Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3332203d3e2038353837.roa
File: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (raw, json)
Hash identifier: PQqUgTvM7ETeWVignn6eJgWllMredVRO5ZH2rhFjrpk=
Subject key identifier: ED:07:B6:D5:10:C8:D1:DF:F1:51:5F:7D:BE:A2:F1:17:0B:28:39:C4
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 7BACE2F240C5B61A756F9E6DDA3ED4690A86AE2F
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3332203d3e2038353837.roa
Signing time: Wed 13 Dec 2023 13:44:04 +0000
ROA not before: Wed 13 Dec 2023 13:39:04 +0000
ROA not after: Wed 11 Dec 2024 13:44:04 +0000
asID: 8587
IP address blocks: 2a04:b900::/30 maxlen: 32
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:ac:e2:f2:40:c5:b6:1a:75:6f:9e:6d:da:3e:d4:69:0a:86:ae:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Dec 13 13:39:04 2023 GMT
Not After : Dec 11 13:44:04 2024 GMT
Subject: CN=ED07B6D510C8D1DFF1515F7DBEA2F1170B2839C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:34:7d:2f:b5:7c:28:3b:a8:86:68:3c:b2:fc:
e8:5d:b9:3a:67:85:10:f6:25:08:19:7a:0b:f6:c3:
87:85:56:2d:a1:be:d2:4d:af:e1:58:88:67:c0:74:
21:92:0d:5d:0f:90:cb:fe:22:70:05:df:90:62:0d:
b9:d9:b8:1d:8a:d1:bf:8c:5a:06:0e:53:ae:2e:b3:
ab:93:ee:4d:ca:db:20:a6:5b:e6:80:1a:69:73:08:
fa:d7:d2:b0:f7:ec:06:a0:1c:af:e4:77:41:a1:a3:
c7:fa:dd:fc:2a:84:12:61:97:b4:87:be:06:c8:ac:
7b:68:87:22:f8:ca:1e:f9:d0:24:6d:71:47:c8:4f:
08:55:be:e9:6a:a8:45:fa:5f:d8:0f:f4:df:b3:32:
69:bb:a6:1f:e2:47:0a:47:6b:41:e1:36:c0:de:02:
36:a6:fe:d5:7b:89:8c:92:28:1c:77:80:36:01:99:
45:3b:c7:bb:8c:db:1f:47:f8:4e:76:f1:75:dd:b7:
3b:f2:d5:25:bc:cf:1b:46:1e:b9:66:5e:da:96:31:
1e:cd:a7:02:0b:f7:90:24:a1:3b:2a:dd:2c:c9:54:
89:12:1e:f4:ee:57:04:81:04:38:23:f7:23:2c:7c:
3c:33:72:3e:6c:bb:d5:cc:fb:f3:b8:01:aa:7d:0f:
2d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:07:B6:D5:10:C8:D1:DF:F1:51:5F:7D:BE:A2:F1:17:0B:28:39:C4
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3332203d3e2038353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b900::/30
Signature Algorithm: sha256WithRSAEncryption
c1:7f:f1:0f:f0:25:fb:7d:bb:a0:7b:08:8e:a2:40:e2:36:e2:
bc:55:11:3a:92:b1:98:75:3c:ee:02:fd:06:e9:0f:52:7e:06:
e0:9f:cf:65:56:ee:75:7a:4c:e5:68:48:5c:5a:42:79:de:38:
f3:c0:93:07:00:72:85:2e:42:92:75:37:1c:cf:9d:43:13:79:
42:0f:ab:dc:1b:8a:7c:ea:4f:c4:c1:d3:df:24:06:13:75:eb:
92:6f:9f:bb:ec:8b:4d:a6:e8:7c:de:22:f9:26:b5:da:5e:55:
a1:bd:b8:1d:4e:a3:9b:1e:a2:e0:1f:37:13:e7:90:df:52:59:
57:b0:e4:d2:79:df:e3:4d:f9:7c:2f:51:76:0f:b9:0f:ae:c7:
9f:48:55:e6:2d:ec:09:0f:9f:b2:84:91:d5:84:4c:33:26:5a:
bc:79:02:ba:26:5e:a9:27:17:b6:88:92:ad:e4:b3:88:d6:16:
ac:ba:3d:fb:05:40:8a:57:83:6b:ac:49:cf:87:fb:2e:43:fb:
fc:25:3d:75:89:16:61:0b:ab:90:18:06:f9:17:03:44:d5:6b:
d1:9a:43:89:3e:c3:92:ca:29:5b:00:50:03:09:46:41:0c:f8:
05:dd:77:ba:80:ae:11:aa:ed:46:1c:6c:d4:0c:c2:c8:dd:0d:
e9:dd:9c:3c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUe6zi8kDFthp1b55t2j7UaQqGri8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzEyMTMxMzM5MDRaFw0yNDEyMTExMzQ0MDRaMDMxMTAvBgNV
BAMTKEVEMDdCNkQ1MTBDOEQxREZGMTUxNUY3REJFQTJGMTE3MEIyODM5QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpNH0vtXwoO6iGaDyy/OhduTpn
hRD2JQgZegv2w4eFVi2hvtJNr+FYiGfAdCGSDV0PkMv+InAF35BiDbnZuB2K0b+M
WgYOU64us6uT7k3K2yCmW+aAGmlzCPrX0rD37AagHK/kd0Gho8f63fwqhBJhl7SH
vgbIrHtohyL4yh750CRtcUfITwhVvulqqEX6X9gP9N+zMmm7ph/iRwpHa0HhNsDe
Ajam/tV7iYySKBx3gDYBmUU7x7uM2x9H+E528XXdtzvy1SW8zxtGHrlmXtqWMR7N
pwIL95AkoTsq3SzJVIkSHvTuVwSBBDgj9yMsfDwzcj5su9XM+/O4Aap9Dy0fAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQU7Qe21RDI0d/xUV99vqLxFwsoOcQwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB9BggrBgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzAzYTNhMmYzMzMwMmQzMzMyMjAzZDNlMjAzODM1MzgzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
AioEuQAwDQYJKoZIhvcNAQELBQADggEBAMF/8Q/wJft9u6B7CI6iQOI24rxVETqS
sZh1PO4C/QbpD1J+BuCfz2VW7nV6TOVoSFxaQnneOPPAkwcAcoUuQpJ1NxzPnUMT
eUIPq9wbinzqT8TB098kBhN165Jvn7vsi02m6HzeIvkmtdpeVaG9uB1Oo5seouAf
NxPnkN9SWVew5NJ53+NN+XwvUXYPuQ+ux59IVeYt7AkPn7KEkdWETDMmWrx5Arom
XqknF7aIkq3ks4jWFqy6PfsFQIpXg2usSc+H+y5D+/wlPXWJFmELq5AYBvkXA0TV
a9GaQ4k+w5LKKVsAUAMJRkEM+AXdd7qArhGq7UYcbNQMwsjdDendnDw=
-----END CERTIFICATE-----
Generated at Thu May 16 21:49:09 2024 by rpki-client on console-ams.rpki-client.org