Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa
File: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (raw, json)
Hash identifier: auI7NEM+b0zH6+8nB0D7iSPuPK+dV5P8t5Tp8zAnI1s=
Subject key identifier: 2C:66:3B:C4:3C:2A:7E:49:F3:EE:32:D8:60:02:F6:A3:A6:74:44:38
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 1D994A21E600D1F5818592594D7E27144F9124C4
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa
Signing time: Mon 27 May 2024 20:11:44 +0000
ROA not before: Mon 27 May 2024 20:06:44 +0000
ROA not after: Mon 26 May 2025 20:11:44 +0000
asID: 211321
IP address blocks: 185.49.142.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:99:4a:21:e6:00:d1:f5:81:85:92:59:4d:7e:27:14:4f:91:24:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 27 20:06:44 2024 GMT
Not After : May 26 20:11:44 2025 GMT
Subject: CN=2C663BC43C2A7E49F3EE32D86002F6A3A6744438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:aa:91:e3:e2:6b:d5:9b:c7:3a:aa:03:ef:29:
9e:a9:8d:bf:78:3c:56:ec:47:dc:8e:62:5c:ad:f2:
48:e0:c9:b9:18:e6:49:89:b7:5b:a1:85:7c:12:93:
25:2c:df:23:b3:88:67:ee:ef:af:99:c1:f5:a6:6d:
6b:4e:d6:30:4b:9b:21:60:4c:f9:b8:07:f5:00:e1:
c4:37:06:67:46:27:d0:e6:eb:d3:93:17:6e:95:2b:
81:c8:38:1b:ed:84:eb:59:e3:2c:28:b6:22:69:6b:
19:95:0d:03:5e:13:ef:1e:ae:9a:10:37:d2:c6:b7:
35:43:d0:4d:74:a5:7b:eb:97:00:90:74:92:cd:9d:
ef:bb:2d:e2:ed:12:85:fc:19:77:66:4e:67:a2:63:
1c:0c:a1:a9:c8:60:79:30:98:d3:d3:15:c5:3a:dc:
61:5d:db:6d:df:66:b3:d0:87:dd:de:b0:9c:ab:e3:
f8:ff:11:86:0a:0c:a9:bc:0c:9f:8f:0c:58:9c:e9:
5c:65:6d:8a:50:06:2e:55:3e:69:cd:06:3a:86:7b:
ca:9d:5b:3f:71:de:2d:07:e3:38:78:57:62:48:ec:
9e:d3:17:a0:55:80:f7:7b:2b:fc:63:51:d0:7b:47:
31:fa:08:3b:b3:0c:aa:e9:6c:45:eb:52:7b:bf:35:
56:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:66:3B:C4:3C:2A:7E:49:F3:EE:32:D8:60:02:F6:A3:A6:74:44:38
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.142.0/23
Signature Algorithm: sha256WithRSAEncryption
82:d2:06:47:c9:5c:3d:c1:d1:be:1b:cd:e0:36:84:de:2e:ce:
3e:7f:2b:0e:68:a3:21:b2:42:d4:67:42:aa:0d:a1:4d:30:44:
3e:45:1c:d3:0c:88:a7:ff:ad:a0:e0:23:cc:af:79:ba:b5:72:
ed:32:6e:42:13:24:45:22:e9:f6:8b:79:99:2e:de:24:c4:63:
cb:47:4b:0f:70:41:f7:47:35:2d:7b:63:bc:c0:6c:cd:94:d1:
4e:35:d3:a9:33:90:50:45:0b:a1:f6:a6:04:e7:86:3a:a6:5a:
b7:cf:f0:64:a5:d8:3d:cd:fa:d7:d0:64:f7:b8:cb:d8:0f:06:
b1:1f:af:5a:73:c6:6e:20:bd:45:5a:57:fb:79:6c:80:20:91:
81:50:31:b1:6a:e7:e9:f2:0f:4d:d1:31:eb:90:c6:8a:9d:a2:
8e:9a:7c:2b:f4:9e:c8:ae:5d:69:2e:01:39:14:17:76:a9:eb:
a6:21:b0:20:9c:17:96:0c:68:59:b6:42:5a:90:f5:0a:4e:15:
c6:2f:8c:66:57:e7:d4:8a:c9:23:bf:26:19:e2:90:49:74:37:
a8:be:45:15:ba:97:91:09:22:dd:3b:4f:fe:36:be:62:59:4a:
0a:1c:d5:64:42:db:56:cd:8d:b7:52:7a:2b:87:b5:71:9c:d6:
58:e4:99:48
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgIUHZlKIeYA0fWBhZJZTX4nFE+RJMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDRaFw0yNTA1MjYyMDExNDRaMDMxMTAvBgNV
BAMTKDJDNjYzQkM0M0MyQTdFNDlGM0VFMzJEODYwMDJGNkEzQTY3NDQ0MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYqpHj4mvVm8c6qgPvKZ6pjb94
PFbsR9yOYlyt8kjgybkY5kmJt1uhhXwSkyUs3yOziGfu76+ZwfWmbWtO1jBLmyFg
TPm4B/UA4cQ3BmdGJ9Dm69OTF26VK4HIOBvthOtZ4ywotiJpaxmVDQNeE+8erpoQ
N9LGtzVD0E10pXvrlwCQdJLNne+7LeLtEoX8GXdmTmeiYxwMoanIYHkwmNPTFcU6
3GFd223fZrPQh93esJyr4/j/EYYKDKm8DJ+PDFic6VxlbYpQBi5VPmnNBjqGe8qd
Wz9x3i0H4zh4V2JI7J7TF6BVgPd7K/xjUdB7RzH6CDuzDKrpbEXrUnu/NVZhAgMB
AAGjggHlMIIB4TAdBgNVHQ4EFgQULGY7xDwqfknz7jLYYAL2o6Z0RDgwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBgwYIKwYBBQUHAQsEdzB1MHMGCCsGAQUFBzALhmdyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzEzODM1MmUzNDM5
MmUzMTM0MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMxMzEzMzMyMzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAG5MY4wDQYJKoZIhvcNAQELBQADggEBAILSBkfJXD3B0b4bzeA2hN4u
zj5/Kw5ooyGyQtRnQqoNoU0wRD5FHNMMiKf/raDgI8yvebq1cu0ybkITJEUi6faL
eZku3iTEY8tHSw9wQfdHNS17Y7zAbM2U0U4106kzkFBFC6H2pgTnhjqmWrfP8GSl
2D3N+tfQZPe4y9gPBrEfr1pzxm4gvUVaV/t5bIAgkYFQMbFq5+nyD03RMeuQxoqd
oo6afCv0nsiuXWkuATkUF3ap66YhsCCcF5YMaFm2QlqQ9QpOFcYvjGZX59SKySO/
JhnikEl0N6i+RRW6l5EJIt07T/42vmJZSgoc1WRC21bNjbdSeiuHtXGc1ljkmUg=
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org