Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3330203d3e2038353837.roa
File: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (raw, json)
Hash identifier: tf8JMRqXljw7qscOgg/9HtnVrI1wbUu1qdEacd/xbBk=
Subject key identifier: 52:8C:75:68:25:42:D4:B0:2C:16:3B:79:B2:D8:00:65:7C:4E:F5:21
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 130B4847607321AE27C4879E285696AFBD554FF6
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3330203d3e2038353837.roa
Signing time: Mon 27 May 2024 20:11:44 +0000
ROA not before: Mon 27 May 2024 20:06:44 +0000
ROA not after: Mon 26 May 2025 20:11:44 +0000
asID: 8587
IP address blocks: 2a04:b900::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:0b:48:47:60:73:21:ae:27:c4:87:9e:28:56:96:af:bd:55:4f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 27 20:06:44 2024 GMT
Not After : May 26 20:11:44 2025 GMT
Subject: CN=528C75682542D4B02C163B79B2D800657C4EF521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8a:0f:8d:d8:30:ea:b7:08:bd:bb:7c:1d:4f:
57:eb:9f:73:84:fb:19:3f:5a:9c:0d:e5:ad:7f:a1:
1d:41:73:80:0e:a5:89:d2:9a:6d:12:5e:0e:03:5a:
fa:03:01:d7:92:4c:49:42:6a:a4:bc:73:23:fa:13:
0c:36:06:07:08:b0:1e:c1:36:f2:26:42:69:63:6a:
2c:45:c0:f5:d8:3e:a4:91:83:8e:db:6e:43:62:04:
58:65:c9:f0:36:ba:72:37:d6:13:f4:53:43:6b:4f:
53:b7:55:38:7a:1a:b5:08:3c:b0:57:45:4b:60:e8:
40:79:f2:88:06:55:73:91:58:08:24:69:ec:de:a8:
18:1e:8a:f2:75:57:62:f1:aa:08:6c:00:73:06:1f:
a5:b8:10:5e:01:64:7b:ff:fd:19:fd:22:d2:07:d4:
23:53:b4:02:04:62:8d:3b:22:2b:74:9d:ed:e4:30:
c3:74:36:a9:f7:f9:fc:44:11:3a:d9:5a:ae:db:72:
c3:f1:44:00:c8:51:57:fe:e0:44:6f:a8:51:69:04:
28:98:81:6e:d1:49:b0:74:b2:48:55:71:64:df:18:
71:bc:27:0f:b3:ad:7a:40:76:31:b5:10:10:b3:33:
2a:f4:3d:76:4b:46:8c:b1:29:01:4c:aa:a9:d8:26:
c2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:8C:75:68:25:42:D4:B0:2C:16:3B:79:B2:D8:00:65:7C:4E:F5:21
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3330203d3e2038353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b900::/30
Signature Algorithm: sha256WithRSAEncryption
c7:aa:49:42:8e:08:5d:c7:5e:ba:8a:0b:5e:9b:c6:9d:4b:6e:
80:e0:8b:d6:cd:7d:11:50:28:d6:46:ef:be:6a:cb:c6:3a:f9:
d1:9d:93:c7:cc:a5:1d:19:65:fd:2b:0f:af:03:8c:30:ee:7c:
ca:8b:51:63:69:4f:d0:9c:68:cd:31:11:d3:c2:0b:a6:d8:9d:
b3:85:4a:54:55:ff:c5:57:65:36:96:1b:8c:bc:48:13:ce:a4:
62:5c:28:e5:34:e4:f2:9d:3e:f1:38:81:7d:f0:54:26:97:c3:
0c:62:69:b3:6e:fe:64:a3:a8:ac:71:15:c8:3d:b6:e9:4f:97:
76:e4:0f:c3:58:7a:3e:07:63:a6:dc:e8:8b:55:a3:23:46:e3:
a9:66:04:ff:55:1b:2d:74:76:19:c7:1c:d2:74:07:7f:21:76:
66:30:82:45:49:a1:fa:da:72:ef:3a:bf:6b:10:88:41:46:45:
93:f3:f8:d4:6d:78:a9:1a:9a:56:c5:1b:84:33:05:02:ff:ab:
d9:d5:8a:3f:a3:ec:8b:1b:4a:09:3c:97:1b:e2:db:9d:8a:7a:
8f:fe:ae:2c:ad:d1:ba:06:d4:59:02:f0:08:6f:9e:4f:7f:46:
ce:e7:08:d3:d4:77:90:d1:25:3e:c4:4e:b6:e3:a2:6a:0f:1c:
45:60:8d:46
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUEwtIR2BzIa4nxIeeKFaWr71VT/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDRaFw0yNTA1MjYyMDExNDRaMDMxMTAvBgNV
BAMTKDUyOEM3NTY4MjU0MkQ0QjAyQzE2M0I3OUIyRDgwMDY1N0M0RUY1MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVig+N2DDqtwi9u3wdT1frn3OE
+xk/WpwN5a1/oR1Bc4AOpYnSmm0SXg4DWvoDAdeSTElCaqS8cyP6Eww2BgcIsB7B
NvImQmljaixFwPXYPqSRg47bbkNiBFhlyfA2unI31hP0U0NrT1O3VTh6GrUIPLBX
RUtg6EB58ogGVXORWAgkaezeqBgeivJ1V2LxqghsAHMGH6W4EF4BZHv//Rn9ItIH
1CNTtAIEYo07Iit0ne3kMMN0Nqn3+fxEETrZWq7bcsPxRADIUVf+4ERvqFFpBCiY
gW7RSbB0skhVcWTfGHG8Jw+zrXpAdjG1EBCzMyr0PXZLRoyxKQFMqqnYJsIBAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUUox1aCVC1LAsFjt5stgAZXxO9SEwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB9BggrBgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzAzYTNhMmYzMzMwMmQzMzMwMjAzZDNlMjAzODM1MzgzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
AioEuQAwDQYJKoZIhvcNAQELBQADggEBAMeqSUKOCF3HXrqKC16bxp1LboDgi9bN
fRFQKNZG775qy8Y6+dGdk8fMpR0ZZf0rD68DjDDufMqLUWNpT9CcaM0xEdPCC6bY
nbOFSlRV/8VXZTaWG4y8SBPOpGJcKOU05PKdPvE4gX3wVCaXwwxiabNu/mSjqKxx
Fcg9tulPl3bkD8NYej4HY6bc6ItVoyNG46lmBP9VGy10dhnHHNJ0B38hdmYwgkVJ
ofracu86v2sQiEFGRZPz+NRteKkamlbFG4QzBQL/q9nVij+j7IsbSgk8lxvi252K
eo/+riyt0boG1FkC8Ahvnk9/Rs7nCNPUd5DRJT7ETrbjomoPHEVgjUY=
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org