Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e203136353039.roa
File: 326130343a623930373a3a2f34372d3437203d3e203136353039.roa (raw, json)
Hash identifier: X5Vd4PgKSJhq31I4o94SZhsRG5hpKGngX3ZTaEjTJi8=
Subject key identifier: DC:23:B4:81:6E:3B:F1:A2:03:8D:75:76:BF:47:B8:28:7E:4E:40:DB
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 5551C25BEDBF54A67FF8125E1A608C76AF14EF7F
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e203136353039.roa
Signing time: Mon 26 Jun 2023 19:47:00 +0000
ROA not before: Mon 26 Jun 2023 19:42:00 +0000
ROA not after: Mon 24 Jun 2024 19:47:00 +0000
asID: 16509
IP address blocks: 2a04:b907::/47 maxlen: 47
Validation: Failed, certificate revoked on Wed 13 Dec 2023 10:40:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:51:c2:5b:ed:bf:54:a6:7f:f8:12:5e:1a:60:8c:76:af:14:ef:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:00 2023 GMT
Not After : Jun 24 19:47:00 2024 GMT
Subject: CN=DC23B4816E3BF1A2038D7576BF47B8287E4E40DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:01:b1:15:12:39:04:37:46:4a:27:5f:b4:31:
ed:ed:b5:b2:d5:68:2a:5b:c2:df:40:5e:26:52:15:
b6:9b:b4:33:75:fa:87:2a:9e:07:97:cc:66:7c:14:
00:41:4d:19:de:d6:47:b9:25:26:1c:38:01:c2:f6:
8f:50:12:d2:fb:8b:fb:7a:8f:ed:c3:97:fc:e3:11:
f0:c1:0d:eb:8e:65:d6:8f:b3:ca:b7:ea:c6:57:cb:
3a:23:03:97:e4:47:e2:68:a7:b9:cd:1b:a3:40:f6:
c0:c2:bf:18:60:cc:24:a7:98:13:a0:cd:bb:c9:7d:
29:d1:77:08:f3:4f:2b:34:11:18:a7:97:b3:f7:34:
9b:66:f3:fe:1d:4a:f8:7f:c1:57:de:9f:43:6e:5e:
d2:f4:02:2b:7b:ab:25:06:cd:db:8b:3c:77:fd:f9:
f7:59:81:62:3f:89:fc:23:a0:99:16:52:d9:e2:84:
07:c6:5e:8b:c8:37:b5:e9:8c:0a:3b:78:09:ba:a5:
93:ea:88:8b:6d:03:40:a4:1f:38:a7:55:c9:a6:12:
83:7f:40:ae:a0:df:d6:b5:4f:23:4a:5d:17:30:b9:
78:b0:32:c7:dc:84:52:9c:12:7a:57:80:50:59:8c:
03:3e:7a:18:8c:27:34:d6:db:a6:14:f7:b5:09:f0:
be:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:B4:81:6E:3B:F1:A2:03:8D:75:76:BF:47:B8:28:7E:4E:40:DB
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b907::/47
Signature Algorithm: sha256WithRSAEncryption
49:5d:77:c7:90:f7:7f:1c:32:f5:df:f3:bc:57:82:02:3e:b9:
66:b2:64:20:cd:fa:3e:08:41:7c:c2:df:d6:de:ee:9b:fc:dc:
05:78:0a:87:5d:6c:9d:fa:6c:36:9c:68:a0:12:99:16:59:75:
31:a7:ed:0a:7b:c1:80:fc:34:ab:ff:4b:a4:c0:28:48:87:9c:
ca:1b:94:4c:8c:49:ea:36:72:34:f7:4b:5b:2f:c6:fd:c3:84:
84:88:68:42:92:d2:fc:66:82:1d:85:32:8b:19:d8:c5:c0:5e:
c3:a2:1f:a5:57:d9:5e:9a:e8:4f:c4:05:1b:56:6f:0a:a2:72:
23:be:da:03:da:76:9b:86:03:22:d1:d1:cc:00:9f:fb:0e:7e:
c0:24:30:0a:39:fa:7d:0d:fb:91:bb:0e:4f:da:6c:f8:e1:93:
9c:90:5e:60:b8:6a:6a:d2:1e:b0:9c:ff:b9:58:bc:fc:49:5a:
1b:82:72:94:a6:bb:dd:6c:a4:67:d9:18:36:f6:a7:c3:8b:2c:
c8:fb:37:78:ce:df:11:ef:20:84:97:b8:dc:c3:6a:5d:76:02:
0e:b1:44:02:37:25:04:04:67:53:6c:2f:97:e3:9c:b4:ed:47:
90:a2:b6:f7:f3:c4:a9:15:7c:5d:0c:99:98:41:88:cb:b1:fb:
00:33:ae:4d
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUVVHCW+2/VKZ/+BJeGmCMdq8U738wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDBaFw0yNDA2MjQxOTQ3MDBaMDMxMTAvBgNV
BAMTKERDMjNCNDgxNkUzQkYxQTIwMzhENzU3NkJGNDdCODI4N0U0RTQwREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIAbEVEjkEN0ZKJ1+0Me3ttbLV
aCpbwt9AXiZSFbabtDN1+ocqngeXzGZ8FABBTRne1ke5JSYcOAHC9o9QEtL7i/t6
j+3Dl/zjEfDBDeuOZdaPs8q36sZXyzojA5fkR+Jop7nNG6NA9sDCvxhgzCSnmBOg
zbvJfSnRdwjzTys0ERinl7P3NJtm8/4dSvh/wVfen0NuXtL0Ait7qyUGzduLPHf9
+fdZgWI/ifwjoJkWUtnihAfGXovIN7XpjAo7eAm6pZPqiIttA0CkHzinVcmmEoN/
QK6g39a1TyNKXRcwuXiwMsfchFKcEnpXgFBZjAM+ehiMJzTW26YU97UJ8L7BAgMB
AAGjggHjMIIB3zAdBgNVHQ4EFgQU3CO0gW478aIDjXV2v0e4KH5OQNswHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzczYTNhMmYzNDM3MmQzNDM3MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcBKgS5BwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBJXXfHkPd/HDL13/O8V4ICPrlm
smQgzfo+CEF8wt/W3u6b/NwFeAqHXWyd+mw2nGigEpkWWXUxp+0Ke8GA/DSr/0uk
wChIh5zKG5RMjEnqNnI090tbL8b9w4SEiGhCktL8ZoIdhTKLGdjFwF7Doh+lV9le
muhPxAUbVm8KonIjvtoD2nabhgMi0dHMAJ/7Dn7AJDAKOfp9DfuRuw5P2mz44ZOc
kF5guGpq0h6wnP+5WLz8SVobgnKUprvdbKRn2Rg29qfDiyzI+zd4zt8R7yCEl7jc
w2pddgIOsUQCNyUEBGdTbC+X45y07UeQorb388SpFXxdDJmYQYjLsfsAM65N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org