Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/z7dK5C-LRjlsdu2i_shGRELd2V8.roa
File: z7dK5C-LRjlsdu2i_shGRELd2V8.roa (raw, json)
Hash identifier: 6puNfIui7kED8Zgfjjs0KcSvO2WB/fG9XQsLrCd+1cA=
Subject key identifier: CF:B7:4A:E4:2F:8B:46:39:6C:76:ED:A2:FE:C8:46:44:42:DD:D9:5F
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0B15
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/z7dK5C-LRjlsdu2i_shGRELd2V8.roa
Signing time: Fri 20 Dec 2024 07:55:02 +0000
ROA not before: Fri 20 Dec 2024 07:55:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2837 (0xb15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Dec 20 07:55:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=CFB74AE42F8B46396C76EDA2FEC8464442DDD95F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f5:5c:a6:83:ba:3e:ac:18:9c:b5:7a:a2:67:
13:01:52:65:7c:77:16:a0:72:ab:83:b4:44:f7:44:
fb:47:28:01:4b:12:e9:ae:75:05:77:62:da:7d:91:
26:a4:f1:49:26:c1:d1:7e:02:f5:27:82:db:41:ae:
64:df:ca:a8:ad:26:f6:5b:e8:8a:51:a3:1e:a3:3b:
5a:a0:2d:83:92:09:82:8b:fb:7a:98:ba:04:cb:23:
91:7a:eb:e8:86:4b:c5:20:17:64:80:65:c9:db:90:
3a:fc:33:70:2c:1c:12:39:cc:5d:c3:66:ee:91:29:
82:41:1b:fd:8c:2b:38:0a:cf:f4:d0:11:31:49:77:
77:d0:82:c3:c0:1c:ea:e6:e2:19:6b:70:8a:48:5e:
97:ee:ec:25:11:39:db:fb:cd:4f:27:60:94:b9:c4:
f1:14:fb:15:1b:a0:c8:06:72:6e:00:0a:4f:f2:1e:
f4:d6:c3:51:27:64:4d:d4:8c:d4:a6:f5:83:f8:c0:
f9:6e:9c:fd:a8:01:73:03:0d:88:f3:dd:6a:b6:10:
12:c4:3c:2c:30:a7:df:82:8e:53:4d:17:72:e2:54:
e0:31:eb:d6:13:74:7f:3a:06:13:72:bf:cb:02:4e:
72:13:46:60:6f:32:f7:c0:1b:08:30:2e:1f:49:5a:
fb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B7:4A:E4:2F:8B:46:39:6C:76:ED:A2:FE:C8:46:44:42:DD:D9:5F
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/z7dK5C-LRjlsdu2i_shGRELd2V8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ae:f4:0b:af:ae:f7:aa:9f:eb:1f:e0:b0:1a:b6:3d:eb:95:
f6:9a:2d:4c:87:4c:8a:03:35:f5:32:8b:c1:a6:73:26:31:7c:
7f:da:a7:e9:2c:26:bf:e2:2d:6c:14:85:8a:7a:c7:cf:d6:45:
0f:de:2d:6b:e1:a5:b9:a1:32:68:be:08:17:a0:ed:3b:4e:c0:
0c:f4:60:3d:fc:e0:66:16:64:90:02:a7:08:c7:ce:77:25:4f:
e9:26:ce:5f:7d:14:ad:46:dc:6c:3c:36:1d:84:b4:02:1b:f5:
13:00:87:ff:87:6f:d7:37:4a:24:e3:ac:30:b6:fd:79:ee:9a:
81:4a:1d:8f:00:39:08:4e:6e:81:5b:c2:6b:58:7a:21:bf:9d:
4e:f1:95:a6:cd:db:d6:80:8b:44:1b:a2:d2:e5:66:37:8e:ca:
69:4d:45:7f:bf:3d:75:c9:dd:90:57:bd:2a:80:17:34:0e:5e:
28:5f:c9:17:48:38:23:ae:f5:fa:47:16:bf:40:a6:2c:30:3e:
3e:61:ef:cb:3d:38:49:8e:80:c9:28:da:53:5a:bb:c8:d1:91:
fe:09:1a:98:01:e4:d1:e4:1b:27:33:a9:63:df:fb:14:e8:5e:
a3:5a:0c:42:83:ab:33:d8:b1:7c:9a:1c:c7:89:de:c8:81:05:
04:1b:5d:9a
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCxUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjAw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKENGQjc0QUU0MkY4QjQ2
Mzk2Qzc2RURBMkZFQzg0NjQ0NDJEREQ5NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo9Vymg7o+rBictXqiZxMBUmV8dxagcquDtET3RPtHKAFLEumu
dQV3Ytp9kSak8UkmwdF+AvUngttBrmTfyqitJvZb6IpRox6jO1qgLYOSCYKL+3qY
ugTLI5F66+iGS8UgF2SAZcnbkDr8M3AsHBI5zF3DZu6RKYJBG/2MKzgKz/TQETFJ
d3fQgsPAHOrm4hlrcIpIXpfu7CUROdv7zU8nYJS5xPEU+xUboMgGcm4ACk/yHvTW
w1EnZE3UjNSm9YP4wPlunP2oAXMDDYjz3Wq2EBLEPCwwp9+CjlNNF3LiVOAx69YT
dH86BhNyv8sCTnITRmBvMvfAGwgwLh9JWvsnAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUz7dK5C+LRjlsdu2i/shGRELd2V8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3o3ZEs1Qy1MUmpsc2R1
Mmlfc2hHUkVMZDJWOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAGGu9Auvrveqn+sf4LAatj3rlfaaLUyHTIoD
NfUyi8GmcyYxfH/ap+ksJr/iLWwUhYp6x8/WRQ/eLWvhpbmhMmi+CBeg7TtOwAz0
YD384GYWZJACpwjHznclT+kmzl99FK1G3Gw8Nh2EtAIb9RMAh/+Hb9c3SiTjrDC2
/XnumoFKHY8AOQhOboFbwmtYeiG/nU7xlabN29aAi0QbotLlZjeOymlNRX+/PXXJ
3ZBXvSqAFzQOXihfyRdIOCOu9fpHFr9ApiwwPj5h78s9OEmOgMko2lNau8jRkf4J
GpgB5NHkGyczqWPf+xToXqNaDEKDqzPYsXyaHMeJ3siBBQQbXZo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:37:00 2025 by rpki-client