Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/rpZl-JDFcmGmC3OZkjaIb4_M-h4.roa
File: rpZl-JDFcmGmC3OZkjaIb4_M-h4.roa (raw, json)
Hash identifier: lGQe0dyzxOhkl3kT2Ifokf+vLPs8wkxkHdUXLiolUVU=
Subject key identifier: AE:96:65:F8:90:C5:72:61:A6:0B:73:99:92:36:88:6F:8F:CC:FA:1E
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0862
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rpZl-JDFcmGmC3OZkjaIb4_M-h4.roa
Signing time: Fri 04 Oct 2024 15:55:03 +0000
ROA not before: Fri 04 Oct 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2146 (0x862)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Oct 4 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=AE9665F890C57261A60B73999236886F8FCCFA1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f6:46:a5:42:8c:c8:7d:67:20:66:22:74:9b:
48:9a:8b:3f:06:56:00:5d:cf:bb:e3:10:61:7e:ab:
1e:06:af:f3:0b:f4:37:03:59:e9:7c:21:78:56:e7:
32:12:b5:1a:59:5c:b3:bd:f8:4f:40:36:c7:d7:b6:
49:e2:57:2f:09:89:f8:ab:34:c0:51:18:1c:b4:52:
de:40:ca:1d:c6:2e:e1:20:45:14:4d:73:f0:6e:ea:
78:8e:b8:1b:9c:74:45:50:38:dd:04:24:89:ed:11:
bb:dc:3d:1b:76:45:6a:84:c7:19:a9:6e:df:7f:40:
dd:0a:24:4d:dd:36:e8:3a:01:72:c2:0f:e9:e4:0c:
97:e6:9a:8a:6f:76:51:85:6b:2a:8c:84:c1:53:aa:
41:bc:ec:e2:37:57:0b:3d:39:49:20:57:9a:9a:6a:
2d:bc:0f:41:26:8b:84:99:9b:19:4d:09:0b:ab:85:
32:51:5b:61:85:2e:7b:42:7b:09:6f:12:4b:d3:6c:
56:a6:36:8c:93:be:0b:cb:8b:53:36:65:6f:a1:e0:
f7:a4:54:33:f7:32:1c:05:a9:16:31:a6:1b:a4:a5:
ee:5c:da:13:b0:8b:11:ff:4b:13:30:55:45:cc:85:
96:50:f8:f5:f1:ad:42:83:3b:75:21:b0:ad:87:36:
7b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:96:65:F8:90:C5:72:61:A6:0B:73:99:92:36:88:6F:8F:CC:FA:1E
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rpZl-JDFcmGmC3OZkjaIb4_M-h4.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
33:88:2b:67:22:fc:e0:a7:69:24:e9:5c:83:b0:59:e7:08:75:
0e:2f:72:b0:86:f6:44:5d:25:bd:d0:7c:79:e2:e6:68:c6:ae:
fc:6b:d6:2a:83:29:83:bc:90:d5:ae:f5:2d:1b:f9:20:b9:4e:
e6:85:67:a6:09:4c:fd:a8:16:fe:ed:c5:f7:b6:23:a6:68:7b:
86:a5:24:43:96:b6:a3:35:6c:47:28:af:fd:37:8d:56:02:78:
71:31:9a:94:48:56:98:b4:1d:f6:60:7a:87:37:66:82:b4:03:
f6:2c:dc:94:0b:c5:d5:ff:dc:c8:66:01:4c:f4:83:15:96:2f:
ad:62:44:cc:30:e0:d9:55:cc:53:5b:f1:e9:24:7e:99:51:38:
fe:00:25:d7:c4:ce:25:56:74:2c:83:e6:a1:89:52:96:9c:c2:
17:38:31:75:ed:6e:f6:0a:d3:89:ec:1b:2c:b4:42:0b:e6:b3:
1f:5b:73:56:cf:da:06:09:6d:41:b0:0c:31:90:0c:69:91:eb:
0b:05:a2:a9:cc:cb:60:22:f5:be:79:f0:06:56:42:e9:87:66:
16:65:5e:46:1e:89:46:af:32:c0:ff:d5:e3:b8:48:b7:3c:b8:
fb:ef:4a:29:ad:15:e7:34:57:44:12:2d:d5:d9:ec:aa:78:2a:
1e:e7:53:3d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEwMDQx
NTU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEFFOTY2NUY4OTBDNTcy
NjFBNjBCNzM5OTkyMzY4ODZGOEZDQ0ZBMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDd9kalQozIfWcgZiJ0m0iaiz8GVgBdz7vjEGF+qx4Gr/ML9DcD
Wel8IXhW5zIStRpZXLO9+E9ANsfXtkniVy8JifirNMBRGBy0Ut5Ayh3GLuEgRRRN
c/Bu6niOuBucdEVQON0EJIntEbvcPRt2RWqExxmpbt9/QN0KJE3dNug6AXLCD+nk
DJfmmopvdlGFayqMhMFTqkG87OI3Vws9OUkgV5qaai28D0Emi4SZmxlNCQurhTJR
W2GFLntCewlvEkvTbFamNoyTvgvLi1M2ZW+h4PekVDP3MhwFqRYxphukpe5c2hOw
ixH/SxMwVUXMhZZQ+PXxrUKDO3UhsK2HNnu9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUrpZl+JDFcmGmC3OZkjaIb4/M+h4wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3JwWmwtSkRGY21HbUMz
T1pramFJYjRfTS1oNC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBADOIK2ci/OCnaSTpXIOwWecIdQ4vcrCG9kRd
Jb3QfHni5mjGrvxr1iqDKYO8kNWu9S0b+SC5TuaFZ6YJTP2oFv7txfe2I6Zoe4al
JEOWtqM1bEcor/03jVYCeHExmpRIVpi0HfZgeoc3ZoK0A/Ys3JQLxdX/3MhmAUz0
gxWWL61iRMww4NlVzFNb8ekkfplROP4AJdfEziVWdCyD5qGJUpacwhc4MXXtbvYK
04nsGyy0Qgvmsx9bc1bP2gYJbUGwDDGQDGmR6wsFoqnMy2Ai9b558AZWQumHZhZl
XkYeiUavMsD/1eO4SLc8uPvvSimtFec0V0QSLdXZ7Kp4Kh7nUz0=
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:52:33 2025 by rpki-client