Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/k9EIa59FtOcpIXYc3x9tExeOOmU.roa
File: k9EIa59FtOcpIXYc3x9tExeOOmU.roa (raw, json)
Hash identifier: PkPohrG2W0bPWNxQihJm56ryJWmuW/RstP1Zpy2ayo4=
Subject key identifier: 93:D1:08:6B:9F:45:B4:E7:29:21:76:1C:DF:1F:6D:13:17:8E:3A:65
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0ABB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/k9EIa59FtOcpIXYc3x9tExeOOmU.roa
Signing time: Tue 10 Dec 2024 07:55:03 +0000
ROA not before: Tue 10 Dec 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2747 (0xabb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 10 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93D1086B9F45B4E72921761CDF1F6D13178E3A65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:1a:6d:7d:57:cd:c4:5a:ac:e1:8d:6b:61:
6a:31:ab:11:7f:35:26:68:13:b5:b5:e4:98:fd:70:
8d:d9:88:71:ed:28:f2:6f:91:73:94:df:3b:d3:b0:
b8:87:07:93:38:c4:bb:68:78:e5:12:72:ae:5c:36:
6d:39:d8:9f:27:14:28:3c:99:07:08:e7:0f:96:2f:
59:a4:b3:2d:fc:db:4e:5b:b2:22:ca:ba:2b:03:ef:
dd:6a:16:63:99:5b:c4:2c:e2:d7:2d:bf:90:5f:9a:
d4:c4:c0:5f:a0:af:13:7f:c4:ea:58:68:66:8e:55:
56:ba:0b:9a:8f:a3:de:93:5c:54:a1:97:44:c9:79:
9e:da:d3:10:4c:fc:1e:92:97:87:43:56:b8:ae:ad:
8d:7d:27:60:e7:9c:49:98:59:18:d2:08:e6:78:54:
f3:26:d8:38:ad:76:9d:12:4e:a7:c5:03:b0:bb:74:
c8:b3:95:9a:53:93:8e:64:0c:3d:39:10:67:7a:78:
d1:b5:9e:53:32:58:96:3b:6e:38:75:bf:1e:af:f9:
9c:3e:c9:70:7e:43:9c:de:69:e9:3d:76:da:73:a7:
39:96:19:02:00:8f:38:dd:3b:a5:14:e8:3f:90:ce:
df:fe:c1:03:32:51:07:d3:d7:04:b1:56:49:d4:b7:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D1:08:6B:9F:45:B4:E7:29:21:76:1C:DF:1F:6D:13:17:8E:3A:65
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/k9EIa59FtOcpIXYc3x9tExeOOmU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
db:cc:7d:1e:97:2e:ad:5c:a4:02:93:73:b3:9d:3e:ce:bd:ec:
04:fe:24:93:2f:73:98:a0:78:4d:c4:35:55:b0:ab:99:0b:7c:
76:0a:e8:db:d8:d4:b2:3a:b8:6a:43:98:b2:e8:ae:87:ea:ee:
35:25:f3:7c:89:84:21:94:67:88:78:43:f8:a1:69:6b:7f:c0:
9e:a0:f7:23:3a:88:82:15:43:96:02:d0:30:cd:c7:1e:45:e5:
6e:08:1a:94:32:e6:8c:ee:34:22:db:37:7e:58:2c:42:fb:30:
57:2b:de:29:71:8c:7e:b1:9e:de:f6:6b:1d:60:03:e5:fa:7b:
90:53:38:68:58:88:d7:6c:d1:59:45:bf:6a:1c:a3:0f:25:71:
43:6b:5d:86:dd:f6:c5:dd:69:fe:75:8e:0a:72:85:82:cc:b4:
c6:21:d4:a6:27:2f:e7:34:cb:f2:16:af:aa:ab:8c:ac:df:b2:
17:1a:af:eb:0a:39:ea:a1:65:be:fa:19:a9:3a:56:1e:80:50:
0c:9c:77:4e:d6:5b:1c:ba:00:48:3b:cd:55:7b:51:67:28:c9:
93:95:f2:d0:98:6e:89:81:e3:1e:87:27:5d:00:a5:00:65:7b:
47:a5:3a:9b:44:d2:99:0c:dc:e1:0d:63:ca:72:68:48:20:5d:
43:ca:10:b2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCrswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMTAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkzRDEwODZCOUY0NUI0
RTcyOTIxNzYxQ0RGMUY2RDEzMTc4RTNBNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBzBptfVfNxFqs4Y1rYWoxqxF/NSZoE7W15Jj9cI3ZiHHtKPJv
kXOU3zvTsLiHB5M4xLtoeOUScq5cNm052J8nFCg8mQcI5w+WL1mksy38205bsiLK
uisD791qFmOZW8Qs4tctv5BfmtTEwF+grxN/xOpYaGaOVVa6C5qPo96TXFShl0TJ
eZ7a0xBM/B6Sl4dDVriurY19J2DnnEmYWRjSCOZ4VPMm2Ditdp0STqfFA7C7dMiz
lZpTk45kDD05EGd6eNG1nlMyWJY7bjh1vx6v+Zw+yXB+Q5zeaek9dtpzpzmWGQIA
jzjdO6UU6D+Qzt/+wQMyUQfT1wSxVknUt1yRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUk9EIa59FtOcpIXYc3x9tExeOOmUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2s5RUlhNTlGdE9jcElY
WWMzeDl0RXhlT09tVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANvMfR6XLq1cpAKTc7OdPs697AT+JJMvc5ig
eE3ENVWwq5kLfHYK6NvY1LI6uGpDmLLorofq7jUl83yJhCGUZ4h4Q/ihaWt/wJ6g
9yM6iIIVQ5YC0DDNxx5F5W4IGpQy5ozuNCLbN35YLEL7MFcr3ilxjH6xnt72ax1g
A+X6e5BTOGhYiNds0VlFv2ocow8lcUNrXYbd9sXdaf51jgpyhYLMtMYh1KYnL+c0
y/IWr6qrjKzfshcar+sKOeqhZb76Gak6Vh6AUAycd07WWxy6AEg7zVV7UWcoyZOV
8tCYbomB4x6HJ10ApQBle0elOptE0pkM3OENY8pyaEggXUPKELI=
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:20:29 2025 by rpki-client