Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/YCpRd2xL7qPtHEQES9cdVOSjMHs.roa
File: YCpRd2xL7qPtHEQES9cdVOSjMHs.roa (raw, json)
Hash identifier: X3ajB5R+UiHtaB43BjfzKIfqqa6ewZOMiWFzw/jZ8aE=
Subject key identifier: 60:2A:51:77:6C:4B:EE:A3:ED:1C:44:04:4B:D7:1D:54:E4:A3:30:7B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A52
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/YCpRd2xL7qPtHEQES9cdVOSjMHs.roa
Signing time: Thu 28 Nov 2024 15:55:03 +0000
ROA not before: Thu 28 Nov 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2642 (0xa52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 28 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=602A51776C4BEEA3ED1C44044BD71D54E4A3307B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:19:45:87:fd:02:71:ff:6d:bb:42:a8:a0:
d1:24:2c:d1:d6:4d:74:d9:f6:e3:b0:eb:a4:44:d0:
60:05:59:a6:3f:81:54:cf:25:a0:36:8b:3b:05:17:
b1:24:92:99:6c:db:1f:e4:c4:8f:96:02:08:23:bc:
6a:64:f7:d9:84:c0:f0:5b:8d:e0:6c:d7:25:78:11:
72:38:7d:04:7d:50:a9:00:c2:db:a4:db:36:01:50:
b9:43:61:08:1f:5a:00:9a:87:e4:bc:29:52:d1:70:
71:ee:f8:34:ef:ba:22:b6:07:bf:53:95:3a:d2:91:
ac:ec:7b:06:4c:b8:82:ce:fd:f4:3d:12:c9:ac:4e:
a5:e4:95:68:59:84:36:c9:3e:9a:3f:bc:19:5b:ee:
3f:09:87:e3:d3:2f:c9:0c:92:34:9d:8c:ae:e4:13:
29:e9:75:5b:d3:04:7e:1f:83:9e:5d:4f:ba:bd:a6:
fc:39:28:08:cf:1a:18:c7:ee:01:d1:24:ce:e7:92:
79:36:12:10:04:19:bd:99:f4:93:25:42:f8:86:40:
11:5d:30:ca:30:0a:45:5c:f5:b9:64:e5:8a:b6:92:
32:b9:51:b3:d9:25:ad:3f:94:05:a3:0d:ac:5f:94:
ae:70:ec:69:aa:5d:55:00:64:02:c4:de:7f:69:66:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2A:51:77:6C:4B:EE:A3:ED:1C:44:04:4B:D7:1D:54:E4:A3:30:7B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/YCpRd2xL7qPtHEQES9cdVOSjMHs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:45:71:e5:a8:88:6f:3c:3d:3c:86:f1:3f:64:13:85:41:54:
f8:9f:47:be:e3:39:65:a6:80:ae:99:10:d8:12:b8:11:17:ff:
11:c7:ae:cb:ed:d5:43:f9:0e:f3:86:51:3d:72:4b:6e:51:96:
0e:dc:95:c6:95:9a:67:f3:60:16:0b:12:72:77:66:f8:29:9e:
eb:5c:7d:79:9c:92:df:98:ec:99:d3:b2:71:bb:dc:20:38:87:
0a:35:c0:f6:87:f1:26:21:8d:27:9f:84:26:70:ac:a6:91:e1:
19:52:54:96:7c:09:fc:9f:12:01:ee:53:23:bf:9a:19:87:aa:
bb:b7:92:d1:aa:4f:40:1e:47:81:6f:87:f2:5c:3d:6d:84:21:
d3:85:1c:41:4e:00:b1:0e:0f:93:01:d8:c0:37:17:90:3d:15:
bc:63:3c:14:c9:84:37:e2:8f:ac:54:c9:36:71:d8:8f:6f:12:
bb:f7:f6:e5:e9:ee:66:7d:5e:96:e8:16:cd:4b:36:5c:f6:74:
73:49:d5:a4:88:b8:4b:7b:f7:a0:68:14:60:51:55:82:b2:8f:
8d:69:e9:cc:e6:24:5f:e9:03:6b:58:28:2c:b4:29:f5:71:28:
82:f5:62:fc:d5:4d:43:43:3b:ed:e6:62:ba:38:59:23:13:c6:
3a:d0:8e:1e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICClIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjgx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYwMkE1MTc3NkM0QkVF
QTNFRDFDNDQwNDRCRDcxRDU0RTRBMzMwN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAHxlFh/0Ccf9tu0KooNEkLNHWTXTZ9uOw66RE0GAFWaY/gVTP
JaA2izsFF7Ekkpls2x/kxI+WAggjvGpk99mEwPBbjeBs1yV4EXI4fQR9UKkAwtuk
2zYBULlDYQgfWgCah+S8KVLRcHHu+DTvuiK2B79TlTrSkazsewZMuILO/fQ9Esms
TqXklWhZhDbJPpo/vBlb7j8Jh+PTL8kMkjSdjK7kEynpdVvTBH4fg55dT7q9pvw5
KAjPGhjH7gHRJM7nknk2EhAEGb2Z9JMlQviGQBFdMMowCkVc9blk5Yq2kjK5UbPZ
Ja0/lAWjDaxflK5w7GmqXVUAZALE3n9pZoqJAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUYCpRd2xL7qPtHEQES9cdVOSjMHswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1lDcFJkMnhMN3FQdEhF
UUVTOWNkVk9Tak1Icy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGxFceWoiG88PTyG8T9kE4VBVPifR77jOWWm
gK6ZENgSuBEX/xHHrsvt1UP5DvOGUT1yS25Rlg7clcaVmmfzYBYLEnJ3Zvgpnutc
fXmckt+Y7JnTsnG73CA4hwo1wPaH8SYhjSefhCZwrKaR4RlSVJZ8CfyfEgHuUyO/
mhmHqru3ktGqT0AeR4Fvh/JcPW2EIdOFHEFOALEOD5MB2MA3F5A9FbxjPBTJhDfi
j6xUyTZx2I9vErv39uXp7mZ9XpboFs1LNlz2dHNJ1aSIuEt796BoFGBRVYKyj41p
6czmJF/pA2tYKCy0KfVxKIL1YvzVTUNDO+3mYro4WSMTxjrQjh4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:37:10 2025 by rpki-client