Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/a1KKmXaLz7UDgLR8z7SpRPsxlEU.roa
File: a1KKmXaLz7UDgLR8z7SpRPsxlEU.roa (raw, json)
Hash identifier: 9YwUsmwCxbWKnL3mp7fNnUDoYcMuRD1+YAqOqF+92fw=
Subject key identifier: 6B:52:8A:99:76:8B:CF:B5:03:80:B4:7C:CF:B4:A9:44:FB:31:94:45
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0C3C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/a1KKmXaLz7UDgLR8z7SpRPsxlEU.roa
Signing time: Tue 21 Jan 2025 23:55:03 +0000
ROA not before: Tue 21 Jan 2025 23:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3132 (0xc3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 21 23:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6B528A99768BCFB50380B47CCFB4A944FB319445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7f:d8:e6:30:c7:67:85:e2:21:a6:f3:c5:3a:
52:03:3a:ec:62:87:79:10:2b:d0:da:aa:bd:9c:11:
65:16:08:f1:90:3b:92:18:3d:59:11:db:1b:e5:f7:
ac:ad:c6:fa:d3:e6:f3:d0:bb:5d:7f:c1:d1:c8:10:
54:03:af:62:7a:c8:64:fe:f9:1d:d3:b0:31:22:2b:
f4:3e:28:f7:8e:a9:82:ef:25:ba:ac:e0:64:8b:e6:
c9:d9:c0:44:55:51:59:29:cb:15:0f:dd:28:5a:79:
56:a6:80:0c:c5:d3:c7:5d:b8:7c:88:b9:bf:d1:0d:
7f:71:06:b7:98:c6:65:04:6e:86:95:b3:43:68:e3:
f3:9d:d8:3e:84:60:56:9f:0c:a8:f3:22:d3:48:e5:
75:d4:c7:57:f2:f5:44:f8:43:66:c6:c7:14:9f:94:
6a:ad:28:c1:07:ae:00:bc:99:60:0a:c0:b6:af:af:
1a:1f:b2:5d:55:3a:d3:27:15:9d:dd:34:49:de:e0:
4f:2e:db:c4:ab:e1:16:8c:a1:3b:65:fb:f3:e0:a1:
c6:1c:b5:df:9f:ec:64:8f:44:5b:df:81:ea:ec:3b:
7c:2b:31:69:6d:c6:89:22:cf:35:0e:ae:40:9a:40:
31:95:8e:d9:2b:c9:a5:d9:93:c8:6e:fb:96:9e:e0:
87:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:52:8A:99:76:8B:CF:B5:03:80:B4:7C:CF:B4:A9:44:FB:31:94:45
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/a1KKmXaLz7UDgLR8z7SpRPsxlEU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:72:82:9c:e1:15:9e:12:8a:fa:18:12:95:b8:d4:51:ce:12:
7d:ee:30:9b:71:89:2a:da:65:fa:de:41:e4:42:e0:01:d2:a8:
f7:1b:92:dc:ab:9b:24:e5:20:30:ea:bb:00:18:f5:6e:ce:16:
27:57:32:40:aa:81:c8:40:7c:9e:4e:2a:04:e0:7c:13:e8:c1:
7e:f0:ba:8e:b6:e1:a7:7d:63:8e:20:89:25:d7:5c:f0:46:c8:
1d:53:99:d6:39:43:6a:cc:42:c8:d2:b6:1a:ec:56:ec:72:28:
ab:52:e7:e0:3e:a1:78:40:ca:8a:c1:33:16:db:27:0f:13:45:
ce:0d:85:fc:f5:64:fc:bc:6c:f0:08:54:e1:40:a5:2c:24:f1:
38:66:f8:42:d6:d1:45:f2:25:49:e1:a5:4b:42:4b:df:da:a5:
76:a8:e4:02:24:84:fc:8c:7d:08:6f:92:55:ad:15:34:19:ab:
bd:b0:94:a1:9a:b3:21:e4:d4:ca:c7:4e:d6:66:c9:f1:ec:da:
ac:b1:69:1c:6e:e8:da:29:07:b6:56:e4:2f:9f:44:b0:74:ea:
63:1c:c5:60:a1:ef:4a:90:74:7b:e7:6a:c8:ca:86:9a:8b:24:
14:69:6b:89:7b:3a:9d:b1:cb:14:ef:8f:c4:0c:fd:d2:01:ff:
a4:a7:2a:84
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDDwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMjEy
MzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZCNTI4QTk5NzY4QkNG
QjUwMzgwQjQ3Q0NGQjRBOTQ0RkIzMTk0NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBf9jmMMdnheIhpvPFOlIDOuxih3kQK9Daqr2cEWUWCPGQO5IY
PVkR2xvl96ytxvrT5vPQu11/wdHIEFQDr2J6yGT++R3TsDEiK/Q+KPeOqYLvJbqs
4GSL5snZwERVUVkpyxUP3ShaeVamgAzF08dduHyIub/RDX9xBreYxmUEboaVs0No
4/Od2D6EYFafDKjzItNI5XXUx1fy9UT4Q2bGxxSflGqtKMEHrgC8mWAKwLavrxof
sl1VOtMnFZ3dNEne4E8u28Sr4RaMoTtl+/PgocYctd+f7GSPRFvfgersO3wrMWlt
xokizzUOrkCaQDGVjtkryaXZk8hu+5ae4IevAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUa1KKmXaLz7UDgLR8z7SpRPsxlEUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2ExS0ttWGFMejdVRGdM
Ujh6N1NwUlBzeGxFVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALFygpzhFZ4SivoYEpW41FHOEn3uMJtxiSra
ZfreQeRC4AHSqPcbktyrmyTlIDDquwAY9W7OFidXMkCqgchAfJ5OKgTgfBPowX7w
uo624ad9Y44giSXXXPBGyB1TmdY5Q2rMQsjSthrsVuxyKKtS5+A+oXhAyorBMxbb
Jw8TRc4Nhfz1ZPy8bPAIVOFApSwk8Thm+ELW0UXyJUnhpUtCS9/apXao5AIkhPyM
fQhvklWtFTQZq72wlKGasyHk1MrHTtZmyfHs2qyxaRxu6NopB7ZW5C+fRLB06mMc
xWCh70qQdHvnasjKhpqLJBRpa4l7Op2xyxTvj8QM/dIB/6SnKoQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:03:41 2025 by rpki-client