Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134302e302f32332d3233203d3e2038353837.roa
File: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (raw, json)
Hash identifier: AC09WpnaKzfgsS/xkiNmmFdsgbwHvAbjA5XSHYZbi88=
Subject key identifier: D1:7E:5F:B1:0D:18:68:DA:EF:75:AF:57:C1:9E:F3:A2:E8:0E:45:F5
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 21CEF48596F009D9147E5DCA74E03046C9FA28B4
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134302e302f32332d3233203d3e2038353837.roa
Signing time: Mon 27 May 2024 20:11:45 +0000
ROA not before: Mon 27 May 2024 20:06:45 +0000
ROA not after: Mon 26 May 2025 20:11:45 +0000
asID: 8587
IP address blocks: 185.49.140.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:ce:f4:85:96:f0:09:d9:14:7e:5d:ca:74:e0:30:46:c9:fa:28:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 27 20:06:45 2024 GMT
Not After : May 26 20:11:45 2025 GMT
Subject: CN=D17E5FB10D1868DAEF75AF57C19EF3A2E80E45F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:57:ca:9a:cb:ed:c8:d7:49:9f:cd:b5:80:6d:
80:5d:af:06:71:2d:2a:6d:5f:5d:69:e8:b2:d0:15:
7b:89:ef:e0:50:ca:44:dc:be:fd:74:30:d7:1d:87:
db:01:43:14:0b:b4:70:78:14:c7:ca:bc:cd:ba:a2:
d8:c6:76:04:47:30:f8:43:2a:b5:47:32:f3:9e:49:
28:b7:ac:b9:03:ee:8d:44:87:07:03:78:72:81:01:
b4:a5:5c:55:8c:e7:2d:67:a6:20:94:ea:6e:10:48:
69:18:c1:25:5a:df:b0:65:41:5a:04:dc:0c:2f:8b:
86:65:1d:64:32:f9:81:29:ab:a8:30:ec:66:00:34:
d7:36:7a:4f:c5:17:4a:96:68:b2:6a:d2:ff:05:2e:
c4:31:80:43:26:da:cc:2a:87:45:87:94:5a:6f:93:
ac:9f:b5:04:3f:53:b3:07:b9:c9:8d:78:fc:91:85:
9b:83:0d:e7:a0:ae:70:3e:da:d8:fa:d8:94:be:93:
10:fe:1a:d5:c9:be:7f:b3:90:95:91:95:17:3b:54:
8b:ef:91:9d:6a:f3:0d:32:3b:22:4d:a2:03:3b:56:
57:e5:2f:b0:18:51:66:96:56:4f:a3:b2:a3:36:22:
a9:08:97:f4:e1:11:cb:a8:d8:c9:b9:25:c0:dc:f5:
57:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7E:5F:B1:0D:18:68:DA:EF:75:AF:57:C1:9E:F3:A2:E8:0E:45:F5
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134302e302f32332d3233203d3e2038353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.140.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:9f:b1:81:58:93:89:6e:c0:1f:63:ae:9c:e9:d5:85:82:c3:
55:74:ca:d1:a3:d9:78:8b:83:c8:bf:2a:87:f5:63:e7:16:9f:
26:d8:28:45:40:61:be:37:c8:45:1e:95:2a:c3:0f:f1:c7:a2:
51:0c:4e:9d:ea:34:5d:4b:2a:29:44:63:56:a5:8e:14:91:f2:
38:69:12:9a:dd:06:0b:2d:de:ee:b2:ab:78:97:01:cc:54:7c:
90:e3:7c:29:dc:0a:03:5f:da:61:8a:be:8f:fb:87:f5:8d:85:
e9:e0:a7:51:f6:d1:eb:ca:64:85:47:f9:ce:73:44:88:bb:92:
95:cc:45:55:28:0e:61:b4:15:69:9a:14:80:43:e9:e4:17:8f:
5e:79:db:28:1a:61:77:a1:cd:01:75:d2:ce:58:4b:49:4f:0f:
2b:78:a1:33:2f:3e:f9:c9:b5:e2:b5:31:db:7d:66:52:b8:03:
49:92:60:5d:d9:92:d3:de:ff:74:71:85:c4:31:f1:f8:84:d3:
0c:96:13:b6:0c:8f:74:99:b4:70:29:49:12:36:9d:3c:1f:a8:
20:2f:ae:c7:11:45:57:c6:b2:23:c1:e3:e8:0e:03:96:8b:26:
10:5d:8d:02:48:69:c2:32:a7:e3:09:a8:d9:a9:2e:1e:72:b5:
fb:ff:bc:c3
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIUIc70hZbwCdkUfl3KdOAwRsn6KLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDVaFw0yNTA1MjYyMDExNDVaMDMxMTAvBgNV
BAMTKEQxN0U1RkIxMEQxODY4REFFRjc1QUY1N0MxOUVGM0EyRTgwRTQ1RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzV8qay+3I10mfzbWAbYBdrwZx
LSptX11p6LLQFXuJ7+BQykTcvv10MNcdh9sBQxQLtHB4FMfKvM26otjGdgRHMPhD
KrVHMvOeSSi3rLkD7o1EhwcDeHKBAbSlXFWM5y1npiCU6m4QSGkYwSVa37BlQVoE
3Awvi4ZlHWQy+YEpq6gw7GYANNc2ek/FF0qWaLJq0v8FLsQxgEMm2swqh0WHlFpv
k6yftQQ/U7MHucmNePyRhZuDDeegrnA+2tj62JS+kxD+GtXJvn+zkJWRlRc7VIvv
kZ1q8w0yOyJNogM7VlflL7AYUWaWVk+jsqM2IqkIl/ThEcuo2Mm5JcDc9VfvAgMB
AAGjggHgMIIB3DAdBgNVHQ4EFgQU0X5fsQ0YaNrvda9XwZ7zougORfUwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMTM4MzUyZTM0Mzky
ZTMxMzQzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM4MzUzODM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBuTGMMA0GCSqGSIb3DQEBCwUAA4IBAQCtn7GBWJOJbsAfY66c6dWFgsNVdMrR
o9l4i4PIvyqH9WPnFp8m2ChFQGG+N8hFHpUqww/xx6JRDE6d6jRdSyopRGNWpY4U
kfI4aRKa3QYLLd7usqt4lwHMVHyQ43wp3AoDX9phir6P+4f1jYXp4KdR9tHrymSF
R/nOc0SIu5KVzEVVKA5htBVpmhSAQ+nkF49eedsoGmF3oc0BddLOWEtJTw8reKEz
Lz75ybXitTHbfWZSuANJkmBd2ZLT3v90cYXEMfH4hNMMlhO2DI90mbRwKUkSNp08
H6ggL67HEUVXxrIjwePoDgOWiyYQXY0CSGnCMqfjCajZqS4ecrX7/7zD
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org