Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/u6tVYwV5mUnX93d2F07a3hRJwlw.roa
File: u6tVYwV5mUnX93d2F07a3hRJwlw.roa (raw, json)
Hash identifier: mhlEGbrcZ0Unsp9Cwg/87EXcpiEy/mImzuKgZd5+Q5I=
Subject key identifier: BB:AB:55:63:05:79:99:49:D7:F7:77:76:17:4E:DA:DE:14:49:C2:5C
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0A25
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/u6tVYwV5mUnX93d2F07a3hRJwlw.roa
Signing time: Sat 23 Nov 2024 15:55:02 +0000
ROA not before: Sat 23 Nov 2024 15:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2597 (0xa25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Nov 23 15:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=BBAB556305799949D7F77776174EDADE1449C25C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:cc:aa:13:3a:05:c5:3e:85:f0:3b:5f:38:6e:
13:5d:1d:90:dc:d9:65:38:83:00:f2:ed:9f:05:e5:
23:18:2d:71:3a:fa:c7:ae:dd:7a:73:3e:64:cd:b7:
7e:2c:d4:18:0f:aa:f6:50:21:d6:ee:58:8d:1a:f6:
6b:19:7e:a1:55:1d:9c:fd:4b:45:91:7b:69:b2:03:
54:99:34:cf:ce:95:f8:d0:5a:d5:32:a2:8a:f7:9c:
8f:7a:a6:29:69:cb:99:78:b4:e3:db:24:c5:ea:2d:
cc:31:38:26:d2:2f:69:bd:5a:b8:db:7a:f9:bf:03:
a5:e6:8b:48:99:41:26:2f:2d:78:3b:06:f8:fb:97:
4b:b6:a8:c2:a6:bf:47:99:c5:ba:68:3b:82:a9:55:
5e:63:ee:b0:f9:be:c8:25:25:89:d9:ca:4f:01:e0:
c4:82:fa:8e:63:8c:73:d5:f4:d1:5f:d7:b5:5e:64:
02:fd:fd:45:7c:0e:ac:64:0f:c2:61:11:b2:f5:5a:
df:93:cc:55:c5:9e:4a:ca:9c:94:07:e3:af:0b:41:
73:f1:96:e3:7b:4a:2f:d5:8b:2e:20:4f:d5:f0:f9:
b6:0e:ec:1d:d1:f8:fb:12:61:cf:b4:6a:8b:f0:59:
9d:d5:3f:ea:72:a2:43:43:d3:38:e2:9b:28:4f:44:
1d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AB:55:63:05:79:99:49:D7:F7:77:76:17:4E:DA:DE:14:49:C2:5C
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/u6tVYwV5mUnX93d2F07a3hRJwlw.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ce:cb:de:cb:96:86:b7:67:e6:a0:ce:79:aa:be:9a:86:56:
cf:6d:a4:3c:e8:16:f5:80:ff:0c:46:c0:26:fc:d9:4f:13:6e:
da:11:8f:8f:28:bd:44:f3:ed:c0:69:4c:a2:34:f8:30:da:2b:
1f:13:20:dc:2f:39:c6:ea:2d:d4:6a:6d:12:55:ac:22:36:55:
d5:08:79:7b:75:68:a2:1e:ac:43:1a:7d:f0:dc:e4:64:7a:ec:
29:e0:07:6c:a2:04:6e:ee:c4:cd:14:3f:bd:97:de:d6:1e:9f:
00:d9:7c:9a:09:d2:23:b4:3d:6d:6f:4a:2f:ab:7a:4d:57:47:
3a:96:a4:14:3c:a4:ab:dc:d9:f0:3a:47:26:eb:24:a7:7f:3f:
41:b9:43:cf:8e:f4:c0:1e:d3:9d:b0:ef:2c:bd:79:27:88:88:
da:b5:bc:68:5d:39:2a:eb:c4:f7:51:10:5d:b7:11:29:ca:5f:
eb:2e:c5:aa:91:58:fe:f8:0a:8d:ac:cf:5c:ea:d4:5a:b6:86:
aa:3e:b7:a0:b1:6d:50:88:b0:63:5e:37:54:ba:0a:89:60:70:
cb:76:ba:ee:87:f9:dc:7f:bb:0d:6a:5c:3e:35:89:17:60:45:
46:e0:7c:15:d6:36:64:8f:fe:80:39:57:76:32:00:69:e3:9a:
21:2a:d9:b8
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCiUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjMx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEJCQUI1NTYzMDU3OTk5
NDlEN0Y3Nzc3NjE3NEVEQURFMTQ0OUMyNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2zKoTOgXFPoXwO184bhNdHZDc2WU4gwDy7Z8F5SMYLXE6+seu
3XpzPmTNt34s1BgPqvZQIdbuWI0a9msZfqFVHZz9S0WRe2myA1SZNM/OlfjQWtUy
oor3nI96pilpy5l4tOPbJMXqLcwxOCbSL2m9Wrjbevm/A6Xmi0iZQSYvLXg7Bvj7
l0u2qMKmv0eZxbpoO4KpVV5j7rD5vsglJYnZyk8B4MSC+o5jjHPV9NFf17VeZAL9
/UV8DqxkD8JhEbL1Wt+TzFXFnkrKnJQH468LQXPxluN7Si/Viy4gT9Xw+bYO7B3R
+PsSYc+0aovwWZ3VP+pyokND0zjimyhPRB2jAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUu6tVYwV5mUnX93d2F07a3hRJwlwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3U2dFZZd1Y1bVVuWDkz
ZDJGMDdhM2hSSndsdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIHOy97Lloa3Z+agznmqvpqGVs9tpDzoFvWA
/wxGwCb82U8TbtoRj48ovUTz7cBpTKI0+DDaKx8TINwvOcbqLdRqbRJVrCI2VdUI
eXt1aKIerEMaffDc5GR67CngB2yiBG7uxM0UP72X3tYenwDZfJoJ0iO0PW1vSi+r
ek1XRzqWpBQ8pKvc2fA6RybrJKd/P0G5Q8+O9MAe052w7yy9eSeIiNq1vGhdOSrr
xPdREF23ESnKX+suxaqRWP74Co2sz1zq1Fq2hqo+t6CxbVCIsGNeN1S6ColgcMt2
uu6H+dx/uw1qXD41iRdgRUbgfBXWNmSP/oA5V3YyAGnjmiEq2bg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:35:32 2024 by rpki-client on console-ams.rpki-client.org