Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/eOnQldHIscTbzGh7QKEV3xQhE18.roa
File: eOnQldHIscTbzGh7QKEV3xQhE18.roa (raw, json)
Hash identifier: 4QGQfBZZ1HOkMa9HW44GisFB/+UAanhE8YKrg0eK50E=
Subject key identifier: 78:E9:D0:95:D1:C8:B1:C4:DB:CC:68:7B:40:A1:15:DF:14:21:13:5F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0C0C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/eOnQldHIscTbzGh7QKEV3xQhE18.roa
Signing time: Thu 16 Jan 2025 15:55:03 +0000
ROA not before: Thu 16 Jan 2025 15:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3084 (0xc0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 16 15:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78E9D095D1C8B1C4DBCC687B40A115DF1421135F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3a:c5:93:6b:24:4f:ee:07:d9:bf:2c:58:16:
1c:92:8d:d1:a6:bf:ae:a3:a9:28:64:b5:8e:47:b7:
3d:8e:d7:bf:68:84:92:c8:af:d3:22:1f:ba:53:f3:
76:c7:8d:ed:48:93:a5:c3:32:c1:ff:c6:cd:c7:54:
ee:0e:73:d7:00:44:58:f7:6b:fb:48:c8:44:17:e0:
47:4c:29:c8:c4:0d:a3:e8:e0:75:87:3f:bf:9d:2b:
7c:11:56:06:dd:dd:c6:66:5a:84:3e:ad:37:eb:c4:
8b:24:fe:ce:02:7b:61:4a:45:f0:1b:40:db:57:76:
b1:ff:2c:39:03:ce:93:26:39:09:63:64:f5:41:34:
39:72:23:13:fc:ce:69:75:81:5e:0d:bf:cf:24:07:
15:8c:2e:0a:e3:69:1c:34:b1:86:05:ac:35:16:df:
11:98:93:e5:5c:14:72:da:16:52:88:6b:07:27:86:
fe:15:9a:0e:11:1b:da:99:49:1a:54:5a:dd:93:75:
a2:04:18:65:98:c3:34:c6:6b:5e:61:e6:16:9e:18:
ff:42:96:3b:2a:50:9b:d4:b7:7d:d2:42:42:63:58:
40:14:12:25:8b:85:89:b0:49:7c:cd:2c:3e:25:a6:
0a:ec:1f:a1:71:ea:e2:3c:18:18:3c:53:ef:c2:90:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E9:D0:95:D1:C8:B1:C4:DB:CC:68:7B:40:A1:15:DF:14:21:13:5F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/eOnQldHIscTbzGh7QKEV3xQhE18.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4c:c3:7b:7a:71:fd:f6:c4:f8:28:b1:08:e9:7f:e9:ed:42:
38:51:b0:99:ec:66:f7:d9:3a:f0:ed:f0:7e:19:e4:de:eb:5a:
89:0f:69:4c:51:5a:59:71:62:3c:f0:df:f1:9a:2e:e4:53:3e:
4b:52:90:e6:57:b7:47:a7:17:aa:68:77:5e:11:c3:f9:a8:21:
90:69:15:23:13:65:40:89:70:a4:c3:a1:a1:59:93:e2:9b:d2:
98:5e:54:a0:f4:e3:c8:b6:0d:3d:5a:e5:d5:58:db:09:75:a3:
17:82:22:c8:74:e8:cc:83:26:11:1c:10:2c:b6:98:97:0c:3b:
cb:2d:bf:ab:94:de:84:7f:be:78:65:5c:63:31:fc:41:0c:d5:
c3:fa:86:59:84:47:2b:1d:81:79:57:6d:a3:52:84:da:17:f5:
64:e0:0a:75:94:c8:0d:be:4a:4d:44:96:f7:9c:e2:05:f0:56:
4c:be:1f:d7:8c:d3:61:d4:a1:b9:81:50:1a:8e:50:76:fe:34:
dd:c3:46:c6:e6:f1:e1:17:ec:45:b9:52:8e:1e:ea:9a:e9:e9:
2c:52:2b:ea:ea:09:e6:73:09:e3:fe:c7:1c:85:0e:2b:96:f6:
b7:5f:39:b5:da:a7:ab:0b:d0:8d:75:b1:db:55:ea:8d:d7:71:
96:bc:98:ae
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMTYx
NTU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDc4RTlEMDk1RDFDOEIx
QzREQkNDNjg3QjQwQTExNURGMTQyMTEzNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnOsWTayRP7gfZvyxYFhySjdGmv66jqShktY5Htz2O179ohJLI
r9MiH7pT83bHje1Ik6XDMsH/xs3HVO4Oc9cARFj3a/tIyEQX4EdMKcjEDaPo4HWH
P7+dK3wRVgbd3cZmWoQ+rTfrxIsk/s4Ce2FKRfAbQNtXdrH/LDkDzpMmOQljZPVB
NDlyIxP8zml1gV4Nv88kBxWMLgrjaRw0sYYFrDUW3xGYk+VcFHLaFlKIawcnhv4V
mg4RG9qZSRpUWt2TdaIEGGWYwzTGa15h5haeGP9CljsqUJvUt33SQkJjWEAUEiWL
hYmwSXzNLD4lpgrsH6Fx6uI8GBg8U+/CkPYfAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUeOnQldHIscTbzGh7QKEV3xQhE18wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2VPblFsZEhJc2NUYnpH
aDdRS0VWM3hRaEUxOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAExMw3t6cf32xPgosQjpf+ntQjhRsJnsZvfZ
OvDt8H4Z5N7rWokPaUxRWllxYjzw3/GaLuRTPktSkOZXt0enF6pod14Rw/moIZBp
FSMTZUCJcKTDoaFZk+Kb0pheVKD048i2DT1a5dVY2wl1oxeCIsh06MyDJhEcECy2
mJcMO8stv6uU3oR/vnhlXGMx/EEM1cP6hlmERysdgXlXbaNShNoX9WTgCnWUyA2+
Sk1Elvec4gXwVky+H9eM02HUobmBUBqOUHb+NN3DRsbm8eEX7EW5Uo4e6prp6SxS
K+rqCeZzCeP+xxyFDiuW9rdfObXap6sL0I11sdtV6o3XcZa8mK4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:11:29 2025 by rpki-client