Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/l16dG--rDOdnj8oXXNGAT3irkYU.roa
File: l16dG--rDOdnj8oXXNGAT3irkYU.roa (raw, json)
Hash identifier: pOMvWVLItbWrn2pRs+xc4EcGcFA5DTtkhlCrHyjpB/o=
Subject key identifier: 97:5E:9D:1B:EF:AB:0C:E7:67:8F:CA:17:5C:D1:80:4F:78:AB:91:85
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0AA3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/l16dG--rDOdnj8oXXNGAT3irkYU.roa
Signing time: Sat 07 Dec 2024 15:55:02 +0000
ROA not before: Sat 07 Dec 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2723 (0xaa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 7 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=975E9D1BEFAB0CE7678FCA175CD1804F78AB9185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e4:3a:f2:32:db:bd:30:03:48:e4:48:12:de:
a4:85:16:6a:37:2f:7b:a6:79:7a:01:e6:f7:85:d7:
97:ea:95:3e:cd:53:2a:f3:1e:b4:50:b7:97:08:d2:
6f:f4:c2:7f:60:76:da:0c:ff:33:5c:00:36:1a:31:
43:a9:d6:5c:6e:af:02:86:5a:fe:35:fd:f5:2c:38:
df:07:a7:5b:c5:4f:b8:0f:55:25:e4:8d:42:60:0a:
7b:ec:c6:8d:4a:e8:90:7c:19:18:23:b8:17:e6:c1:
87:26:d8:0e:d1:9f:85:4c:e0:1a:80:be:17:38:ff:
85:05:47:16:78:1e:ca:f2:12:b8:52:59:ce:22:f3:
5b:c8:4e:cd:de:d0:47:ad:0f:0e:ea:bd:e7:25:56:
57:25:31:b2:e6:5a:1c:08:d6:c3:24:39:23:62:99:
f6:df:c6:af:41:47:47:cf:fd:d6:b3:6b:35:57:d2:
71:b2:b2:ab:66:a6:c0:9d:47:3d:9a:14:3e:20:9f:
d7:03:f8:ab:21:ad:0b:13:dc:61:12:e3:6b:81:bc:
1b:c2:85:54:45:1c:03:c1:35:3a:47:b0:58:3d:1b:
04:f9:35:68:96:1b:f3:5b:f5:73:f2:cd:46:62:15:
58:1b:7e:b1:0e:07:7b:fd:44:9a:db:32:40:98:85:
2a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5E:9D:1B:EF:AB:0C:E7:67:8F:CA:17:5C:D1:80:4F:78:AB:91:85
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/l16dG--rDOdnj8oXXNGAT3irkYU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
78:28:57:61:6c:b5:7d:74:07:6a:27:10:54:cb:56:39:ff:94:
58:8c:2a:83:0b:36:c6:b9:b3:e9:bf:cc:ad:87:11:47:55:38:
ca:f7:f2:0d:ae:1c:0b:47:a0:f7:a5:ba:6a:ab:2f:ce:9f:4d:
3a:cd:7d:89:2c:e9:67:a9:62:0c:f7:ee:df:fa:21:21:84:4f:
90:e8:a2:f8:11:40:50:38:a6:6f:6c:f7:8d:55:93:80:14:fd:
a9:58:d5:9d:26:53:97:34:d1:99:6e:be:18:a0:89:33:7c:bf:
d3:1a:dd:61:56:e1:a7:4c:d5:a8:fc:65:94:14:e3:26:33:18:
18:82:8c:73:65:1f:49:36:36:98:c7:88:c4:e5:a3:ea:4c:0a:
6d:49:65:8a:fc:50:97:eb:60:00:21:e1:41:84:00:39:f0:93:
2b:f1:c8:25:8c:9e:30:d7:60:7d:9d:0d:34:13:b0:65:8f:24:
e7:d6:4c:91:59:94:e1:ad:35:48:d1:bd:1f:11:e4:bb:14:c6:
0a:d3:46:ff:3b:3d:71:f9:ec:65:b4:4a:0e:35:6a:64:44:3a:
8c:b7:ac:4c:92:26:26:35:7c:b8:66:3b:4d:3a:bc:4c:02:11:
03:74:90:8a:3b:e6:b5:e4:e5:de:ae:d7:eb:74:33:d1:1e:c8:
64:e2:fb:0c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCqMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDcx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk3NUU5RDFCRUZBQjBD
RTc2NzhGQ0ExNzVDRDE4MDRGNzhBQjkxODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC55DryMtu9MANI5EgS3qSFFmo3L3umeXoB5veF15fqlT7NUyrz
HrRQt5cI0m/0wn9gdtoM/zNcADYaMUOp1lxurwKGWv41/fUsON8Hp1vFT7gPVSXk
jUJgCnvsxo1K6JB8GRgjuBfmwYcm2A7Rn4VM4BqAvhc4/4UFRxZ4HsryErhSWc4i
81vITs3e0EetDw7qveclVlclMbLmWhwI1sMkOSNimfbfxq9BR0fP/dazazVX0nGy
sqtmpsCdRz2aFD4gn9cD+KshrQsT3GES42uBvBvChVRFHAPBNTpHsFg9GwT5NWiW
G/Nb9XPyzUZiFVgbfrEOB3v9RJrbMkCYhSofAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUl16dG++rDOdnj8oXXNGAT3irkYUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2wxNmRHLS1yRE9kbmo4
b1hYTkdBVDNpcmtZVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHgoV2FstX10B2onEFTLVjn/lFiMKoMLNsa5
s+m/zK2HEUdVOMr38g2uHAtHoPelumqrL86fTTrNfYks6WepYgz37t/6ISGET5Do
ovgRQFA4pm9s941Vk4AU/alY1Z0mU5c00ZluvhigiTN8v9Ma3WFW4adM1aj8ZZQU
4yYzGBiCjHNlH0k2NpjHiMTlo+pMCm1JZYr8UJfrYAAh4UGEADnwkyvxyCWMnjDX
YH2dDTQTsGWPJOfWTJFZlOGtNUjRvR8R5LsUxgrTRv87PXH57GW0Sg41amREOoy3
rEySJiY1fLhmO006vEwCEQN0kIo75rXk5d6u1+t0M9EeyGTi+ww=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:44:53 2025 by rpki-client