Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a343a3a2f34372d3437203d3e20323131333231.roa
File: 326130343a623930373a343a3a2f34372d3437203d3e20323131333231.roa (raw, json)
Hash identifier: z3zCa0FKeTXJ9r1c3RYh4BbSHEu7VqrCUeAfxfyGtnE=
Subject key identifier: 30:6C:EB:23:B4:BB:08:B0:5F:6F:AA:7C:29:B3:31:DA:DF:EB:23:50
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 1BC7267AB53F8172A3227DA2AD922DA663B7F114
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a343a3a2f34372d3437203d3e20323131333231.roa
Signing time: Mon 26 Jun 2023 19:47:00 +0000
ROA not before: Mon 26 Jun 2023 19:42:00 +0000
ROA not after: Mon 24 Jun 2024 19:47:00 +0000
asID: 211321
IP address blocks: 2a04:b907:4::/47 maxlen: 47
Validation: Failed, certificate revoked on Wed 13 Dec 2023 10:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:c7:26:7a:b5:3f:81:72:a3:22:7d:a2:ad:92:2d:a6:63:b7:f1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:00 2023 GMT
Not After : Jun 24 19:47:00 2024 GMT
Subject: CN=306CEB23B4BB08B05F6FAA7C29B331DADFEB2350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:c8:db:b6:5b:48:e8:99:58:6c:37:d2:39:
ca:20:17:68:e3:b9:7b:1c:0b:af:df:63:8b:9a:ef:
c3:d6:6e:f6:97:c7:41:da:2c:3e:ed:0f:11:b5:cc:
5f:3a:97:e7:32:3c:25:0d:63:17:c5:b4:06:de:3e:
ab:56:2d:09:bd:82:34:33:76:fc:a3:d4:88:03:05:
7b:2b:fd:7a:9b:cf:a8:be:47:0f:7b:ff:d5:e9:20:
66:16:26:33:5c:a6:86:d5:ae:50:4e:a3:e8:8e:9b:
2a:76:07:aa:15:5c:86:85:a7:4f:24:3d:4f:1b:b3:
e7:30:fc:82:73:b0:c6:44:51:28:a5:e8:08:9c:59:
be:81:95:24:90:bf:23:1e:1d:53:df:d3:14:38:bc:
3d:06:f0:2f:c9:32:b6:0d:66:7d:4d:5a:e9:66:f2:
da:1c:3e:0c:06:61:e4:18:a7:60:9b:d6:cc:fa:ae:
48:6f:99:10:cd:ae:c2:58:46:ad:b2:2a:49:ec:31:
1f:b2:3a:ab:a4:dc:5e:b1:c9:26:9d:7a:07:1c:9b:
6d:04:f3:89:ea:22:ba:41:49:fc:57:3d:c7:54:e0:
6b:0a:ff:c3:c1:f9:40:01:9a:6b:82:06:75:7e:ca:
c8:5b:3c:48:24:5d:6e:81:ae:aa:a7:3d:89:3f:d9:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6C:EB:23:B4:BB:08:B0:5F:6F:AA:7C:29:B3:31:DA:DF:EB:23:50
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a343a3a2f34372d3437203d3e20323131333231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b907:4::/47
Signature Algorithm: sha256WithRSAEncryption
1b:5b:cf:26:ba:eb:2b:48:a6:69:f0:80:eb:1c:fe:eb:b1:28:
f6:10:3b:df:c5:e8:af:b0:5b:b5:82:3a:55:4d:ff:05:65:3d:
76:e5:96:da:fc:4d:9d:2f:3b:28:4c:5d:62:d6:13:43:9e:9d:
36:6c:1d:6a:6b:19:5e:b0:64:b7:af:67:91:8c:21:57:3b:23:
64:88:a8:dc:2d:d9:62:38:99:62:ae:95:9f:70:68:21:48:c9:
4f:aa:e8:59:1a:0a:de:13:46:60:15:33:47:fe:68:91:09:62:
64:0e:28:de:2e:22:60:b6:ce:6e:33:37:e7:84:a4:f8:d8:82:
27:f3:ae:1f:25:4e:0b:53:1f:db:54:d6:aa:a5:b6:83:64:b9:
a5:f9:4d:2f:c2:5c:6e:d5:52:30:4c:a9:ac:2e:ab:e1:99:8b:
95:6b:67:65:cb:0d:4d:3b:14:ca:76:54:13:42:31:cd:af:20:
cd:29:85:9c:2e:58:f5:7e:78:d7:eb:0a:22:9e:bd:d5:45:01:
7d:ea:6b:9c:42:af:76:00:d4:1c:03:3a:86:0f:8f:85:dd:15:
0d:a7:e5:58:1a:d9:e2:a9:06:5f:e2:cb:0e:d8:78:95:46:40:
50:75:44:49:46:7c:0c:5d:85:cc:99:66:d1:0d:6a:ac:20:70:
4a:c1:56:d5
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUG8cmerU/gXKjIn2irZItpmO38RQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDBaFw0yNDA2MjQxOTQ3MDBaMDMxMTAvBgNV
BAMTKDMwNkNFQjIzQjRCQjA4QjA1RjZGQUE3QzI5QjMzMURBREZFQjIzNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6RcjbtltI6JlYbDfSOcogF2jj
uXscC6/fY4ua78PWbvaXx0HaLD7tDxG1zF86l+cyPCUNYxfFtAbePqtWLQm9gjQz
dvyj1IgDBXsr/Xqbz6i+Rw97/9XpIGYWJjNcpobVrlBOo+iOmyp2B6oVXIaFp08k
PU8bs+cw/IJzsMZEUSil6AicWb6BlSSQvyMeHVPf0xQ4vD0G8C/JMrYNZn1NWulm
8tocPgwGYeQYp2Cb1sz6rkhvmRDNrsJYRq2yKknsMR+yOquk3F6xySadegccm20E
84nqIrpBSfxXPcdU4GsK/8PB+UABmmuCBnV+yshbPEgkXW6BrqqnPYk/2RHLAgMB
AAGjggHqMIIB5jAdBgNVHQ4EFgQUMGzrI7S7CLBfb6p8KbMx2t/rI1AwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBhQYIKwYBBQUHAQsEeTB3MHUGCCsGAQUFBzALhmlyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzI2MTMwMzQzYTYy
MzkzMDM3M2EzNDNhM2EyZjM0MzcyZDM0MzcyMDNkM2UyMDMyMzEzMTMzMzIzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHASoEuQcABDANBgkqhkiG9w0BAQsFAAOCAQEAG1vPJrrrK0imafCA
6xz+67Eo9hA738Xor7BbtYI6VU3/BWU9duWW2vxNnS87KExdYtYTQ56dNmwdamsZ
XrBkt69nkYwhVzsjZIio3C3ZYjiZYq6Vn3BoIUjJT6roWRoK3hNGYBUzR/5okQli
ZA4o3i4iYLbObjM354Sk+NiCJ/OuHyVOC1Mf21TWqqW2g2S5pflNL8JcbtVSMEyp
rC6r4ZmLlWtnZcsNTTsUynZUE0Ixza8gzSmFnC5Y9X541+sKIp691UUBfeprnEKv
dgDUHAM6hg+Phd0VDaflWBrZ4qkGX+LLDth4lUZAUHVESUZ8DF2FzJlm0Q1qrCBw
SsFW1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org