Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/aZfn3SYpbrMpSCHBJ5DB6dGsEFs.roa
File: aZfn3SYpbrMpSCHBJ5DB6dGsEFs.roa (raw, json)
Hash identifier: 73yruZkvodFkPci9UMfDBnisJmP7ippGH0paBjUYpe4=
Subject key identifier: 69:97:E7:DD:26:29:6E:B3:29:48:21:C1:27:90:C1:E9:D1:AC:10:5B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0C2A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/aZfn3SYpbrMpSCHBJ5DB6dGsEFs.roa
Signing time: Sun 19 Jan 2025 23:55:02 +0000
ROA not before: Sun 19 Jan 2025 23:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3114 (0xc2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 19 23:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6997E7DD26296EB3294821C12790C1E9D1AC105B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c4:26:fb:da:3a:d2:7a:18:09:e0:9b:ac:f7:
0b:d8:cd:b9:27:9c:7f:9f:6c:33:0d:94:09:99:95:
d6:60:f0:c2:a1:da:55:47:3e:86:27:78:24:ee:4b:
3c:3a:6b:71:1b:27:ed:1e:62:a3:a9:9c:d6:93:1b:
ed:74:70:cc:4f:a0:3b:24:ee:e8:34:a0:b4:0f:c7:
58:74:dd:cb:e1:34:df:d9:03:79:67:b9:7a:34:96:
f5:9c:33:b5:d0:29:fb:1b:36:ba:c2:28:10:a1:c2:
10:75:41:4f:ae:22:24:7e:18:13:a3:34:34:dd:36:
a5:8c:9b:71:d0:00:6e:2d:20:eb:79:5a:e7:97:17:
4c:4f:86:27:a5:ff:01:21:bb:6a:74:70:7e:53:3b:
ef:f6:d4:af:c5:33:bf:81:58:03:4b:be:45:5e:18:
2c:0e:2d:40:63:c0:8b:d8:2c:da:ba:98:d1:6e:00:
7e:80:3a:7d:19:ff:d1:a6:e2:a0:3d:ba:41:67:0a:
ba:ae:2b:9c:d4:d5:fb:93:89:06:81:7b:cf:0e:d9:
e1:e3:e7:b8:56:84:65:3a:27:1f:83:8d:8a:b8:d7:
47:fa:4d:1e:4f:07:9d:e6:e4:7d:37:bc:d0:fd:0d:
b1:02:a5:08:79:6a:ba:f5:ef:6c:44:39:28:c9:dc:
83:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:97:E7:DD:26:29:6E:B3:29:48:21:C1:27:90:C1:E9:D1:AC:10:5B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/aZfn3SYpbrMpSCHBJ5DB6dGsEFs.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:95:57:e1:0f:8d:9b:55:23:91:7b:3d:c2:cf:13:b0:ba:c8:
6f:aa:a4:f2:e7:72:d7:6d:fe:6d:05:c8:a6:a1:e0:13:2e:4d:
0d:5b:6a:bd:cc:d8:5e:9a:b8:13:10:14:c0:ec:9f:72:6b:9a:
db:84:ce:15:09:d2:b6:d8:81:41:f2:5a:c1:3a:65:a7:6a:5b:
fe:19:df:ba:e9:fa:99:93:92:d0:60:2a:3e:9e:85:f8:03:36:
ba:26:a6:63:0e:75:69:76:6c:31:e8:75:f2:a3:1b:d6:0b:fb:
3c:ee:ec:c5:35:be:24:e9:31:39:3a:a9:7e:a4:61:1a:92:cd:
8c:ff:48:e0:ef:14:c6:75:a2:4b:eb:ce:4b:a8:fe:c7:a0:8c:
1d:99:59:dd:bd:39:95:a9:01:db:b8:d3:90:df:5b:60:6a:77:
fd:3d:a6:04:a7:96:b2:76:e1:98:4d:94:79:9e:34:7a:c5:19:
2d:a1:be:6a:12:f9:d1:ef:ef:2b:04:d4:3a:7c:b3:03:83:83:
c1:40:5b:d0:f3:4c:01:5f:20:7e:ac:cb:31:29:53:e9:48:7f:
aa:89:15:a1:64:b9:8c:84:d1:66:a9:dd:8b:09:84:aa:12:68:
26:42:db:a0:ec:3d:a5:7f:f5:23:45:31:11:d0:d7:5a:f6:c4:
4f:34:e5:bf
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMTky
MzU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY5OTdFN0REMjYyOTZF
QjMyOTQ4MjFDMTI3OTBDMUU5RDFBQzEwNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdxCb72jrSehgJ4Jus9wvYzbknnH+fbDMNlAmZldZg8MKh2lVH
PoYneCTuSzw6a3EbJ+0eYqOpnNaTG+10cMxPoDsk7ug0oLQPx1h03cvhNN/ZA3ln
uXo0lvWcM7XQKfsbNrrCKBChwhB1QU+uIiR+GBOjNDTdNqWMm3HQAG4tIOt5WueX
F0xPhiel/wEhu2p0cH5TO+/21K/FM7+BWANLvkVeGCwOLUBjwIvYLNq6mNFuAH6A
On0Z/9Gm4qA9ukFnCrquK5zU1fuTiQaBe88O2eHj57hWhGU6Jx+DjYq410f6TR5P
B53m5H03vND9DbECpQh5arr172xEOSjJ3IM/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUaZfn3SYpbrMpSCHBJ5DB6dGsEFswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2FaZm4zU1lwYnJNcFND
SEJKNURCNmRHc0VGcy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALGVV+EPjZtVI5F7PcLPE7C6yG+qpPLnctdt
/m0FyKah4BMuTQ1bar3M2F6auBMQFMDsn3JrmtuEzhUJ0rbYgUHyWsE6ZadqW/4Z
37rp+pmTktBgKj6ehfgDNrompmMOdWl2bDHodfKjG9YL+zzu7MU1viTpMTk6qX6k
YRqSzYz/SODvFMZ1okvrzkuo/segjB2ZWd29OZWpAdu405DfW2Bqd/09pgSnlrJ2
4ZhNlHmeNHrFGS2hvmoS+dHv7ysE1Dp8swODg8FAW9DzTAFfIH6syzEpU+lIf6qJ
FaFkuYyE0Wap3YsJhKoSaCZC26DsPaV/9SNFMRHQ11r2xE805b8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:51:40 2025 by rpki-client