Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Yf3WnQhYckKI_DE8p65hM7Mefus.roa
File: Yf3WnQhYckKI_DE8p65hM7Mefus.roa (raw, json)
Hash identifier: aaPpTh6q4ITYbaRUBH5s0uo40nQRrWCAd2agJ42O+74=
Subject key identifier: 61:FD:D6:9D:08:58:72:42:88:FC:31:3C:A7:AE:61:33:B3:1E:7E:EB
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A82
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Yf3WnQhYckKI_DE8p65hM7Mefus.roa
Signing time: Tue 03 Dec 2024 23:55:02 +0000
ROA not before: Tue 03 Dec 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2690 (0xa82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 3 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61FDD69D0858724288FC313CA7AE6133B31E7EEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7b:af:01:2b:52:90:60:01:f7:d2:2b:11:8f:
c1:bc:16:d6:14:d8:19:9e:5e:5c:2d:44:ef:fe:fe:
51:f4:85:fa:f4:5e:65:6b:e4:14:b7:43:98:6a:92:
6a:18:7d:e3:ac:f8:28:53:16:be:7e:90:e7:f7:65:
1f:97:7d:d9:ef:08:04:e9:bd:be:b2:df:23:e7:d5:
0e:fc:58:59:2a:86:95:3b:d1:a9:d9:6b:c5:dd:8a:
35:70:dc:32:7b:e1:41:b2:8f:f8:d6:85:df:0a:07:
40:c7:ed:45:c6:a7:f1:00:63:d9:9c:62:4c:4a:47:
f6:e5:6a:5b:d0:7b:48:42:76:c6:3f:98:df:f5:7a:
f5:eb:b2:c5:fa:db:4f:5a:f9:5f:93:f5:f8:71:e5:
ca:41:0f:fc:98:9a:d1:94:6e:c5:be:a7:4d:a4:5c:
fb:1d:0b:16:ed:67:e4:9d:e7:6b:da:1d:8c:93:08:
99:f3:59:27:96:62:5d:9f:bc:93:71:c8:c0:36:98:
76:a8:e6:a0:8f:dc:65:50:b4:f5:0e:3f:f2:f0:c4:
4e:ca:b4:42:50:e6:79:3a:88:4c:7a:48:cd:1d:5b:
3d:af:64:6f:31:25:95:b9:c6:39:f2:b0:27:f4:e3:
63:79:ef:e8:ac:1c:f4:fc:67:bd:43:7f:e3:72:ae:
dd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FD:D6:9D:08:58:72:42:88:FC:31:3C:A7:AE:61:33:B3:1E:7E:EB
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Yf3WnQhYckKI_DE8p65hM7Mefus.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:2d:0a:84:db:70:95:1f:06:1c:21:04:85:f1:82:d9:9a:e4:
12:76:ab:a6:c9:ce:f0:dc:c9:e9:31:a7:f9:fb:8c:56:5f:aa:
a3:b3:dc:07:57:cf:90:04:8d:af:33:8e:25:48:63:5e:f0:66:
da:1f:7b:46:ec:29:73:f5:1e:23:3c:84:57:f4:07:0d:0d:96:
dd:8b:84:f2:0d:ff:e3:2d:62:66:0b:b6:60:fc:75:d4:d5:c5:
ed:cd:57:45:a4:71:55:14:7d:bd:21:57:7e:32:36:91:90:db:
7d:b6:57:80:91:9d:3f:a0:6f:ca:c5:5c:2a:46:86:1a:76:01:
e7:41:c5:31:e8:28:06:6f:1c:f5:14:06:5e:61:ab:cc:dc:12:
ee:f0:46:bd:ad:c2:59:48:37:6a:db:59:77:8d:a0:cd:57:d7:
f9:95:79:4f:45:92:98:ff:53:6f:29:44:0a:9e:3a:7e:34:d6:
9f:59:b6:d7:8a:42:2b:d5:47:c1:47:2f:70:88:da:c0:16:c9:
52:33:6d:65:75:1a:eb:e1:a3:5f:a1:e1:ef:b8:36:fe:0b:1a:
85:12:d1:76:1a:9a:d5:40:f5:95:cf:ef:86:f8:94:bf:f6:a1:
8c:60:a6:85:c1:a2:02:63:8f:a7:0b:6c:cd:d4:85:cc:4b:65:
47:14:dc:82
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDMy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYxRkRENjlEMDg1ODcy
NDI4OEZDMzEzQ0E3QUU2MTMzQjMxRTdFRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOe68BK1KQYAH30isRj8G8FtYU2BmeXlwtRO/+/lH0hfr0XmVr
5BS3Q5hqkmoYfeOs+ChTFr5+kOf3ZR+XfdnvCATpvb6y3yPn1Q78WFkqhpU70anZ
a8XdijVw3DJ74UGyj/jWhd8KB0DH7UXGp/EAY9mcYkxKR/blalvQe0hCdsY/mN/1
evXrssX6209a+V+T9fhx5cpBD/yYmtGUbsW+p02kXPsdCxbtZ+Sd52vaHYyTCJnz
WSeWYl2fvJNxyMA2mHao5qCP3GVQtPUOP/LwxE7KtEJQ5nk6iEx6SM0dWz2vZG8x
JZW5xjnysCf042N57+isHPT8Z71Df+Nyrt1ZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUYf3WnQhYckKI/DE8p65hM7MefuswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1lmM1duUWhZY2tLSV9E
RThwNjVoTTdNZWZ1cy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANctCoTbcJUfBhwhBIXxgtma5BJ2q6bJzvDc
yekxp/n7jFZfqqOz3AdXz5AEja8zjiVIY17wZtofe0bsKXP1HiM8hFf0Bw0Nlt2L
hPIN/+MtYmYLtmD8ddTVxe3NV0WkcVUUfb0hV34yNpGQ2322V4CRnT+gb8rFXCpG
hhp2AedBxTHoKAZvHPUUBl5hq8zcEu7wRr2twllIN2rbWXeNoM1X1/mVeU9Fkpj/
U28pRAqeOn401p9ZtteKQivVR8FHL3CI2sAWyVIzbWV1Guvho1+h4e+4Nv4LGoUS
0XYamtVA9ZXP74b4lL/2oYxgpoXBogJjj6cLbM3UhcxLZUcU3II=
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:42:38 2025 by rpki-client