Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ntYMJh5g2W_a8rLGlIJqln_lr5U.roa
File: ntYMJh5g2W_a8rLGlIJqln_lr5U.roa (raw, json)
Hash identifier: 3DK09QK4NpQ5yOt5z1LslXnGsT5MjkgzlbYdOFkrqLM=
Subject key identifier: 9E:D6:0C:26:1E:60:D9:6F:DA:F2:B2:C6:94:82:6A:96:7F:E5:AF:95
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B27
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ntYMJh5g2W_a8rLGlIJqln_lr5U.roa
Signing time: Sun 22 Dec 2024 07:55:02 +0000
ROA not before: Sun 22 Dec 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2855 (0xb27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 22 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ED60C261E60D96FDAF2B2C694826A967FE5AF95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:50:d2:15:ab:bf:f5:f4:be:8d:a0:70:08:fb:
a9:de:4a:03:a4:43:8b:83:e2:5a:24:9c:fa:7d:3e:
e7:23:ba:8b:d5:a0:0d:5a:aa:06:4c:77:c5:45:63:
ad:43:56:81:76:70:a0:30:25:83:fd:40:b5:0f:4b:
f7:37:6b:b8:de:c2:c1:37:9f:af:59:4a:db:42:73:
76:1a:a6:ac:37:e8:27:9f:b0:85:ea:50:3b:a0:52:
61:ac:6a:8e:ac:93:0a:5e:89:1e:b2:ab:ba:f4:72:
95:aa:f6:93:a3:14:37:9d:1e:b4:d7:ca:4b:99:f4:
d1:4f:a3:1c:38:c8:da:f2:2e:b8:5a:67:d8:ec:bc:
0d:73:bb:ac:91:75:65:8b:56:6d:f8:6a:0b:ab:b7:
39:61:91:0f:bb:30:d4:02:04:fd:df:86:2e:93:81:
28:1f:b3:ac:9c:67:e3:dd:6e:e3:ea:fb:f1:33:36:
7c:fd:5f:ad:72:32:59:80:6e:63:70:aa:02:53:d4:
f2:03:cd:6f:46:d8:23:ad:37:bd:8a:87:c6:0b:39:
1a:93:cc:14:d0:fd:55:4e:39:00:be:ee:e8:fe:8c:
f8:ff:1a:8b:f5:f4:c8:4f:a9:17:7f:f6:6a:59:ce:
92:f7:c6:43:61:e9:51:97:e4:fa:77:4b:66:4e:df:
fc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D6:0C:26:1E:60:D9:6F:DA:F2:B2:C6:94:82:6A:96:7F:E5:AF:95
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ntYMJh5g2W_a8rLGlIJqln_lr5U.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:a4:b3:ba:36:12:ff:c1:9d:95:e4:c2:39:8f:4b:ab:51:d5:
6d:8e:55:b3:1c:e5:b9:94:a4:1e:ad:03:8d:16:77:dc:1a:77:
ad:e4:b2:c4:c4:37:f5:93:5b:01:fa:42:63:75:6b:89:dd:47:
f5:ab:dc:83:c2:21:18:12:ed:3d:90:4e:48:5f:13:67:db:84:
82:c8:a4:ec:06:4c:b9:0a:e9:fb:37:5f:f7:1f:c9:c9:7d:dd:
99:a5:08:1d:51:f6:ae:81:87:64:e1:98:0b:1d:ee:88:87:27:
bf:6a:bd:19:d6:a5:ac:e6:5a:48:ec:97:9a:b9:12:ce:f5:db:
63:1b:c1:1c:1b:44:ff:71:0b:ff:16:23:41:81:8b:35:53:71:
d5:73:21:8f:54:90:19:2d:b3:58:19:66:78:c5:86:e3:41:dd:
99:04:dd:ab:40:bb:75:48:8f:cd:e0:20:8b:0a:5b:ef:45:ca:
f0:2e:1e:71:36:67:90:74:5d:05:eb:76:f2:74:f5:e5:50:83:
26:07:c4:96:ba:8a:4d:a3:41:d1:09:f3:c7:25:3d:4b:7d:f9:
58:27:5c:53:c3:1b:51:7d:97:0c:28:5b:72:d0:da:9a:bc:3c:
db:90:d2:7a:d4:85:7b:f3:db:02:d0:c3:3a:d7:0c:05:a5:1c:
13:d2:87:f6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCycwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjIw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlFRDYwQzI2MUU2MEQ5
NkZEQUYyQjJDNjk0ODI2QTk2N0ZFNUFGOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNUNIVq7/19L6NoHAI+6neSgOkQ4uD4loknPp9PucjuovVoA1a
qgZMd8VFY61DVoF2cKAwJYP9QLUPS/c3a7jewsE3n69ZSttCc3Yapqw36CefsIXq
UDugUmGsao6skwpeiR6yq7r0cpWq9pOjFDedHrTXykuZ9NFPoxw4yNryLrhaZ9js
vA1zu6yRdWWLVm34agurtzlhkQ+7MNQCBP3fhi6TgSgfs6ycZ+PdbuPq+/EzNnz9
X61yMlmAbmNwqgJT1PIDzW9G2COtN72Kh8YLORqTzBTQ/VVOOQC+7uj+jPj/Gov1
9MhPqRd/9mpZzpL3xkNh6VGX5Pp3S2ZO3/wFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUntYMJh5g2W/a8rLGlIJqln/lr5UwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL250WU1KaDVnMldfYThy
TEdsSUpxbG5fbHI1VS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHyks7o2Ev/BnZXkwjmPS6tR1W2OVbMc5bmU
pB6tA40Wd9wad63kssTEN/WTWwH6QmN1a4ndR/Wr3IPCIRgS7T2QTkhfE2fbhILI
pOwGTLkK6fs3X/cfycl93ZmlCB1R9q6Bh2ThmAsd7oiHJ79qvRnWpazmWkjsl5q5
Es7122MbwRwbRP9xC/8WI0GBizVTcdVzIY9UkBkts1gZZnjFhuNB3ZkE3atAu3VI
j83gIIsKW+9FyvAuHnE2Z5B0XQXrdvJ09eVQgyYHxJa6ik2jQdEJ88clPUt9+Vgn
XFPDG1F9lwwoW3LQ2pq8PNuQ0nrUhXvz2wLQwzrXDAWlHBPSh/Y=
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:28:26 2025 by rpki-client