Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3330203d3e2038353837.roa
File: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (raw, json)
Hash identifier: ivgkesCiMtIOryuo40vk9UC66yTXU489Jmz03jm+zKE=
Subject key identifier: 59:E5:65:C2:FA:3D:51:A5:B7:7F:25:90:2B:14:4D:76:A3:D0:20:24
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 193CA3BD82777B0E250B72AD7E3CACBE1DB0261B
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3330203d3e2038353837.roa
Signing time: Mon 26 Jun 2023 19:47:00 +0000
ROA not before: Mon 26 Jun 2023 19:42:00 +0000
ROA not after: Mon 24 Jun 2024 19:47:00 +0000
asID: 8587
IP address blocks: 2a04:b900::/30 maxlen: 30
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:3c:a3:bd:82:77:7b:0e:25:0b:72:ad:7e:3c:ac:be:1d:b0:26:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:00 2023 GMT
Not After : Jun 24 19:47:00 2024 GMT
Subject: CN=59E565C2FA3D51A5B77F25902B144D76A3D02024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:78:92:b0:f5:63:9f:11:53:ff:41:3e:3a:
dd:c1:6c:67:11:73:da:cd:a4:c9:2c:5f:09:cb:5c:
d2:29:3d:8d:21:a4:11:d6:f8:5d:7d:94:d9:d1:a2:
bd:ab:a6:04:a1:47:87:82:6b:03:92:4e:19:27:eb:
0e:4d:25:21:09:fe:32:65:8a:f9:c8:72:e3:c1:7b:
de:af:60:f5:d8:81:14:ed:a5:f6:3d:e7:82:ae:bb:
34:2c:53:12:c6:38:cd:19:c2:2c:2c:01:be:98:f1:
dc:3e:82:8f:1b:cb:59:ac:43:6a:d5:c6:db:a1:db:
a8:f4:4a:a4:6f:bc:cb:40:9f:24:4a:be:22:70:06:
bc:6e:5c:03:e9:50:8a:21:5e:9f:76:56:cd:6c:6e:
ba:af:dd:e1:1c:15:a4:a0:2f:a2:5b:7f:08:4c:9f:
b7:32:26:a4:bf:80:76:e2:71:33:c5:9a:35:5b:fd:
0a:30:85:c3:b5:9f:e1:22:6c:ec:4a:af:38:97:da:
d2:e2:07:8d:67:b3:bc:ac:5d:32:7f:6d:e1:1c:e4:
a4:9e:de:5a:6e:26:79:ba:ee:c6:a9:82:f5:9e:64:
b9:63:50:24:23:40:21:68:4a:d9:af:74:e0:c8:fc:
98:9a:cb:9d:dc:fa:4c:13:c7:d6:52:f5:ec:66:51:
a0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E5:65:C2:FA:3D:51:A5:B7:7F:25:90:2B:14:4D:76:A3:D0:20:24
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3330203d3e2038353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b900::/30
Signature Algorithm: sha256WithRSAEncryption
b1:0c:3d:c7:42:f7:4e:ae:4c:05:99:90:47:7d:be:6c:32:b6:
d2:0f:54:c4:71:12:33:b8:e8:97:f3:fc:5e:e7:27:2f:3e:3e:
04:9e:71:68:7a:84:8b:e4:a0:20:e5:a1:8b:9d:91:03:ed:8e:
a0:42:ee:62:3d:e4:97:9e:b8:f8:f3:32:23:d2:33:ac:d0:ae:
c8:fa:e8:ed:b1:f6:a9:8d:e2:22:6b:89:c5:02:1c:32:97:03:
6f:3f:ed:f7:7e:54:fd:38:7c:89:ac:65:a0:96:0d:3e:e7:8d:
80:55:82:16:0e:b1:dd:93:70:30:7c:a1:9f:55:99:fd:a5:59:
04:eb:10:09:13:9a:dd:25:cb:4d:17:9c:66:11:09:a4:f3:f5:
26:7a:f9:b8:0a:23:2b:55:b8:6a:34:52:e0:fe:8d:e8:55:4f:
c8:2b:43:9b:a1:8b:80:e1:fc:0c:f8:d2:d2:e0:12:b9:37:57:
5d:cc:be:dc:4d:3a:22:28:e2:ab:a8:19:9b:65:1a:90:1d:47:
fc:c3:9e:aa:ae:df:57:01:64:1b:40:ce:82:c6:f1:2d:f8:d6:
32:32:48:70:5b:56:d3:87:2a:b5:a9:a0:d6:ad:fe:a8:0f:ed:
90:37:19:f1:b0:85:65:c9:38:13:eb:a3:7d:0f:22:71:8f:af:
c0:e9:a2:0a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUGTyjvYJ3ew4lC3Ktfjysvh2wJhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDBaFw0yNDA2MjQxOTQ3MDBaMDMxMTAvBgNV
BAMTKDU5RTU2NUMyRkEzRDUxQTVCNzdGMjU5MDJCMTQ0RDc2QTNEMDIwMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo7HiSsPVjnxFT/0E+Ot3BbGcR
c9rNpMksXwnLXNIpPY0hpBHW+F19lNnRor2rpgShR4eCawOSThkn6w5NJSEJ/jJl
ivnIcuPBe96vYPXYgRTtpfY954KuuzQsUxLGOM0ZwiwsAb6Y8dw+go8by1msQ2rV
xtuh26j0SqRvvMtAnyRKviJwBrxuXAPpUIohXp92Vs1sbrqv3eEcFaSgL6JbfwhM
n7cyJqS/gHbicTPFmjVb/QowhcO1n+EibOxKrziX2tLiB41ns7ysXTJ/beEc5KSe
3lpuJnm67sapgvWeZLljUCQjQCFoStmvdODI/Jiay53c+kwTx9ZS9exmUaAjAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUWeVlwvo9UaW3fyWQKxRNdqPQICQwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB9BggrBgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzAzYTNhMmYzMzMwMmQzMzMwMjAzZDNlMjAzODM1MzgzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
AioEuQAwDQYJKoZIhvcNAQELBQADggEBALEMPcdC906uTAWZkEd9vmwyttIPVMRx
EjO46Jfz/F7nJy8+PgSecWh6hIvkoCDloYudkQPtjqBC7mI95JeeuPjzMiPSM6zQ
rsj66O2x9qmN4iJricUCHDKXA28/7fd+VP04fImsZaCWDT7njYBVghYOsd2TcDB8
oZ9Vmf2lWQTrEAkTmt0ly00XnGYRCaTz9SZ6+bgKIytVuGo0UuD+jehVT8grQ5uh
i4Dh/Az40tLgErk3V13MvtxNOiIo4quoGZtlGpAdR/zDnqqu31cBZBtAzoLG8S34
1jIySHBbVtOHKrWpoNat/qgP7ZA3GfGwhWXJOBPro30PInGPr8Dpogo=
-----END CERTIFICATE-----
Generated at Thu May 16 18:36:31 2024 by rpki-client on console-fra.rpki-client.org