Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa
File: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (raw, json)
Hash identifier: 7ElQasPNwa4SPlS9mxZKUgHISHUBRxtLfLADoy9of5M=
Subject key identifier: C5:01:A6:30:42:51:9B:06:E5:19:5A:E8:10:BF:56:E3:7E:3B:B1:71
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 38BCD8487EE8458CB9F5B404DF76E3CB4A4636AC
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa
Signing time: Sat 20 Apr 2024 10:11:40 +0000
ROA not before: Sat 20 Apr 2024 10:06:40 +0000
ROA not after: Sat 19 Apr 2025 10:11:40 +0000
asID: 211321
IP address blocks: 185.49.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 23:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:bc:d8:48:7e:e8:45:8c:b9:f5:b4:04:df:76:e3:cb:4a:46:36:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Apr 20 10:06:40 2024 GMT
Not After : Apr 19 10:11:40 2025 GMT
Subject: CN=C501A63042519B06E5195AE810BF56E37E3BB171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:88:58:2b:8e:e9:e8:91:63:2e:eb:62:07:
fd:07:dc:1e:44:83:ae:6f:c1:a2:07:e7:30:85:af:
f5:82:e2:fa:a7:ec:f8:3a:f1:04:96:33:4c:33:f4:
e8:22:59:b4:c0:e7:e8:a7:20:3a:c7:02:18:26:d0:
44:15:6a:d8:1e:20:da:88:de:51:c4:66:94:93:e3:
53:0b:17:b0:4e:d2:5d:65:c0:a8:ec:45:0c:23:39:
9c:ef:b0:10:40:75:7b:98:1d:32:d2:73:0a:7a:39:
c0:57:00:53:40:85:04:34:53:ab:f1:e4:f6:11:ac:
e2:92:71:1d:67:5b:33:34:cf:a2:50:f7:1b:b7:2a:
3f:43:41:57:07:fa:ac:26:42:da:8a:a1:36:5a:87:
08:89:4f:24:0f:20:40:53:96:97:8f:ba:6b:2d:76:
70:83:9d:71:94:78:2d:fb:e4:39:24:ef:4d:f6:b9:
ee:12:ff:dd:85:3a:c6:d0:7a:e4:b9:40:44:5c:ea:
51:94:1b:f9:9c:ad:c7:c7:0d:dd:dd:93:ed:22:89:
0c:29:cc:6d:64:b0:42:d3:94:ae:8e:c5:a3:68:67:
d0:b7:5c:97:c8:7c:53:b4:ad:a0:39:07:36:f6:b4:
6e:50:da:70:8b:fc:c4:0c:73:e7:17:f6:68:b5:d9:
a4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:01:A6:30:42:51:9B:06:E5:19:5A:E8:10:BF:56:E3:7E:3B:B1:71
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:c2:a7:d5:b5:a5:57:e8:26:a3:e2:ee:98:2a:17:2a:9e:8e:
ae:37:7b:f8:d1:fe:16:1f:ae:ec:63:d5:58:b2:78:9c:17:17:
be:54:d7:a4:66:f6:fd:21:4e:69:57:9d:de:c7:41:ba:a3:98:
ee:50:09:54:1e:2a:42:31:87:f9:9a:88:d2:ad:4c:55:d6:7a:
36:34:d0:ad:bf:00:9f:0e:d5:e6:c7:4f:38:a2:8a:8c:01:85:
9c:93:1d:ad:c3:58:33:e4:27:dc:6d:3b:c9:ee:12:88:40:3c:
58:97:43:7d:26:c5:fb:84:c1:2a:3a:8f:32:b8:2d:bd:aa:33:
a3:8f:37:50:86:aa:0f:64:f9:80:e8:5c:8a:bd:84:a1:ed:c2:
6d:30:57:ee:ee:62:32:58:63:3b:cc:2d:d0:9b:e9:75:54:fb:
f0:b7:3c:4a:f6:80:27:aa:25:4d:3c:0d:5c:ee:3b:ea:9a:c4:
68:e0:b1:39:1d:2c:2b:d5:44:8f:23:b8:58:7a:ff:75:8a:ea:
9d:ab:8f:58:93:48:9e:5f:86:19:4b:91:bf:32:7f:ed:d6:48:
ad:59:e4:fc:17:30:1a:44:d1:e6:1e:f5:59:d6:4c:ad:87:d7:
3b:1f:86:40:56:6d:df:68:6a:49:60:c0:54:8a:ec:23:87:eb:
81:eb:9d:27
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgIUOLzYSH7oRYy59bQE33bjy0pGNqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA0MjAxMDA2NDBaFw0yNTA0MTkxMDExNDBaMDMxMTAvBgNV
BAMTKEM1MDFBNjMwNDI1MTlCMDZFNTE5NUFFODEwQkY1NkUzN0UzQkIxNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCJYhYK47p6JFjLutiB/0H3B5E
g65vwaIH5zCFr/WC4vqn7Pg68QSWM0wz9OgiWbTA5+inIDrHAhgm0EQVatgeINqI
3lHEZpST41MLF7BO0l1lwKjsRQwjOZzvsBBAdXuYHTLScwp6OcBXAFNAhQQ0U6vx
5PYRrOKScR1nWzM0z6JQ9xu3Kj9DQVcH+qwmQtqKoTZahwiJTyQPIEBTlpePumst
dnCDnXGUeC375Dkk7032ue4S/92FOsbQeuS5QERc6lGUG/mcrcfHDd3dk+0iiQwp
zG1ksELTlK6OxaNoZ9C3XJfIfFO0raA5Bzb2tG5Q2nCL/MQMc+cX9mi12aT3AgMB
AAGjggHlMIIB4TAdBgNVHQ4EFgQUxQGmMEJRmwblGVroEL9W4347sXEwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBgwYIKwYBBQUHAQsEdzB1MHMGCCsGAQUFBzALhmdyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzEzODM1MmUzNDM5
MmUzMTM0MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzMzMyMzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAC5MY8wDQYJKoZIhvcNAQELBQADggEBAC/Cp9W1pVfoJqPi7pgqFyqe
jq43e/jR/hYfruxj1ViyeJwXF75U16Rm9v0hTmlXnd7HQbqjmO5QCVQeKkIxh/ma
iNKtTFXWejY00K2/AJ8O1ebHTziiiowBhZyTHa3DWDPkJ9xtO8nuEohAPFiXQ30m
xfuEwSo6jzK4Lb2qM6OPN1CGqg9k+YDoXIq9hKHtwm0wV+7uYjJYYzvMLdCb6XVU
+/C3PEr2gCeqJU08DVzuO+qaxGjgsTkdLCvVRI8juFh6/3WK6p2rj1iTSJ5fhhlL
kb8yf+3WSK1Z5PwXMBpE0eYe9VnWTK2H1zsfhkBWbd9oaklgwFSK7COH64HrnSc=
-----END CERTIFICATE-----
Generated at Sat May 18 04:02:51 2024 by rpki-client on console-fra.rpki-client.org