Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/yX4wMRJV_20l9qfRY7Dlm2Il730.roa
File: yX4wMRJV_20l9qfRY7Dlm2Il730.roa (raw, json)
Hash identifier: WPUdLzUowq3O5u3Ahz8Hys0cijjqP6GDMUwvO3iH2+M=
Subject key identifier: C9:7E:30:31:12:55:FF:6D:25:F6:A7:D1:63:B0:E5:9B:62:25:EF:7D
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0AA9
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yX4wMRJV_20l9qfRY7Dlm2Il730.roa
Signing time: Sun 08 Dec 2024 07:55:02 +0000
ROA not before: Sun 08 Dec 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2729 (0xaa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 8 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=C97E30311255FF6D25F6A7D163B0E59B6225EF7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7c:34:cb:5d:a7:05:86:d8:33:e9:75:cd:e6:
9c:f2:f1:a5:31:33:49:a1:1d:46:55:ea:73:43:13:
d5:3c:8d:3b:37:35:18:4d:01:e4:dc:61:29:38:9a:
17:8c:3f:91:87:82:9d:52:e1:20:54:c5:cd:0a:55:
4d:a0:47:9f:a0:72:c7:54:2e:27:dd:e7:e1:39:dc:
8e:b1:13:29:60:4b:77:4d:19:f7:45:94:42:ba:b5:
31:f6:d5:b6:93:4d:1d:eb:33:bd:f1:4c:c9:7b:49:
04:fd:5a:f8:66:d7:be:6f:ea:33:ff:93:5f:1a:37:
c8:e6:f2:e6:49:e0:54:94:e9:8d:bd:4d:ed:a6:9c:
f6:1b:e7:40:c9:94:a6:e0:e1:eb:af:7c:62:49:cf:
01:42:9a:17:18:8b:7b:76:84:75:93:75:a4:80:5f:
c3:e3:f8:01:e8:ad:fc:f1:d4:eb:fa:66:54:2e:c2:
2d:26:77:39:1f:6f:4c:09:3e:76:3d:8b:ed:e8:43:
3a:f6:6a:93:81:66:75:35:02:55:1c:ea:ec:06:f2:
2e:a2:88:44:a3:02:6c:63:6a:92:f9:85:96:96:a7:
3e:a8:1c:34:1d:10:70:46:61:35:3c:ee:d6:20:7e:
5b:d6:58:27:50:1a:86:a4:69:a5:cc:43:c8:2e:d6:
a8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7E:30:31:12:55:FF:6D:25:F6:A7:D1:63:B0:E5:9B:62:25:EF:7D
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/yX4wMRJV_20l9qfRY7Dlm2Il730.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
01:fd:aa:1f:87:09:e7:9c:f7:b7:1d:15:84:6a:80:20:5e:41:
de:d5:c1:1e:d9:28:4c:e7:93:27:0c:81:63:fa:58:c3:c5:87:
82:90:2a:cf:d6:34:72:74:0b:ce:92:bd:45:2a:84:e8:9a:76:
d0:e4:76:a2:33:fa:96:38:60:3f:6f:a5:86:5e:d4:1b:70:8d:
ae:3f:c0:2a:db:2c:b7:8c:20:90:64:4f:20:ce:50:04:9a:27:
e2:5c:fb:b7:79:00:e7:4c:58:70:c4:1c:30:55:15:2e:a9:c1:
ca:2d:1b:c7:92:2e:33:03:06:45:56:aa:6a:14:1e:28:8c:de:
1d:cf:ba:0a:f9:0c:4b:2e:b5:17:39:9c:53:7e:85:b0:4c:68:
25:2b:13:44:98:65:88:fa:83:c9:8f:85:e7:64:d0:46:61:04:
2f:10:d2:9c:8f:4e:ff:85:8f:de:15:ba:c5:ab:8b:3d:7c:a0:
af:2d:98:88:74:53:25:a9:57:57:2e:3a:e1:cd:25:f7:a4:2f:
a7:f6:8c:67:5e:57:c0:73:7b:de:32:11:6f:c7:31:96:22:b8:
79:63:5e:3d:19:59:8d:39:2b:d2:c1:b9:3b:a3:98:2b:a7:da:
c2:47:77:c6:59:60:20:4b:27:96:37:c4:02:c0:3c:4f:fe:83:
b0:3b:06:2e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDgw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEM5N0UzMDMxMTI1NUZG
NkQyNUY2QTdEMTYzQjBFNTlCNjIyNUVGN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZfDTLXacFhtgz6XXN5pzy8aUxM0mhHUZV6nNDE9U8jTs3NRhN
AeTcYSk4mheMP5GHgp1S4SBUxc0KVU2gR5+gcsdULifd5+E53I6xEylgS3dNGfdF
lEK6tTH21baTTR3rM73xTMl7SQT9Wvhm175v6jP/k18aN8jm8uZJ4FSU6Y29Te2m
nPYb50DJlKbg4euvfGJJzwFCmhcYi3t2hHWTdaSAX8Pj+AHorfzx1Ov6ZlQuwi0m
dzkfb0wJPnY9i+3oQzr2apOBZnU1AlUc6uwG8i6iiESjAmxjapL5hZaWpz6oHDQd
EHBGYTU87tYgflvWWCdQGoakaaXMQ8gu1qgPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUyX4wMRJV/20l9qfRY7Dlm2Il730wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3lYNHdNUkpWXzIwbDlx
ZlJZN0RsbTJJbDczMC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAAH9qh+HCeec97cdFYRqgCBeQd7VwR7ZKEzn
kycMgWP6WMPFh4KQKs/WNHJ0C86SvUUqhOiadtDkdqIz+pY4YD9vpYZe1Btwja4/
wCrbLLeMIJBkTyDOUASaJ+Jc+7d5AOdMWHDEHDBVFS6pwcotG8eSLjMDBkVWqmoU
HiiM3h3Pugr5DEsutRc5nFN+hbBMaCUrE0SYZYj6g8mPhedk0EZhBC8Q0pyPTv+F
j94VusWriz18oK8tmIh0UyWpV1cuOuHNJfekL6f2jGdeV8Bze94yEW/HMZYiuHlj
Xj0ZWY05K9LBuTujmCun2sJHd8ZZYCBLJ5Y3xALAPE/+g7A7Bi4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:12:37 2025 by rpki-client