Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/cbtj30N1LQD3bUk7VEkcCqaETGQ.roa
File: cbtj30N1LQD3bUk7VEkcCqaETGQ.roa (raw, json)
Hash identifier: ZJoXt4bD2F/k59Xmz77QU5rdbdmxbrOgr5T8YEKUmcE=
Subject key identifier: 71:BB:63:DF:43:75:2D:00:F7:6D:49:3B:54:49:1C:0A:A6:84:4C:64
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0AAC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cbtj30N1LQD3bUk7VEkcCqaETGQ.roa
Signing time: Sun 08 Dec 2024 15:55:02 +0000
ROA not before: Sun 08 Dec 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2732 (0xaac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 8 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71BB63DF43752D00F76D493B54491C0AA6844C64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d7:b8:36:8f:04:c5:bd:64:b9:20:70:df:bb:
22:2a:82:38:87:4c:f9:25:87:83:cb:41:16:9e:c2:
66:a5:07:17:66:3b:d4:3b:d2:1f:3c:4b:36:96:62:
68:b5:2c:0a:7c:f2:4a:3a:4b:c8:00:01:9f:b9:f8:
41:99:e0:97:af:24:f9:5a:fc:bf:d9:4f:0c:b1:f2:
c0:15:7d:56:36:a3:bd:08:0b:ea:56:73:cd:e9:a0:
c5:7d:e3:2b:a2:4d:f1:1f:8d:76:ce:59:f3:89:eb:
eb:6a:ba:5c:08:83:32:82:f7:26:8f:c8:57:12:22:
bf:26:24:f3:4c:c6:f7:82:5d:10:32:9f:fc:2a:95:
8f:d8:ff:56:ec:2f:15:f7:3e:5f:26:dc:0f:5a:c7:
e1:c3:f3:4e:b5:a4:09:1e:0b:63:7c:2f:b2:58:18:
4d:e8:29:0c:21:7e:a7:8a:69:67:f9:4d:3b:b5:45:
89:eb:e6:bf:86:51:00:0b:37:a1:a4:72:9c:2b:61:
a0:5a:10:aa:f7:ac:32:cd:88:9d:f5:39:31:9c:e2:
22:9d:a7:eb:75:32:11:6f:c8:4a:1b:d7:16:6d:74:
05:bb:e3:9f:97:16:8c:79:58:88:7c:24:3b:17:25:
cd:60:0c:c6:79:d1:26:b7:cd:ae:76:8c:72:23:95:
f3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BB:63:DF:43:75:2D:00:F7:6D:49:3B:54:49:1C:0A:A6:84:4C:64
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cbtj30N1LQD3bUk7VEkcCqaETGQ.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
73:cc:f2:d6:07:4b:a4:d3:84:23:78:89:f6:fa:07:00:38:8d:
f0:cd:83:42:3f:de:62:16:5f:a5:77:67:b5:19:46:87:ca:71:
c3:6c:50:3c:1f:db:6c:15:6d:c4:d3:b8:4f:04:4d:b9:64:72:
8f:b6:9a:7b:06:79:50:b1:39:6c:10:99:42:0f:ef:de:91:26:
1d:31:e2:cb:8b:98:25:bb:74:a8:3c:47:4a:c4:e9:ca:3c:d2:
b9:e1:14:d9:a5:1c:f8:1c:82:b8:79:3f:ff:d3:e7:f2:1b:9a:
f6:16:1a:62:9a:0d:53:80:48:05:c2:83:10:dd:6a:2b:5b:c0:
e7:7f:94:c4:98:56:cb:fd:79:76:f6:bd:b9:bc:a0:14:31:02:
b5:7b:05:e5:6c:cf:8e:ff:95:c7:97:b5:08:68:aa:ec:9b:b9:
16:79:b1:04:9c:96:11:d3:1e:20:8d:24:59:70:9e:fa:00:48:
a7:bd:0f:d8:e3:45:74:38:cf:d9:03:ce:ac:8b:cc:fb:2a:6c:
a8:23:0b:07:3f:ea:d5:8e:b9:82:b5:94:bc:b4:5d:b7:08:e3:
de:48:62:ee:79:cd:b0:74:2a:82:9f:b6:db:13:9d:6d:6a:b2:
70:47:5d:6f:83:1d:a7:4a:7b:58:b9:2f:26:e1:c8:17:71:ac:
27:52:be:8e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDgx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDcxQkI2M0RGNDM3NTJE
MDBGNzZENDkzQjU0NDkxQzBBQTY4NDRDNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz17g2jwTFvWS5IHDfuyIqgjiHTPklh4PLQRaewmalBxdmO9Q7
0h88SzaWYmi1LAp88ko6S8gAAZ+5+EGZ4JevJPla/L/ZTwyx8sAVfVY2o70IC+pW
c83poMV94yuiTfEfjXbOWfOJ6+tqulwIgzKC9yaPyFcSIr8mJPNMxveCXRAyn/wq
lY/Y/1bsLxX3Pl8m3A9ax+HD8061pAkeC2N8L7JYGE3oKQwhfqeKaWf5TTu1RYnr
5r+GUQALN6GkcpwrYaBaEKr3rDLNiJ31OTGc4iKdp+t1MhFvyEob1xZtdAW745+X
Fox5WIh8JDsXJc1gDMZ50Sa3za52jHIjlfNTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUcbtj30N1LQD3bUk7VEkcCqaETGQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2NidGozME4xTFFEM2JV
azdWRWtjQ3FhRVRHUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHPM8tYHS6TThCN4ifb6BwA4jfDNg0I/3mIW
X6V3Z7UZRofKccNsUDwf22wVbcTTuE8ETblkco+2mnsGeVCxOWwQmUIP796RJh0x
4suLmCW7dKg8R0rE6co80rnhFNmlHPgcgrh5P//T5/IbmvYWGmKaDVOASAXCgxDd
aitbwOd/lMSYVsv9eXb2vbm8oBQxArV7BeVsz47/lceXtQhoquybuRZ5sQSclhHT
HiCNJFlwnvoASKe9D9jjRXQ4z9kDzqyLzPsqbKgjCwc/6tWOuYK1lLy0XbcI495I
Yu55zbB0KoKfttsTnW1qsnBHXW+DHadKe1i5LybhyBdxrCdSvo4=
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:47:57 2025 by rpki-client