Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ZmhjaIdOLdGPMWj0Opg6Ru67mD4.roa
File: ZmhjaIdOLdGPMWj0Opg6Ru67mD4.roa (raw, json)
Hash identifier: A6FHpFD/pFSX5Ysd+UhEo4sXByGiPJvEVRBTwCE8JkY=
Subject key identifier: 66:68:63:68:87:4E:2D:D1:8F:31:68:F4:3A:98:3A:46:EE:BB:98:3E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0AC1
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ZmhjaIdOLdGPMWj0Opg6Ru67mD4.roa
Signing time: Tue 10 Dec 2024 23:55:02 +0000
ROA not before: Tue 10 Dec 2024 23:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2753 (0xac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 10 23:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66686368874E2DD18F3168F43A983A46EEBB983E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:50:2a:88:d6:21:89:7d:6d:62:e1:d1:15:83:
3c:ea:19:47:61:dc:e8:d8:8e:39:fc:17:f7:6b:1d:
35:f4:62:48:d7:64:dd:80:7b:21:9c:e5:5a:bb:d5:
fb:14:99:96:2f:99:8e:0e:d2:0d:f6:98:77:71:dc:
a0:25:6a:68:de:d6:d6:42:fa:13:43:fd:5f:29:b7:
a6:2e:f9:a0:aa:c7:2b:7f:66:af:9c:56:c7:81:06:
de:07:16:15:01:f4:63:32:35:cb:b8:3f:e3:a0:21:
26:16:fa:d1:5c:32:09:d1:0a:23:ca:a5:6e:d7:49:
b7:7f:b0:39:ec:1a:76:66:70:07:7d:6f:83:1b:01:
61:ca:12:0c:8f:2a:ae:b9:bc:66:bf:96:a0:d4:3f:
f3:bf:df:70:a5:39:c9:ad:25:ae:99:ae:02:9b:56:
d5:1b:f3:93:41:de:38:fb:71:3f:c1:6b:35:d6:fa:
58:e7:6a:0e:7b:ec:bc:3f:6a:5c:ee:fc:71:07:3d:
f6:28:39:25:c9:94:63:66:14:1b:96:7f:df:b0:42:
fd:bd:57:cd:94:4e:5a:fb:ba:f8:32:6b:6b:ca:40:
04:8a:57:99:8f:a1:4d:c6:a6:09:58:a1:2f:b5:c1:
95:e2:fe:10:99:6e:9e:65:54:62:e5:00:74:08:84:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:68:63:68:87:4E:2D:D1:8F:31:68:F4:3A:98:3A:46:EE:BB:98:3E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ZmhjaIdOLdGPMWj0Opg6Ru67mD4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a8:8c:7b:3a:cb:f7:0b:51:bc:55:70:4a:cc:d0:f3:28:fa:
1a:9d:eb:5e:80:11:14:41:6b:4f:5e:3e:16:f5:b2:cd:b1:58:
7f:88:a9:4e:6a:44:cf:fd:16:11:41:7f:f3:a3:b3:eb:e5:7a:
9b:2a:e2:ec:ce:ac:0e:1c:c0:06:c9:98:cf:ad:95:72:2f:e6:
c0:9b:6e:a2:b3:e7:69:13:ed:70:34:7e:4e:48:fe:de:af:90:
9e:f6:84:d3:10:47:14:44:8f:75:8c:d1:e6:aa:c1:10:32:72:
60:da:9c:d7:c8:0d:52:4b:45:df:ae:fe:32:51:23:06:44:8f:
db:c0:ec:1d:6e:9d:3b:54:1e:e8:33:ab:e4:c0:5f:6b:4d:b0:
ca:f0:c1:96:e0:0e:3a:4e:a5:e4:06:ce:ce:ff:64:64:77:8f:
d6:15:9f:74:94:25:3b:48:30:16:8d:7c:e6:07:ff:4f:24:0c:
f0:be:44:71:ea:38:c2:fb:45:17:26:43:1c:dd:8d:b5:01:1e:
de:48:d5:f4:d0:f7:56:c3:1d:7e:b8:6d:be:de:01:4b:bf:6d:
69:61:3c:c2:b7:73:87:8e:d1:ca:fe:53:72:3e:25:e2:fd:6f:
21:78:cf:ad:2d:a1:84:45:9d:75:2e:84:43:d9:24:fe:fa:81:
b0:7a:e2:9d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCsEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMTAy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY2Njg2MzY4ODc0RTJE
RDE4RjMxNjhGNDNBOTgzQTQ2RUVCQjk4M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpUCqI1iGJfW1i4dEVgzzqGUdh3OjYjjn8F/drHTX0YkjXZN2A
eyGc5Vq71fsUmZYvmY4O0g32mHdx3KAlamje1tZC+hND/V8pt6Yu+aCqxyt/Zq+c
VseBBt4HFhUB9GMyNcu4P+OgISYW+tFcMgnRCiPKpW7XSbd/sDnsGnZmcAd9b4Mb
AWHKEgyPKq65vGa/lqDUP/O/33ClOcmtJa6ZrgKbVtUb85NB3jj7cT/BazXW+ljn
ag577Lw/alzu/HEHPfYoOSXJlGNmFBuWf9+wQv29V82UTlr7uvgya2vKQASKV5mP
oU3GpglYoS+1wZXi/hCZbp5lVGLlAHQIhGZdAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUZmhjaIdOLdGPMWj0Opg6Ru67mD4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1ptaGphSWRPTGRHUE1X
ajBPcGc2UnU2N21ENC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEGojHs6y/cLUbxVcErM0PMo+hqd616AERRB
a09ePhb1ss2xWH+IqU5qRM/9FhFBf/Ojs+vlepsq4uzOrA4cwAbJmM+tlXIv5sCb
bqKz52kT7XA0fk5I/t6vkJ72hNMQRxREj3WM0eaqwRAycmDanNfIDVJLRd+u/jJR
IwZEj9vA7B1unTtUHugzq+TAX2tNsMrwwZbgDjpOpeQGzs7/ZGR3j9YVn3SUJTtI
MBaNfOYH/08kDPC+RHHqOML7RRcmQxzdjbUBHt5I1fTQ91bDHX64bb7eAUu/bWlh
PMK3c4eO0cr+U3I+JeL9byF4z60toYRFnXUuhEPZJP76gbB64p0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:40:08 2025 by rpki-client