Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/rsQH4HR2l1b7a8dhIuO-v3j6IIE.roa
File: rsQH4HR2l1b7a8dhIuO-v3j6IIE.roa (raw, json)
Hash identifier: 4tN2q4tukvjf1mYHc4j3zTNmvPlXCWSkM0rV8Nb+48E=
Subject key identifier: AE:C4:07:E0:74:76:97:56:FB:6B:C7:61:22:E3:BE:BF:78:FA:20:81
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0CA2
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rsQH4HR2l1b7a8dhIuO-v3j6IIE.roa
Signing time: Sun 02 Feb 2025 07:55:03 +0000
ROA not before: Sun 02 Feb 2025 07:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3234 (0xca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 2 07:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=AEC407E074769756FB6BC76122E3BEBF78FA2081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:9a:4b:c7:85:30:09:40:8a:25:ce:c6:fe:
ba:72:23:8f:f5:cc:c8:41:ed:35:05:98:e1:48:79:
a4:a3:f5:8f:cc:c4:33:c1:53:9b:ee:01:0b:29:c6:
a4:e3:47:3b:1c:7a:45:45:64:f6:47:95:28:b3:26:
06:b7:6d:f2:a6:43:a8:7d:ae:27:9a:46:a5:03:38:
9e:13:d3:44:99:f2:d2:8f:f7:a0:aa:42:c4:82:f2:
16:57:12:e4:c6:ee:17:c9:f7:0d:84:8d:01:17:4f:
28:37:a7:4c:c7:54:31:d7:7b:1f:e3:11:63:9f:4c:
89:d2:cb:9a:4e:fd:54:af:90:01:32:eb:b4:6d:6f:
a8:9e:99:f7:d1:d0:06:8a:b5:18:18:7e:5e:1b:a1:
d3:8c:ce:51:d1:c0:67:9a:e0:fe:e1:53:e4:fd:a6:
8d:31:ca:58:93:3d:47:cf:f0:6b:49:c3:b3:20:c9:
6d:9f:79:cb:fd:6a:35:78:a2:13:dc:d0:d1:bc:80:
3c:40:2a:51:e3:ff:44:5e:b8:aa:4d:0e:6d:8c:03:
a6:6e:69:8d:6b:fe:dd:0b:45:3e:d3:2e:35:8d:9a:
37:f9:0c:77:04:dd:dd:f4:c1:1a:bf:38:fa:dd:5f:
f4:e5:33:ba:b9:02:e7:69:28:b2:43:1c:bc:75:e8:
d3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C4:07:E0:74:76:97:56:FB:6B:C7:61:22:E3:BE:BF:78:FA:20:81
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/rsQH4HR2l1b7a8dhIuO-v3j6IIE.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
87:c9:16:80:ca:40:a4:20:ed:92:61:c8:64:45:50:81:0b:45:
8d:e5:d5:0a:97:3f:42:b7:66:ab:1d:91:4c:fd:20:3f:2a:7e:
31:00:c9:5b:4a:86:f8:e2:da:34:16:fa:55:b0:13:84:d3:8e:
c1:a5:75:18:4b:3d:7a:82:9d:b2:e2:08:59:f6:08:ac:7e:8b:
63:43:60:f0:17:3e:3a:34:af:32:02:ff:25:56:d9:75:37:0f:
f9:23:76:a8:bc:06:87:ed:b6:fe:d7:b8:6f:e1:54:69:98:10:
35:1b:8a:59:b3:0b:91:9c:93:fb:68:b0:5e:48:4c:43:99:69:
7b:0e:f2:98:61:c9:58:33:20:05:75:28:d9:b7:51:aa:25:1c:
25:b3:e7:61:71:01:d9:09:44:74:e6:1b:4b:85:fa:1a:9c:ab:
5d:a1:a5:ad:50:bc:7e:d8:a0:6d:77:15:f9:81:12:8b:4c:38:
07:68:ee:32:bc:96:d2:07:a8:f1:35:70:bc:f5:59:78:21:98:
5e:69:b0:66:90:4b:3b:2d:9f:ae:de:bc:d2:d5:94:a0:c7:29:
19:e2:1e:d3:e5:82:a9:8c:cd:14:c4:30:9f:e3:39:4b:70:f7:
02:4a:81:49:b0:e5:06:29:c1:02:ce:b2:1e:f3:78:cf:c6:fc:
a0:e9:07:44
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAyMDIw
NzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEFFQzQwN0UwNzQ3Njk3
NTZGQjZCQzc2MTIyRTNCRUJGNzhGQTIwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCyZpLx4UwCUCKJc7G/rpyI4/1zMhB7TUFmOFIeaSj9Y/MxDPB
U5vuAQspxqTjRzscekVFZPZHlSizJga3bfKmQ6h9rieaRqUDOJ4T00SZ8tKP96Cq
QsSC8hZXEuTG7hfJ9w2EjQEXTyg3p0zHVDHXex/jEWOfTInSy5pO/VSvkAEy67Rt
b6iemffR0AaKtRgYfl4bodOMzlHRwGea4P7hU+T9po0xyliTPUfP8GtJw7MgyW2f
ecv9ajV4ohPc0NG8gDxAKlHj/0ReuKpNDm2MA6ZuaY1r/t0LRT7TLjWNmjf5DHcE
3d30wRq/OPrdX/TlM7q5AudpKLJDHLx16NNHAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUrsQH4HR2l1b7a8dhIuO+v3j6IIEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3JzUUg0SFIybDFiN2E4
ZGhJdU8tdjNqNklJRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIfJFoDKQKQg7ZJhyGRFUIELRY3l1QqXP0K3
ZqsdkUz9ID8qfjEAyVtKhvji2jQW+lWwE4TTjsGldRhLPXqCnbLiCFn2CKx+i2ND
YPAXPjo0rzIC/yVW2XU3D/kjdqi8Bofttv7XuG/hVGmYEDUbilmzC5Gck/tosF5I
TEOZaXsO8phhyVgzIAV1KNm3UaolHCWz52FxAdkJRHTmG0uF+hqcq12hpa1QvH7Y
oG13FfmBEotMOAdo7jK8ltIHqPE1cLz1WXghmF5psGaQSzstn67evNLVlKDHKRni
HtPlgqmMzRTEMJ/jOUtw9wJKgUmw5QYpwQLOsh7zeM/G/KDpB0Q=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:45:58 2025 by rpki-client