Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32342d3234203d3e2030.roa
File: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: gYJkyFEkIktyZ+ka0t8u++fV/z0PpJWYOpv24NWJTdo=
Subject key identifier: 2E:85:6B:56:9B:FB:75:2C:25:B4:0A:46:95:8C:92:9A:15:4E:C6:B6
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 2946B7A2958A4337DAF3E27CF796C40A25FC80A4
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32342d3234203d3e2030.roa
Signing time: Mon 26 Jun 2023 19:47:00 +0000
ROA not before: Mon 26 Jun 2023 19:42:00 +0000
ROA not after: Mon 24 Jun 2024 19:47:00 +0000
asID: 0
IP address blocks: 185.49.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:46:b7:a2:95:8a:43:37:da:f3:e2:7c:f7:96:c4:0a:25:fc:80:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:00 2023 GMT
Not After : Jun 24 19:47:00 2024 GMT
Subject: CN=2E856B569BFB752C25B40A46958C929A154EC6B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f2:75:af:00:e7:94:7e:cd:c2:7e:72:b3:ac:
e1:4f:3f:ac:e9:21:d6:6d:96:c1:84:07:0c:f2:22:
3d:7d:ed:a5:31:f1:3e:90:2e:f2:c7:81:69:d9:22:
80:25:76:76:d4:82:eb:9c:be:bc:b8:c9:81:0d:ca:
5c:5f:44:98:38:1f:cf:25:47:88:00:f4:fa:d2:24:
4e:37:96:79:62:8c:26:4f:4c:b2:d3:70:fd:81:6c:
ee:69:87:74:b3:7e:5c:15:1d:80:1a:0a:57:a3:cb:
31:5a:14:b2:4f:2f:90:82:1e:93:c6:30:25:b5:f2:
21:b3:f0:da:50:33:91:ca:d9:a1:4e:5d:96:2d:31:
11:b0:6a:68:24:d5:20:5f:9a:61:26:c4:2a:04:a0:
5b:69:a2:09:45:82:ac:20:27:f6:eb:3b:e2:3d:87:
32:06:34:9a:0f:af:85:9e:e6:0a:7b:92:e1:00:8a:
f1:0c:a6:0d:89:3e:f4:c2:f8:3e:2f:43:42:0a:18:
8e:81:ff:08:08:de:5e:53:81:29:d3:cc:16:ff:41:
1e:3c:f5:f6:45:3b:e0:c2:aa:0d:44:bb:11:1c:fc:
1f:35:1d:82:2e:da:e9:c9:32:6c:01:9e:e9:33:73:
22:54:ff:49:44:32:21:8c:b8:1f:80:10:2e:17:73:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:85:6B:56:9B:FB:75:2C:25:B4:0A:46:95:8C:92:9A:15:4E:C6:B6
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.142.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:e8:e6:32:90:4d:86:34:53:95:ef:c2:d3:30:37:d7:fc:04:
33:a4:75:ee:27:e8:ab:df:fb:7a:c3:e0:7e:a7:0f:a3:01:0b:
24:fe:de:d6:b0:cb:91:ca:bd:db:64:51:a4:50:ef:96:66:1f:
c6:fa:08:df:d0:95:54:c4:c9:46:e7:03:b3:ca:23:6c:84:bf:
86:7c:2e:a3:ed:fa:b5:1a:d7:37:fd:fa:cb:03:7c:41:9d:28:
e6:38:4a:f6:0c:b3:58:41:87:e7:f8:53:ab:08:b5:58:ee:03:
46:f6:d9:ea:6a:03:c5:02:cf:0a:30:6b:9b:65:37:2b:60:e5:
ea:8e:a3:61:0b:13:55:2d:37:7d:19:77:d8:c2:50:6e:45:13:
e1:eb:7f:63:8a:a8:8b:9a:a8:67:8a:77:0b:32:c2:b8:39:8c:
d2:f6:fd:9b:f8:41:a3:77:23:f0:e3:d1:ef:81:5c:e3:51:b5:
4d:f7:9a:99:3f:06:3b:4d:8f:f4:9f:26:22:ac:40:d5:ef:8b:
92:fb:1d:9a:27:db:bb:ec:79:08:18:9f:94:95:0d:71:08:3c:
1e:6a:26:e5:37:a9:73:70:ce:ed:b7:71:14:00:5c:a8:3f:53:
b9:6c:25:f3:6b:c2:55:74:7f:60:53:df:3c:ba:e3:52:d0:1f:
f7:0a:d3:74
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUKUa3opWKQzfa8+J895bECiX8gKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDBaFw0yNDA2MjQxOTQ3MDBaMDMxMTAvBgNV
BAMTKDJFODU2QjU2OUJGQjc1MkMyNUI0MEE0Njk1OEM5MjlBMTU0RUM2QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC18nWvAOeUfs3CfnKzrOFPP6zp
IdZtlsGEBwzyIj197aUx8T6QLvLHgWnZIoAldnbUguucvry4yYENylxfRJg4H88l
R4gA9PrSJE43lnlijCZPTLLTcP2BbO5ph3SzflwVHYAaClejyzFaFLJPL5CCHpPG
MCW18iGz8NpQM5HK2aFOXZYtMRGwamgk1SBfmmEmxCoEoFtpoglFgqwgJ/brO+I9
hzIGNJoPr4We5gp7kuEAivEMpg2JPvTC+D4vQ0IKGI6B/wgI3l5TgSnTzBb/QR48
9fZFO+DCqg1EuxEc/B81HYIu2unJMmwBnukzcyJU/0lEMiGMuB+AEC4Xc4bHAgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQULoVrVpv7dSwltApGlYySmhVOxrYwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB5BggrBgEFBQcBCwRtMGswaQYIKwYBBQUHMAuGXXJzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMTM4MzUyZTM0Mzky
ZTMxMzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTGO
MA0GCSqGSIb3DQEBCwUAA4IBAQAe6OYykE2GNFOV78LTMDfX/AQzpHXuJ+ir3/t6
w+B+pw+jAQsk/t7WsMuRyr3bZFGkUO+WZh/G+gjf0JVUxMlG5wOzyiNshL+GfC6j
7fq1Gtc3/frLA3xBnSjmOEr2DLNYQYfn+FOrCLVY7gNG9tnqagPFAs8KMGubZTcr
YOXqjqNhCxNVLTd9GXfYwlBuRRPh639jiqiLmqhnincLMsK4OYzS9v2b+EGjdyPw
49HvgVzjUbVN95qZPwY7TY/0nyYirEDV74uS+x2aJ9u77HkIGJ+UlQ1xCDweaibl
N6lzcM7tt3EUAFyoP1O5bCXza8JVdH9gU988uuNS0B/3CtN0
-----END CERTIFICATE-----
Generated at Fri Apr 19 15:26:17 2024 by rpki-client on console-ams.rpki-client.org