Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/nNkHIBp69mLRxsyE1JbNI8OjJQ8.roa
File: nNkHIBp69mLRxsyE1JbNI8OjJQ8.roa (raw, json)
Hash identifier: qzowklbrIoRBeRuMdqp5EKwDhyHqzj13am4Zc6tNVzI=
Subject key identifier: 9C:D9:07:20:1A:7A:F6:62:D1:C6:CC:84:D4:96:CD:23:C3:A3:25:0F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B5D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nNkHIBp69mLRxsyE1JbNI8OjJQ8.roa
Signing time: Sat 28 Dec 2024 07:55:03 +0000
ROA not before: Sat 28 Dec 2024 07:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2909 (0xb5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 28 07:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9CD907201A7AF662D1C6CC84D496CD23C3A3250F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:88:aa:71:d2:68:f0:13:c8:92:07:c8:1e:23:
02:2a:18:11:97:da:8c:fe:ec:c6:ed:c8:18:34:98:
79:c4:17:63:c3:47:e9:16:a7:f8:ea:ca:51:fc:9c:
ca:f7:48:f5:8a:26:6d:f9:07:be:27:ca:8c:64:03:
f4:2e:d4:5a:d0:09:ef:ac:93:5a:35:1a:56:f3:1f:
a8:7c:0c:ea:08:ad:9d:b1:6e:4e:af:5d:63:8a:09:
58:e8:70:f6:e3:24:71:57:5f:b9:5c:42:d9:2e:ba:
78:d7:2b:63:bc:31:2c:e8:e8:f0:4c:f8:ae:8f:2b:
c6:17:1b:80:31:32:41:ed:bf:60:28:4a:4c:0e:90:
1c:13:e4:2a:66:25:ec:7c:44:29:57:25:40:92:f9:
f2:48:d8:18:0c:d3:a0:2b:fb:03:cc:37:25:1a:3d:
6d:4e:6d:35:62:8d:47:b5:13:95:8f:2f:92:d0:ed:
59:d1:59:6e:e4:47:e3:e8:2f:d3:6f:21:8e:15:b9:
c0:d4:6d:39:66:b6:f9:32:81:b4:19:62:aa:dd:b2:
3f:f4:f3:7a:44:f0:93:9c:c7:e4:f1:71:de:51:06:
31:32:fa:29:6c:8d:28:2c:e4:ca:a0:84:af:c1:e7:
e9:73:e6:56:b7:bd:38:94:d3:f5:34:d7:ba:66:60:
63:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D9:07:20:1A:7A:F6:62:D1:C6:CC:84:D4:96:CD:23:C3:A3:25:0F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/nNkHIBp69mLRxsyE1JbNI8OjJQ8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
71:13:13:c4:e4:4e:f5:74:20:ea:a0:fb:b4:99:0d:40:10:1f:
4c:9f:1f:ea:a9:e7:5f:24:b9:77:d1:f0:ac:e7:d0:40:13:ea:
5e:96:24:05:89:f4:44:f2:ec:7c:2e:d1:aa:d4:40:2b:4f:64:
a2:55:4a:4d:1b:ca:aa:99:31:df:47:c9:9d:c7:7c:af:ae:d4:
45:a8:7e:48:a4:60:36:c8:b8:8a:c9:ef:89:90:5a:24:ba:85:
0d:38:c0:3c:90:e8:60:46:a4:cf:2a:47:1e:67:3c:ae:8b:83:
35:f9:ea:c0:94:87:f3:18:30:e0:46:23:ff:5d:5d:2d:87:3b:
fa:0e:0a:ae:03:e0:b3:e6:d9:3a:1e:7d:a0:a4:05:1f:7f:08:
5e:0d:1f:6e:58:a4:e2:34:08:34:d3:bf:71:48:6b:80:e1:45:
97:76:2f:03:94:43:b8:36:61:ea:ef:3b:80:d8:5b:f5:fd:5b:
7e:ae:ce:9e:7e:ef:46:fc:fb:45:d6:c1:3b:cb:bf:8f:09:67:
2c:e2:5f:16:b5:ed:fe:29:86:26:46:0d:60:01:f7:da:67:a5:
47:af:1e:ae:22:6d:a8:22:a1:f5:0e:88:8e:16:2e:cb:12:c7:
d6:16:b6:9b:8b:ae:f9:56:b0:cc:81:a7:6c:58:be:5d:19:a7:
d9:b3:ee:db
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjgw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlDRDkwNzIwMUE3QUY2
NjJEMUM2Q0M4NEQ0OTZDRDIzQzNBMzI1MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaiKpx0mjwE8iSB8geIwIqGBGX2oz+7MbtyBg0mHnEF2PDR+kW
p/jqylH8nMr3SPWKJm35B74nyoxkA/Qu1FrQCe+sk1o1GlbzH6h8DOoIrZ2xbk6v
XWOKCVjocPbjJHFXX7lcQtkuunjXK2O8MSzo6PBM+K6PK8YXG4AxMkHtv2AoSkwO
kBwT5CpmJex8RClXJUCS+fJI2BgM06Ar+wPMNyUaPW1ObTVijUe1E5WPL5LQ7VnR
WW7kR+PoL9NvIY4VucDUbTlmtvkygbQZYqrdsj/083pE8JOcx+Txcd5RBjEy+ils
jSgs5MqghK/B5+lz5la3vTiU0/U017pmYGO9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUnNkHIBp69mLRxsyE1JbNI8OjJQ8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25Oa0hJQnA2OW1MUnhz
eUUxSmJOSThPakpROC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHETE8TkTvV0IOqg+7SZDUAQH0yfH+qp518k
uXfR8Kzn0EAT6l6WJAWJ9ETy7Hwu0arUQCtPZKJVSk0byqqZMd9HyZ3HfK+u1EWo
fkikYDbIuIrJ74mQWiS6hQ04wDyQ6GBGpM8qRx5nPK6LgzX56sCUh/MYMOBGI/9d
XS2HO/oOCq4D4LPm2ToefaCkBR9/CF4NH25YpOI0CDTTv3FIa4DhRZd2LwOUQ7g2
YervO4DYW/X9W36uzp5+70b8+0XWwTvLv48JZyziXxa17f4phiZGDWAB99pnpUev
Hq4ibagiofUOiI4WLssSx9YWtpuLrvlWsMyBp2xYvl0Zp9mz7ts=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:43:33 2025 by rpki-client