Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hV6-uf4yWhhd_Bw8Z9Eoif2RqaI.roa
File: hV6-uf4yWhhd_Bw8Z9Eoif2RqaI.roa (raw, json)
Hash identifier: pcoY0Lucovf3lOw0QPzyQX3S6oB19VCCqzaz7VFdlcM=
Subject key identifier: 85:5E:BE:B9:FE:32:5A:18:5D:FC:1C:3C:67:D1:28:89:FD:91:A9:A2
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B39
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hV6-uf4yWhhd_Bw8Z9Eoif2RqaI.roa
Signing time: Tue 24 Dec 2024 07:55:03 +0000
ROA not before: Tue 24 Dec 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2873 (0xb39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 24 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=855EBEB9FE325A185DFC1C3C67D12889FD91A9A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5e:79:94:89:2b:f0:4d:a7:df:d1:d7:72:7b:
9f:4d:c1:7b:a6:ea:48:70:c3:b3:83:c2:ec:5e:6f:
f5:d2:97:57:ef:69:9a:06:ab:d2:33:8d:87:5c:d7:
91:2f:87:a4:97:0e:15:15:fb:45:28:ea:c6:4e:5c:
fb:6b:dc:5b:2f:fa:87:6b:41:59:2c:fd:6f:f4:12:
d7:78:6c:f7:62:8f:05:dd:0a:d7:57:0b:eb:a9:59:
65:15:14:ad:f9:c2:c7:23:9b:d4:71:63:ff:83:ab:
47:11:75:6c:aa:02:77:7f:d5:fd:c3:78:4f:42:da:
49:52:da:19:d1:a3:f1:5c:0c:04:83:bf:e9:12:51:
b3:67:6e:05:d4:5d:34:f6:11:8c:19:37:3a:dd:04:
26:62:2e:a8:20:86:d6:c4:93:3a:b1:fa:d5:56:93:
23:0d:0b:46:ac:b9:80:d7:1c:6d:e2:a7:aa:8c:cd:
09:62:ff:76:e5:c2:54:72:ba:85:20:26:6d:3b:47:
61:47:03:14:8c:1b:01:7d:ce:c1:14:9c:9a:c1:8f:
5f:1e:5c:90:e4:26:eb:01:07:1e:18:85:16:5c:11:
ab:c1:bc:da:d5:b9:06:70:c5:b0:ff:c8:4c:2f:6f:
07:09:ba:30:2b:c7:6e:61:da:ff:b2:83:9d:3f:bf:
93:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5E:BE:B9:FE:32:5A:18:5D:FC:1C:3C:67:D1:28:89:FD:91:A9:A2
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hV6-uf4yWhhd_Bw8Z9Eoif2RqaI.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:a7:0c:a4:aa:27:c1:fa:a8:df:38:ca:e3:61:93:37:1d:d2:
b4:29:7e:af:cb:0b:a0:7c:88:2f:9f:50:3b:86:2f:b6:6c:f3:
25:79:72:e9:35:13:5c:59:9b:2d:f1:6e:e1:bb:93:84:75:c0:
7c:07:3b:21:8c:db:8b:5f:f3:00:06:f8:a9:d8:e7:67:0f:25:
5b:07:92:1f:f0:69:11:77:9e:5c:df:73:a6:69:85:91:72:5e:
a5:e7:23:fc:0a:a9:6e:d2:9b:bf:ce:46:58:ca:54:0d:a1:de:
5f:ee:f0:b6:47:4f:7e:ca:4b:12:b4:79:a9:90:e9:2a:5a:11:
d9:5f:10:66:9b:6b:67:6d:93:d0:6c:2e:75:7f:af:a4:bf:99:
69:b4:76:d8:90:11:a3:7e:c7:29:58:09:8e:6f:ad:59:5b:49:
e9:68:1b:49:09:03:ea:9b:83:2f:2f:d4:78:77:0d:1d:60:f6:
25:d1:26:c9:5c:00:ea:61:b1:e8:f9:e4:7e:a0:94:d5:d5:2d:
40:dc:f5:93:36:2d:1a:7e:35:ae:06:eb:5b:21:11:46:2f:c0:
69:49:8f:0b:1a:0e:71:01:2a:de:a3:0c:be:06:20:b5:a3:dd:
e0:94:86:e4:a6:6b:02:19:2d:ae:f8:db:20:0b:d1:0c:95:2e:
ff:58:3b:43
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjQw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1NUVCRUI5RkUzMjVB
MTg1REZDMUMzQzY3RDEyODg5RkQ5MUE5QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTXnmUiSvwTaff0ddye59NwXum6khww7ODwuxeb/XSl1fvaZoG
q9IzjYdc15Evh6SXDhUV+0Uo6sZOXPtr3Fsv+odrQVks/W/0Etd4bPdijwXdCtdX
C+upWWUVFK35wscjm9RxY/+Dq0cRdWyqAnd/1f3DeE9C2klS2hnRo/FcDASDv+kS
UbNnbgXUXTT2EYwZNzrdBCZiLqgghtbEkzqx+tVWkyMNC0asuYDXHG3ip6qMzQli
/3blwlRyuoUgJm07R2FHAxSMGwF9zsEUnJrBj18eXJDkJusBBx4YhRZcEavBvNrV
uQZwxbD/yEwvbwcJujArx25h2v+yg50/v5PNAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhV6+uf4yWhhd/Bw8Z9Eoif2RqaIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hWNi11ZjR5V2hoZF9C
dzhaOUVvaWYyUnFhSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALKnDKSqJ8H6qN84yuNhkzcd0rQpfq/LC6B8
iC+fUDuGL7Zs8yV5cuk1E1xZmy3xbuG7k4R1wHwHOyGM24tf8wAG+KnY52cPJVsH
kh/waRF3nlzfc6ZphZFyXqXnI/wKqW7Sm7/ORljKVA2h3l/u8LZHT37KSxK0eamQ
6SpaEdlfEGaba2dtk9BsLnV/r6S/mWm0dtiQEaN+xylYCY5vrVlbSeloG0kJA+qb
gy8v1Hh3DR1g9iXRJslcAOphsej55H6glNXVLUDc9ZM2LRp+Na4G61shEUYvwGlJ
jwsaDnEBKt6jDL4GILWj3eCUhuSmawIZLa742yAL0QyVLv9YO0M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:00:38 2025 by rpki-client