Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32342d3234203d3e2030.roa
File: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: qT95kixq0BHzFPE2vJrUyehuvucNJjXlM1DG+w9Pw6k=
Subject key identifier: 04:59:46:E5:65:5F:3D:17:2E:4F:66:65:55:83:D5:AC:FB:30:4C:2B
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 3ABDB67D1E682B3E6C2FD18579E366DF05902F08
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32342d3234203d3e2030.roa
Signing time: Mon 27 May 2024 20:11:44 +0000
ROA not before: Mon 27 May 2024 20:06:44 +0000
ROA not after: Mon 26 May 2025 20:11:44 +0000
asID: 0
IP address blocks: 185.49.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:bd:b6:7d:1e:68:2b:3e:6c:2f:d1:85:79:e3:66:df:05:90:2f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 27 20:06:44 2024 GMT
Not After : May 26 20:11:44 2025 GMT
Subject: CN=045946E5655F3D172E4F66655583D5ACFB304C2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8d:36:6c:24:10:f5:00:e7:f4:49:63:ca:71:
d0:5b:fb:0a:df:d6:90:96:66:d3:1a:e1:a9:35:e9:
3a:1c:37:41:5b:88:ea:b1:e7:40:25:1f:c2:ab:e4:
db:1e:01:e8:24:99:9d:17:0d:6a:68:28:81:96:32:
dc:a6:47:a1:5d:d7:d6:0f:94:a7:3d:0e:43:01:ce:
2d:d9:a5:b9:85:a9:c2:77:ca:d3:88:6c:b4:54:6e:
07:4a:e6:02:23:34:9b:ea:45:aa:2a:ba:e6:0e:3b:
ad:63:8a:2b:58:86:5c:e1:e5:c4:4a:71:77:a5:b3:
f7:e6:75:d5:40:7d:31:5b:2a:7d:45:58:f5:c9:9b:
38:c8:b1:00:36:ba:15:40:1c:ba:5d:a8:1a:5e:f5:
6c:b4:d1:96:68:58:6c:37:4f:24:39:c0:33:e7:7d:
de:13:91:02:da:9e:c3:3f:1b:7b:8f:bd:1b:52:71:
08:3e:75:f9:93:a8:48:ca:04:02:f3:78:dc:4b:56:
f0:67:2a:81:9d:c0:72:1f:e5:6b:2c:b0:76:d5:e4:
dc:f0:f1:0b:02:2c:1c:89:0d:de:c9:e8:2e:04:90:
5d:77:b5:14:56:25:ff:d5:56:c9:2e:3c:16:b3:36:
46:1c:cd:21:f1:c5:c0:92:fc:53:e0:b1:b5:46:b0:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:59:46:E5:65:5F:3D:17:2E:4F:66:65:55:83:D5:AC:FB:30:4C:2B
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134322e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.142.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d2:9f:53:3a:06:ee:bf:9f:e2:47:61:8b:86:3a:45:a4:f8:
41:63:aa:f9:a9:e5:47:cc:1b:1b:66:20:1e:27:72:c5:d9:18:
22:a3:db:91:11:c8:20:f3:29:79:76:92:31:74:dd:45:78:e1:
0f:79:93:e9:ec:ab:9b:9f:b7:d6:c8:e0:dc:ee:9e:87:28:3c:
c5:30:ee:21:61:e3:b5:b6:ff:f2:7c:f7:2f:ca:7e:0f:19:33:
94:a4:d7:45:bf:cd:80:f8:0b:b8:91:6a:04:b9:97:5b:42:99:
79:ba:ad:e9:31:49:32:3b:66:0a:ef:11:28:e1:b4:5a:bc:2d:
fe:77:1e:20:09:46:f2:84:dd:ea:e3:c3:ca:1e:6b:3a:48:51:
c4:ff:4a:bb:e7:7f:1d:59:a2:76:9c:af:59:13:f1:cc:d6:fa:
34:1b:4d:83:e7:9d:7e:69:86:23:7b:4f:bc:38:bd:1a:85:00:
9a:5f:03:0a:d6:9c:60:31:e7:0f:01:fd:03:f9:ce:54:16:26:
8a:83:6f:7b:df:7a:31:16:d8:fc:2d:7e:dc:ca:5f:e5:fd:fb:
fd:22:e5:45:2f:77:40:c6:e5:cd:89:85:fa:5f:35:86:f4:28:
e0:78:ac:64:53:52:1f:9d:61:fd:d7:f9:73:5b:fb:b2:f1:c1:
f7:69:8e:23
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUOr22fR5oKz5sL9GFeeNm3wWQLwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDRaFw0yNTA1MjYyMDExNDRaMDMxMTAvBgNV
BAMTKDA0NTk0NkU1NjU1RjNEMTcyRTRGNjY2NTU1ODNENUFDRkIzMDRDMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSjTZsJBD1AOf0SWPKcdBb+wrf
1pCWZtMa4ak16TocN0FbiOqx50AlH8Kr5NseAegkmZ0XDWpoKIGWMtymR6Fd19YP
lKc9DkMBzi3ZpbmFqcJ3ytOIbLRUbgdK5gIjNJvqRaoquuYOO61jiitYhlzh5cRK
cXels/fmddVAfTFbKn1FWPXJmzjIsQA2uhVAHLpdqBpe9Wy00ZZoWGw3TyQ5wDPn
fd4TkQLansM/G3uPvRtScQg+dfmTqEjKBALzeNxLVvBnKoGdwHIf5WsssHbV5Nzw
8QsCLByJDd7J6C4EkF13tRRWJf/VVskuPBazNkYczSHxxcCS/FPgsbVGsFLNAgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUBFlG5WVfPRcuT2ZlVYPVrPswTCswHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB5BggrBgEFBQcBCwRtMGswaQYIKwYBBQUHMAuGXXJzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMTM4MzUyZTM0Mzky
ZTMxMzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTGO
MA0GCSqGSIb3DQEBCwUAA4IBAQBH0p9TOgbuv5/iR2GLhjpFpPhBY6r5qeVHzBsb
ZiAeJ3LF2Rgio9uREcgg8yl5dpIxdN1FeOEPeZPp7Kubn7fWyODc7p6HKDzFMO4h
YeO1tv/yfPcvyn4PGTOUpNdFv82A+Au4kWoEuZdbQpl5uq3pMUkyO2YK7xEo4bRa
vC3+dx4gCUbyhN3q48PKHms6SFHE/0q7538dWaJ2nK9ZE/HM1vo0G02D551+aYYj
e0+8OL0ahQCaXwMK1pxgMecPAf0D+c5UFiaKg29733oxFtj8LX7cyl/l/fv9IuVF
L3dAxuXNiYX6XzWG9CjgeKxkU1IfnWH91/lzW/uy8cH3aY4j
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org