Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/xjxULoGFCO4et8AF6v7x-G2PIWc.roa
File: xjxULoGFCO4et8AF6v7x-G2PIWc.roa (raw, json)
Hash identifier: MZhJRmxXXCO2YAskLn44U0ADtj6tE/VMIjIgJaouRAo=
Subject key identifier: C6:3C:54:2E:81:85:08:EE:1E:B7:C0:05:EA:FE:F1:F8:6D:8F:21:67
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0C87
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xjxULoGFCO4et8AF6v7x-G2PIWc.roa
Signing time: Thu 30 Jan 2025 07:55:03 +0000
ROA not before: Thu 30 Jan 2025 07:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3207 (0xc87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Jan 30 07:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=C63C542E818508EE1EB7C005EAFEF1F86D8F2167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:f7:2c:c5:35:8a:9f:47:54:40:d2:53:25:86:
3c:17:37:56:55:23:c5:19:64:df:42:f2:59:42:24:
57:12:cc:bb:dd:c1:bc:85:60:8b:9a:1f:a7:c0:c5:
19:05:a9:1a:c0:2d:2d:d1:0f:4e:98:b5:da:84:e9:
0f:9f:4d:d7:d3:f7:48:a6:b5:06:d3:41:41:2c:42:
36:ed:d2:83:67:52:d8:ea:02:d2:ca:f7:7a:c4:1f:
d9:09:0a:5c:ce:8f:20:11:a5:2d:85:6c:d4:26:51:
e3:bf:23:27:97:3f:f0:e3:74:fa:1c:b7:99:78:86:
1c:98:c1:10:e6:70:13:f4:6c:3e:44:79:87:bd:65:
7b:15:c7:d7:7e:ea:f7:eb:58:0a:3a:df:24:18:02:
53:e1:22:86:0b:5f:36:0b:6e:b1:be:66:8d:a2:42:
82:02:b0:65:35:54:84:a8:a7:86:ef:a2:28:3a:ba:
dd:cf:f2:70:33:99:f4:be:45:2c:b1:d8:90:d2:c0:
45:08:d7:2b:14:ca:8b:28:af:28:fb:9c:63:bd:e0:
a9:ae:ba:c1:0e:6f:a0:ca:b1:53:ee:bd:8f:b7:15:
85:0b:0a:66:23:ac:3b:b1:2a:81:07:1c:22:1f:65:
82:1b:03:54:c7:ef:80:4f:a5:9c:cf:7b:6b:db:b1:
29:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3C:54:2E:81:85:08:EE:1E:B7:C0:05:EA:FE:F1:F8:6D:8F:21:67
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/xjxULoGFCO4et8AF6v7x-G2PIWc.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:af:07:b9:68:04:8b:af:68:c7:bf:2a:fa:27:3f:fa:45:10:
db:6b:e6:15:08:9b:28:6d:13:d1:d6:6a:08:b9:3b:63:ac:6e:
92:c7:9c:d5:51:32:d3:62:21:f9:c3:75:85:bd:92:9f:b7:bc:
fe:e9:51:ab:00:57:01:45:23:aa:28:17:a5:73:b7:eb:fa:fe:
ac:63:24:2c:7f:72:97:73:fa:aa:2c:7c:6a:43:db:1c:66:10:
6d:dd:ad:bc:8e:72:ca:9a:47:a2:f7:e4:01:8e:2d:f6:c6:c6:
5d:33:08:a2:37:f2:ed:63:09:b3:79:9a:af:f2:d6:8b:3d:3a:
35:04:32:f4:31:e3:9b:a4:59:88:3f:df:18:91:8e:d4:ea:1d:
ba:0a:ba:95:90:e5:29:ae:ad:87:75:82:dc:cd:5e:13:ed:05:
a4:22:0f:c5:e0:11:ce:78:db:46:98:c7:31:91:95:2d:7d:8d:
45:04:2d:c9:f2:25:1b:84:8b:f8:c7:f3:34:23:5d:7e:e2:76:
58:b0:8e:30:fc:5b:8b:76:da:7b:02:61:76:79:35:7a:b5:28:
d4:b5:41:ac:47:5f:c1:42:84:49:01:21:47:3d:0e:34:58:ac:
e2:cc:50:0d:5e:13:e3:6f:49:89:62:ee:cd:89:54:63:c7:2f:
54:d3:8a:71
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMzAw
NzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM2M0M1NDJFODE4NTA4
RUUxRUI3QzAwNUVBRkVGMUY4NkQ4RjIxNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD49yzFNYqfR1RA0lMlhjwXN1ZVI8UZZN9C8llCJFcSzLvdwbyF
YIuaH6fAxRkFqRrALS3RD06YtdqE6Q+fTdfT90imtQbTQUEsQjbt0oNnUtjqAtLK
93rEH9kJClzOjyARpS2FbNQmUeO/IyeXP/DjdPoct5l4hhyYwRDmcBP0bD5EeYe9
ZXsVx9d+6vfrWAo63yQYAlPhIoYLXzYLbrG+Zo2iQoICsGU1VISop4bvoig6ut3P
8nAzmfS+RSyx2JDSwEUI1ysUyosoryj7nGO94KmuusEOb6DKsVPuvY+3FYULCmYj
rDuxKoEHHCIfZYIbA1TH74BPpZzPe2vbsSnNAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUxjxULoGFCO4et8AF6v7x+G2PIWcwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3hqeFVMb0dGQ080ZXQ4
QUY2djd4LUcyUElXYy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFqvB7loBIuvaMe/KvonP/pFENtr5hUImyht
E9HWagi5O2OsbpLHnNVRMtNiIfnDdYW9kp+3vP7pUasAVwFFI6ooF6Vzt+v6/qxj
JCx/cpdz+qosfGpD2xxmEG3drbyOcsqaR6L35AGOLfbGxl0zCKI38u1jCbN5mq/y
1os9OjUEMvQx45ukWYg/3xiRjtTqHboKupWQ5SmurYd1gtzNXhPtBaQiD8XgEc54
20aYxzGRlS19jUUELcnyJRuEi/jH8zQjXX7idliwjjD8W4t22nsCYXZ5NXq1KNS1
QaxHX8FChEkBIUc9DjRYrOLMUA1eE+NvSYli7s2JVGPHL1TTinE=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:01:27 2025 by rpki-client