Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/na9CS2KZYm6TPjV6EE-hoJtR5rw.roa
File: na9CS2KZYm6TPjV6EE-hoJtR5rw.roa (raw, json)
Hash identifier: y0DzFWshIQprNe5wLaKTK6UJkl04WR4BMZyIevrGvJs=
Subject key identifier: 9D:AF:42:4B:62:99:62:6E:93:3E:35:7A:10:4F:A1:A0:9B:51:E6:BC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0BE8
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/na9CS2KZYm6TPjV6EE-hoJtR5rw.roa
Signing time: Sun 12 Jan 2025 15:55:04 +0000
ROA not before: Sun 12 Jan 2025 15:55:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3048 (0xbe8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 12 15:55:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9DAF424B6299626E933E357A104FA1A09B51E6BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dd:1c:22:03:50:f6:06:d8:6d:5c:d4:e1:d2:
06:3a:fe:7c:42:43:d1:5e:04:fb:cb:42:d3:99:0f:
76:9e:42:8e:a3:3b:8d:a5:af:8c:66:5c:f8:42:a3:
d1:f2:5c:15:16:28:53:f8:5a:9d:6f:77:61:44:d3:
a1:13:b2:db:e2:23:9c:c6:e9:c1:74:3f:ed:5a:4f:
22:98:1d:e2:11:fd:03:cf:fc:70:4a:69:80:0b:a7:
c5:a1:10:2b:89:5c:4a:4d:c6:7e:d2:61:b2:cc:c6:
4c:d9:94:6e:fe:ed:82:7f:86:b8:e2:e6:88:39:ef:
25:b0:dd:c7:01:a8:0e:44:a2:79:a2:44:c2:33:b8:
6f:03:ab:0d:55:ee:a6:83:37:41:83:51:d6:ed:08:
6f:80:46:4f:c8:d4:70:4a:7a:39:29:b8:78:f0:27:
50:c5:ba:f9:6b:f0:16:78:66:ea:a5:5f:cc:56:c8:
84:f7:63:b6:3c:5e:b4:63:d4:55:67:9e:07:b5:32:
aa:01:7d:75:ef:75:24:cf:55:d9:0e:8d:6a:67:4c:
43:12:11:55:51:b6:aa:e1:6e:06:18:fe:20:57:5c:
42:4d:76:67:f1:d5:b0:f0:7f:0a:2c:d2:09:9a:9e:
a9:e0:0d:72:0b:4c:83:b6:88:92:e1:6b:fd:e8:51:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AF:42:4B:62:99:62:6E:93:3E:35:7A:10:4F:A1:A0:9B:51:E6:BC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/na9CS2KZYm6TPjV6EE-hoJtR5rw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9a:e5:d4:ea:a5:d5:bd:d2:2b:a2:fd:34:05:83:fc:62:3e:
a7:4e:89:ae:c8:a4:a4:a2:b7:57:75:bb:d2:45:aa:79:8d:be:
3b:8f:5c:41:c0:83:0b:b3:37:16:22:6d:05:03:f2:00:53:17:
37:f1:e0:bc:a8:3b:c7:ac:ad:e8:d9:7c:54:aa:c8:45:33:e5:
13:a8:89:60:ed:a2:24:6b:b8:7c:80:94:62:84:9a:20:14:df:
6d:a5:49:ff:a6:4d:e7:e8:8e:1e:fd:b0:42:55:bd:8f:f1:52:
d8:76:5f:9e:66:5c:1c:5e:86:6f:c3:23:84:8b:27:f3:db:fc:
15:37:e6:46:b2:6b:7a:ed:b5:96:30:7b:e7:6b:95:78:4b:59:
11:86:59:ce:cf:3b:d2:5f:ae:d8:3a:b5:15:72:5c:9c:8b:5f:
fc:2b:0a:3b:48:e6:73:ed:79:25:af:d0:4f:52:9b:31:1f:fb:
33:59:b5:14:70:a0:93:fe:22:12:58:df:0b:b2:63:9f:08:c1:
e3:2f:99:19:71:84:7e:8d:4d:9b:07:ba:09:48:dd:a8:de:d6:
09:2f:51:61:9f:30:11:2c:ed:6e:3f:a0:47:e6:2b:72:4a:7c:
62:47:f2:60:33:bb:7b:c5:75:12:73:f2:3f:56:b3:9c:f1:dd:
f3:84:4e:7e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC+gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMTIx
NTU1MDRaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlEQUY0MjRCNjI5OTYy
NkU5MzNFMzU3QTEwNEZBMUEwOUI1MUU2QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr3RwiA1D2BthtXNTh0gY6/nxCQ9FeBPvLQtOZD3aeQo6jO42l
r4xmXPhCo9HyXBUWKFP4Wp1vd2FE06ETstviI5zG6cF0P+1aTyKYHeIR/QPP/HBK
aYALp8WhECuJXEpNxn7SYbLMxkzZlG7+7YJ/hrji5og57yWw3ccBqA5EonmiRMIz
uG8Dqw1V7qaDN0GDUdbtCG+ARk/I1HBKejkpuHjwJ1DFuvlr8BZ4ZuqlX8xWyIT3
Y7Y8XrRj1FVnnge1MqoBfXXvdSTPVdkOjWpnTEMSEVVRtqrhbgYY/iBXXEJNdmfx
1bDwfwos0gmanqngDXILTIO2iJLha/3oUX9PAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUna9CS2KZYm6TPjV6EE+hoJtR5rwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL25hOUNTMktaWW02VFBq
VjZFRS1ob0p0UjVydy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAJea5dTqpdW90iui/TQFg/xiPqdOia7IpKSi
t1d1u9JFqnmNvjuPXEHAgwuzNxYibQUD8gBTFzfx4LyoO8esrejZfFSqyEUz5ROo
iWDtoiRruHyAlGKEmiAU322lSf+mTefojh79sEJVvY/xUth2X55mXBxehm/DI4SL
J/Pb/BU35kaya3rttZYwe+drlXhLWRGGWc7PO9Jfrtg6tRVyXJyLX/wrCjtI5nPt
eSWv0E9SmzEf+zNZtRRwoJP+IhJY3wuyY58IweMvmRlxhH6NTZsHuglI3aje1gkv
UWGfMBEs7W4/oEfmK3JKfGJH8mAzu3vFdRJz8j9Ws5zx3fOETn4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:50:11 2025 by rpki-client