Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/kn0XnrxM0xLHx4v8ej2lGsbK1l0.roa
File: kn0XnrxM0xLHx4v8ej2lGsbK1l0.roa (raw, json)
Hash identifier: HIPxqi7Fx7MpWjKM7LHGPirDVuj/+CixLjMtGnqrfGQ=
Subject key identifier: 92:7D:17:9E:BC:4C:D3:12:C7:C7:8B:FC:7A:3D:A5:1A:C6:CA:D6:5D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0BAC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kn0XnrxM0xLHx4v8ej2lGsbK1l0.roa
Signing time: Sun 05 Jan 2025 23:55:03 +0000
ROA not before: Sun 05 Jan 2025 23:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2988 (0xbac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 5 23:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=927D179EBC4CD312C7C78BFC7A3DA51AC6CAD65D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ec:95:eb:05:52:f1:93:7a:0d:60:83:23:57:
81:19:56:1d:73:c4:33:b1:85:57:95:48:19:e5:75:
78:a1:4a:2f:c3:af:34:8c:cc:f0:20:d7:29:83:3b:
08:7b:38:34:03:d4:ee:57:94:eb:fd:0f:09:88:a6:
3e:ce:09:b5:bd:c5:5e:1e:1e:a7:71:ee:3a:15:08:
90:d8:38:9e:f5:53:4d:7a:39:8a:eb:bb:91:dd:6e:
41:37:dc:fb:fb:ba:ef:51:0d:f2:9b:57:96:b6:1a:
34:2b:ad:e5:aa:24:99:50:6c:d0:45:01:a7:2e:f8:
b5:43:7c:80:5d:e2:6a:f0:46:23:28:4c:57:01:ec:
fc:c4:7c:18:09:a8:f2:b4:73:91:a7:b9:fa:1b:cc:
d4:52:86:0c:6f:fb:f7:f5:e0:22:e2:dc:f8:0e:31:
6b:ab:87:f7:a7:15:b3:bd:9e:99:c7:17:c3:ca:c6:
c2:63:f9:d3:2e:38:56:63:3c:6a:c4:ae:c5:ce:48:
4b:66:a6:2b:b2:f5:c6:ae:fa:61:85:57:a2:6b:4e:
33:50:25:15:d7:35:e3:fd:83:aa:6e:3c:49:2a:c1:
6f:a7:4d:09:75:28:23:39:bd:6e:90:91:8d:92:68:
17:d1:5c:52:f5:de:6f:b2:24:7f:b0:55:31:5b:36:
11:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7D:17:9E:BC:4C:D3:12:C7:C7:8B:FC:7A:3D:A5:1A:C6:CA:D6:5D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/kn0XnrxM0xLHx4v8ej2lGsbK1l0.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:dd:ea:6e:52:3c:9f:68:e2:73:b3:48:69:1f:e8:d8:a2:8d:
19:2d:32:3f:62:44:33:66:16:a7:a4:13:42:ba:3e:28:80:91:
bc:ba:c5:de:df:13:86:95:f1:dc:69:e1:d2:fe:50:1d:b9:7f:
2d:96:d0:dd:48:5e:65:c0:96:6d:ef:92:c2:b5:63:0b:49:b6:
da:0d:c9:7c:b0:f2:32:3e:5a:39:72:76:c8:00:e9:af:1e:34:
3e:81:cb:08:df:86:df:1b:60:e1:04:01:11:dd:f1:bc:cd:7d:
48:fd:73:3f:5c:d3:a9:d2:21:94:9a:2e:23:ea:5e:14:44:a5:
f0:26:a2:bb:d8:ed:f2:a6:3d:83:05:96:0a:19:af:ab:20:10:
7e:a3:3e:f6:bc:f6:c1:42:b4:4b:9d:7a:66:c8:9e:8a:ea:55:
6d:ea:22:34:94:01:81:b9:56:78:24:47:f4:e8:b5:d2:5e:94:
42:c1:68:e2:8d:55:60:92:30:b9:dd:52:61:f0:82:59:23:5a:
a0:e8:26:65:75:47:6c:04:3a:1e:e0:42:30:da:8d:24:83:54:
42:91:a5:e2:c5:f5:22:e0:50:6c:3c:15:f5:1e:25:12:c9:bd:
55:fe:7c:d3:4a:da:c1:b3:02:27:ac:5c:fb:bd:07:e0:fd:7e:
15:71:18:d2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDUy
MzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkyN0QxNzlFQkM0Q0Qz
MTJDN0M3OEJGQzdBM0RBNTFBQzZDQUQ2NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN7JXrBVLxk3oNYIMjV4EZVh1zxDOxhVeVSBnldXihSi/DrzSM
zPAg1ymDOwh7ODQD1O5XlOv9DwmIpj7OCbW9xV4eHqdx7joVCJDYOJ71U016OYrr
u5HdbkE33Pv7uu9RDfKbV5a2GjQrreWqJJlQbNBFAacu+LVDfIBd4mrwRiMoTFcB
7PzEfBgJqPK0c5GnufobzNRShgxv+/f14CLi3PgOMWurh/enFbO9npnHF8PKxsJj
+dMuOFZjPGrErsXOSEtmpiuy9cau+mGFV6JrTjNQJRXXNeP9g6puPEkqwW+nTQl1
KCM5vW6QkY2SaBfRXFL13m+yJH+wVTFbNhE/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUkn0XnrxM0xLHx4v8ej2lGsbK1l0wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2tuMFhucnhNMHhMSHg0
djhlajJsR3NiSzFsMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHrd6m5SPJ9o4nOzSGkf6NiijRktMj9iRDNm
FqekE0K6PiiAkby6xd7fE4aV8dxp4dL+UB25fy2W0N1IXmXAlm3vksK1YwtJttoN
yXyw8jI+WjlydsgA6a8eND6Bywjfht8bYOEEARHd8bzNfUj9cz9c06nSIZSaLiPq
XhREpfAmorvY7fKmPYMFlgoZr6sgEH6jPva89sFCtEudembInorqVW3qIjSUAYG5
VngkR/TotdJelELBaOKNVWCSMLndUmHwglkjWqDoJmV1R2wEOh7gQjDajSSDVEKR
peLF9SLgUGw8FfUeJRLJvVX+fNNK2sGzAiesXPu9B+D9fhVxGNI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:01:45 2025 by rpki-client