Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/rSIDb7V_qDSQar3vyppgtx4WJAU.roa
File: rSIDb7V_qDSQar3vyppgtx4WJAU.roa (raw, json)
Hash identifier: WThCil1Rnh2fjyUmE66InrR3Gf6s4oVne3UQE803RG4=
Subject key identifier: AD:22:03:6F:B5:7F:A8:34:90:6A:BD:EF:CA:9A:60:B7:1E:16:24:05
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0BC4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rSIDb7V_qDSQar3vyppgtx4WJAU.roa
Signing time: Wed 08 Jan 2025 15:55:02 +0000
ROA not before: Wed 08 Jan 2025 15:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3012 (0xbc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 8 15:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=AD22036FB57FA834906ABDEFCA9A60B71E162405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:e1:4a:cb:0e:80:86:57:59:2d:ad:88:a5:
cb:77:cd:9a:25:4a:26:ae:55:4e:07:1d:11:c3:2a:
de:98:1e:2e:5f:94:6d:7a:25:56:0b:9c:bc:0b:82:
ff:c0:6a:24:02:bb:c9:68:c4:c4:ae:c6:94:d9:1b:
82:5a:4c:a6:4c:a0:19:57:db:ef:a7:48:f7:28:3a:
bb:f8:2d:05:79:65:01:24:0d:72:99:38:46:b4:19:
72:fb:1c:ec:51:ea:79:4e:38:0f:f5:24:23:13:be:
41:86:03:79:3b:bb:f9:25:07:8e:02:29:fe:cd:5f:
0b:16:ff:21:e6:50:1d:d5:cc:dd:63:2d:34:84:00:
49:18:07:c2:94:08:d6:13:b0:45:21:2f:5e:a6:66:
3a:52:d2:62:68:e4:8a:c2:13:9a:1a:4e:2e:ad:c1:
be:e0:28:11:9c:96:ad:1d:44:f6:11:44:f5:c2:78:
39:cc:72:6b:54:fc:14:e9:0d:9e:3b:bf:ab:66:7e:
66:91:b5:38:ff:09:a2:d6:95:e8:ad:f0:ff:e4:2e:
ca:9e:0b:59:34:60:07:fe:92:d6:10:92:03:03:b4:
8b:9a:4b:0b:fc:60:45:dd:b6:e0:d9:bb:02:7c:12:
5c:d6:bc:a3:b2:93:a5:08:bf:18:22:27:4c:dc:ea:
81:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:22:03:6F:B5:7F:A8:34:90:6A:BD:EF:CA:9A:60:B7:1E:16:24:05
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rSIDb7V_qDSQar3vyppgtx4WJAU.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
26:1e:b2:6a:02:94:c2:b4:9a:f5:a3:81:32:3a:bc:a8:93:59:
9f:ba:e5:9b:a1:bf:59:93:67:07:a3:8a:f6:15:f3:57:1e:29:
dd:35:6f:fd:a7:46:f1:11:63:f7:49:fc:4b:fd:0e:a6:d4:c3:
bd:8b:89:ca:dc:65:0f:aa:3c:bc:a8:50:0e:64:7c:34:ec:78:
da:83:84:4c:04:85:48:85:bf:78:b2:44:41:20:d0:fa:c3:79:
7b:10:e6:aa:2f:75:95:4e:9c:c8:fa:95:9d:08:d7:08:86:0a:
03:c0:7a:c8:91:3c:df:db:13:ed:11:8b:31:50:37:74:a7:db:
2b:22:ac:9c:89:85:f7:3b:85:0b:fa:5d:8f:b1:7a:dc:1b:0d:
40:db:1d:55:68:30:15:77:97:aa:4d:11:2b:49:3a:ab:57:eb:
fc:d6:27:1a:fe:0f:32:fc:9b:94:78:47:06:1a:ae:7c:76:88:
5b:d6:e6:bb:f8:24:20:ef:5d:c6:24:c8:6f:bc:1a:c9:6f:ca:
99:54:dc:d7:7f:b1:6e:3d:0b:5d:cf:1a:0c:4a:d3:c8:85:fd:
d4:56:69:a5:48:9d:97:8f:7f:4d:0a:88:f6:aa:71:e3:6e:64:
98:27:ee:80:f0:04:e4:a3:33:9c:47:39:16:80:c6:62:b8:8a:
05:ac:b4:0c
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC8QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDgx
NTU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEFEMjIwMzZGQjU3RkE4
MzQ5MDZBQkRFRkNBOUE2MEI3MUUxNjI0MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIa+FKyw6AhldZLa2Ipct3zZolSiauVU4HHRHDKt6YHi5flG16
JVYLnLwLgv/AaiQCu8loxMSuxpTZG4JaTKZMoBlX2++nSPcoOrv4LQV5ZQEkDXKZ
OEa0GXL7HOxR6nlOOA/1JCMTvkGGA3k7u/klB44CKf7NXwsW/yHmUB3VzN1jLTSE
AEkYB8KUCNYTsEUhL16mZjpS0mJo5IrCE5oaTi6twb7gKBGclq0dRPYRRPXCeDnM
cmtU/BTpDZ47v6tmfmaRtTj/CaLWleit8P/kLsqeC1k0YAf+ktYQkgMDtIuaSwv8
YEXdtuDZuwJ8ElzWvKOyk6UIvxgiJ0zc6oHhAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUrSIDb7V/qDSQar3vyppgtx4WJAUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3JTSURiN1ZfcURTUWFy
M3Z5cHBndHg0V0pBVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACYesmoClMK0mvWjgTI6vKiTWZ+65Zuhv1mT
ZwejivYV81ceKd01b/2nRvERY/dJ/Ev9DqbUw72LicrcZQ+qPLyoUA5kfDTseNqD
hEwEhUiFv3iyREEg0PrDeXsQ5qovdZVOnMj6lZ0I1wiGCgPAesiRPN/bE+0RizFQ
N3Sn2ysirJyJhfc7hQv6XY+xetwbDUDbHVVoMBV3l6pNEStJOqtX6/zWJxr+DzL8
m5R4RwYarnx2iFvW5rv4JCDvXcYkyG+8GslvyplU3Nd/sW49C13PGgxK08iF/dRW
aaVInZePf00KiPaqceNuZJgn7oDwBOSjM5xHORaAxmK4igWstAw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 22:34:37 2025 by rpki-client