Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f33322d3438203d3e20323131333231.roa
File: 326130343a623930353a3a2f33322d3438203d3e20323131333231.roa (raw, json)
Hash identifier: t7KsY4r5DiLXCmW6dnW9/F2X4Y0Nte7Hj5+nxkFHvco=
Subject key identifier: 7C:6D:AD:C7:38:A3:46:A2:A1:76:1A:8D:9E:7F:DE:21:00:D4:7A:86
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 1958BB685379167AB878B401EAF699430B034BED
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f33322d3438203d3e20323131333231.roa
Signing time: Sat 20 May 2023 10:15:35 +0000
ROA not before: Sat 20 May 2023 10:10:35 +0000
ROA not after: Sat 18 May 2024 10:15:35 +0000
asID: 211321
IP address blocks: 2a04:b905::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:58:bb:68:53:79:16:7a:b8:78:b4:01:ea:f6:99:43:0b:03:4b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 20 10:10:35 2023 GMT
Not After : May 18 10:15:35 2024 GMT
Subject: CN=7C6DADC738A346A2A1761A8D9E7FDE2100D47A86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fb:b8:aa:0e:03:30:24:98:81:f7:a7:96:75:
be:1d:ca:f9:ac:bd:58:38:3d:6f:06:f8:0a:58:7b:
75:01:30:8b:51:57:0a:a9:2d:c4:b1:c2:ba:fe:60:
66:42:21:49:52:e6:8c:7c:d2:a5:aa:db:9f:5d:40:
1e:46:cb:83:12:c8:ad:d6:46:93:13:b5:0c:14:aa:
53:83:a0:da:8b:87:96:cf:24:8f:de:08:bd:24:25:
4b:05:45:73:a6:4e:b5:7f:91:45:89:f3:99:d9:31:
fd:19:97:04:82:c0:48:57:6d:b4:e7:8b:ab:0e:f5:
63:dc:c6:cc:78:db:6a:0d:d1:04:03:6a:d1:ee:7b:
ae:e5:4a:ec:e9:ce:8c:f7:e9:8e:ff:70:6f:24:73:
90:9e:91:f1:1b:75:1a:8d:be:ac:27:ca:9d:c6:78:
54:33:b6:e2:28:58:d8:95:e3:36:34:90:27:dd:17:
7f:d0:0e:52:99:79:a5:48:98:ff:7d:9e:43:20:d8:
d2:76:5c:61:3d:ef:f8:67:b2:fa:c3:46:9c:e2:fe:
f0:27:7a:5a:c4:66:83:33:b3:3c:45:44:85:2c:29:
8f:57:56:14:8d:5c:cb:f6:bb:66:c8:1c:dc:5c:db:
69:98:68:fd:ce:d2:3a:16:5c:0d:6d:54:69:fb:69:
b5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6D:AD:C7:38:A3:46:A2:A1:76:1A:8D:9E:7F:DE:21:00:D4:7A:86
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f33322d3438203d3e20323131333231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b905::/32
Signature Algorithm: sha256WithRSAEncryption
4f:c9:6e:ab:fa:fa:1f:e9:88:e4:93:ad:be:43:09:51:f6:ad:
b9:46:03:90:2d:a1:9b:7d:6d:79:b3:f5:a3:a7:6d:74:d9:05:
46:8f:96:8f:be:60:e4:a2:cd:ec:5c:e9:33:29:ae:ef:c2:2c:
ec:ef:c2:83:9b:79:19:20:68:86:cc:67:c8:8c:1f:71:93:f5:
f3:e3:04:27:cb:db:8b:26:d7:37:6e:08:fc:a6:f9:e1:4a:b7:
af:5e:3a:16:34:41:a0:22:2a:11:2e:50:78:df:57:a2:71:b4:
4a:c5:af:c5:21:91:2d:d2:af:83:f1:19:f0:21:a4:99:83:de:
e8:b5:8c:8f:50:b3:e6:4a:31:9f:be:44:f6:06:0c:86:b9:88:
d3:a9:a5:eb:e6:c5:c0:d8:95:cd:43:e2:a6:7c:1f:e6:91:bb:
16:22:59:b4:c6:c8:c3:54:3b:39:1c:91:68:41:3a:02:f1:f5:
1e:49:58:c1:02:b1:49:61:d9:50:94:7c:6f:4c:0a:9f:41:d5:
03:17:1d:a3:43:57:2b:da:f1:1f:cc:13:31:4b:db:06:e9:a1:
03:f4:56:41:88:7c:0f:bd:c0:87:2b:80:c2:1d:98:09:c5:4a:
38:0a:36:e6:ae:1a:b0:9f:d3:29:0d:b8:c6:a3:9c:ed:eb:12:
e3:b2:08:c1
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgIUGVi7aFN5Fnq4eLQB6vaZQwsDS+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA1MjAxMDEwMzVaFw0yNDA1MTgxMDE1MzVaMDMxMTAvBgNV
BAMTKDdDNkRBREM3MzhBMzQ2QTJBMTc2MUE4RDlFN0ZERTIxMDBENDdBODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr+7iqDgMwJJiB96eWdb4dyvms
vVg4PW8G+ApYe3UBMItRVwqpLcSxwrr+YGZCIUlS5ox80qWq259dQB5Gy4MSyK3W
RpMTtQwUqlODoNqLh5bPJI/eCL0kJUsFRXOmTrV/kUWJ85nZMf0ZlwSCwEhXbbTn
i6sO9WPcxsx422oN0QQDatHue67lSuzpzoz36Y7/cG8kc5CekfEbdRqNvqwnyp3G
eFQztuIoWNiV4zY0kCfdF3/QDlKZeaVImP99nkMg2NJ2XGE97/hnsvrDRpzi/vAn
elrEZoMzszxFRIUsKY9XVhSNXMv2u2bIHNxc22mYaP3O0joWXA1tVGn7abV5AgMB
AAGjggHkMIIB4DAdBgNVHQ4EFgQUfG2txzijRqKhdhqNnn/eIQDUeoYwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBgQYIKwYBBQUHAQsEdTBzMHEGCCsGAQUFBzALhmVyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzI2MTMwMzQzYTYy
MzkzMDM1M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMTMxMzMzMjMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIA
AjAHAwUAKgS5BTANBgkqhkiG9w0BAQsFAAOCAQEAT8luq/r6H+mI5JOtvkMJUfat
uUYDkC2hm31tebP1o6dtdNkFRo+Wj75g5KLN7FzpMymu78Is7O/Cg5t5GSBohsxn
yIwfcZP18+MEJ8vbiybXN24I/Kb54Uq3r146FjRBoCIqES5QeN9XonG0SsWvxSGR
LdKvg/EZ8CGkmYPe6LWMj1Cz5koxn75E9gYMhrmI06ml6+bFwNiVzUPipnwf5pG7
FiJZtMbIw1Q7ORyRaEE6AvH1HklYwQKxSWHZUJR8b0wKn0HVAxcdo0NXK9rxH8wT
MUvbBumhA/RWQYh8D73AhyuAwh2YCcVKOAo25q4asJ/TKQ24xqOc7esS47IIwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org