:74:A4:F6:69
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WKrLrxaGpAbrjLXkABbBpXSk9mk.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:63:c1:10:6a:10:ac:c9:ad:22:e4:17:be:8c:31:d6:e1:52:
3b:c5:25:db:8b:8c:52:dc:de:d2:d6:eb:5a:9a:f9:cc:94:01:
1d:26:11:e6:cf:df:86:ef:7d:28:71:7e:ab:d9:29:e2:1c:6d:
a1:45:a8:d7:69:9a:f8:f8:10:30:77:28:0d:46:2f:5b:7a:f4:
74:49:c2:f1:1b:00:25:ec:d4:97:99:ac:18:d7:06:2d:8d:a4:
7f:2e:42:06:18:74:5e:fc:a4:4a:6f:c8:75:db:df:9c:26:cb:
15:4f:2e:cc:4e:b2:32:4b:90:f2:16:10:9a:7e:e8:bf:b4:2f:
1c:0c:88:64:d8:3f:f1:05:8f:c5:b7:19:4e:9d:ac:6f:ac:aa:
b7:b3:b3:ce:b3:33:c3:77:4c:2e:e3:45:5c:33:0f:0c:9a:86:
ae:e4:81:e1:87:6b:b2:5e:4c:2a:e7:9e:1f:81:44:70:64:6e:
ed:06:9b:84:cc:06:85:35:9d:d9:c4:6b:75:19:ae:5e:87:64:
95:71:38:af:46:38:b0:ed:8e:ba:66:b7:79:6a:e7:94:cf:7d:
a9:0f:9b:df:9a:ce:89:66:2f:e1:cc:16:5e:57:ec:f0:12:67:
8e:90:cc:fb:ac:76:c5:8e:6b:14:e0:d4:5e:f4:d5:cc:77:25:
b1:33:01:a0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAyMDMx
NTU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU4QUFDQkFGMTY4NkE0
MDZFQjhDQjVFNDAwMTZDMUE1NzRBNEY2NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGthSI1ROcVho6VXis4fjtqh2lfpjJlxvi/nL8B5nYjDz0mY3g
ZKti5LRJEPvCwLCcYBWXGKawJVUV10v6jVmX8FnxMj0vKE6PgEM4o487E5MRycOT
x3MH24/YI6p2UCKzDK9UBL7XPSorcGGKIq/zf95hEDLE13ly+bSRFWmxFr1xIvRE
AyNFvcLgZNRz6ryzcVbiMqFKbgwwR5y4PyHvQ/g88Y/TsMgu5013t2iYi4DjXvbL
Wqgq4OcavJ+f/ptzK8vF/h+N0PKU43V2usmDsN/IjOVGabPoIygAq9MrrI3no8T+
5FzNWFdbPISvUE5SWrf1mSAhuiwFOzTff5TRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUWKrLrxaGpAbrjLXkABbBpXSk9mkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1dLckxyeGFHcEFicmpM
WGtBQmJCcFhTazltay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEpjwRBqEKzJrSLkF76MMdbhUjvFJduLjFLc
3tLW61qa+cyUAR0mEebP34bvfShxfqvZKeIcbaFFqNdpmvj4EDB3KA1GL1t69HRJ
wvEbACXs1JeZrBjXBi2NpH8uQgYYdF78pEpvyHXb35wmyxVPLsxOsjJLkPIWEJp+
6L+0LxwMiGTYP/EFj8W3GU6drG+sqrezs86zM8N3TC7jRVwzDwyahq7kgeGHa7Je
TCrnnh+BRHBkbu0Gm4TMBoU1ndnEa3UZrl6HZJVxOK9GOLDtjrpmt3lq55TPfakP
m9+azolmL+HMFl5X7PASZ46QzPusdsWOaxTg1F701cx3JbEzAaA=
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:21:20 2025 by rpki-client