Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203134363138.roa
File: 326130343a623930323a3a2f33322d3332203d3e203134363138.roa (raw, json)
Hash identifier: BdIXKvOKCCcQmAebD8NWQLbAX1Z8wHn8mwlCBu8/C3c=
Subject key identifier: E5:3F:53:4B:D1:D7:76:DA:CD:D0:02:D1:EC:0C:59:E2:3A:6E:20:15
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 19E60C8F4F9457CA01191331E9B9EECCFFBA7FA3
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203134363138.roa
Signing time: Mon 27 May 2024 20:11:44 +0000
ROA not before: Mon 27 May 2024 20:06:44 +0000
ROA not after: Mon 26 May 2025 20:11:44 +0000
asID: 14618
IP address blocks: 2a04:b902::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:e6:0c:8f:4f:94:57:ca:01:19:13:31:e9:b9:ee:cc:ff:ba:7f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 27 20:06:44 2024 GMT
Not After : May 26 20:11:44 2025 GMT
Subject: CN=E53F534BD1D776DACDD002D1EC0C59E23A6E2015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:4b:aa:4c:bf:77:11:6d:c9:7e:55:1b:6e:
1a:69:6c:42:38:f9:cf:43:37:c8:4a:23:eb:a3:b7:
39:5b:5c:2f:fa:cc:5b:f4:b5:6c:60:18:a0:e4:68:
48:0c:89:0b:50:b7:d4:c4:8a:e0:9a:49:c2:31:3f:
be:9e:60:57:65:51:13:a9:40:46:d7:6f:2b:ab:ff:
4a:20:b3:1e:85:e4:b0:9d:2c:ab:c4:f4:af:ca:f9:
52:cc:4a:3c:dd:28:da:bb:26:a9:b5:7f:02:80:60:
bf:05:a3:dd:3b:1c:6c:0c:bb:e7:7a:11:3d:5f:30:
f1:68:fa:21:50:27:6b:81:d1:29:90:66:01:f0:ea:
c0:fd:4e:5b:08:07:bd:ce:a9:da:a3:ee:31:76:06:
63:ae:eb:8b:df:89:9a:32:d2:16:b7:af:a3:11:43:
71:8f:9d:bc:0e:c9:57:6d:41:3c:e7:9c:fe:00:b5:
cb:bd:1b:9e:7b:dd:0b:0a:3c:e3:77:6c:b6:7a:1a:
af:18:65:c6:e5:60:20:50:bc:6d:96:4d:06:ce:33:
45:d5:b8:3c:1e:09:bc:7c:e6:ee:d6:4f:3f:b3:bc:
1b:bb:ea:f0:aa:ec:58:1b:c0:f0:d0:29:b8:0b:7a:
48:90:04:d0:19:41:98:30:c5:a0:e6:ec:79:37:23:
07:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3F:53:4B:D1:D7:76:DA:CD:D0:02:D1:EC:0C:59:E2:3A:6E:20:15
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b902::/32
Signature Algorithm: sha256WithRSAEncryption
89:f0:62:44:3e:93:e7:9a:e8:31:7d:cb:c3:cb:76:a2:c9:2e:
40:6b:17:4c:8d:18:e0:65:7f:92:cd:6e:3a:b8:61:b8:e6:5e:
fe:2b:02:83:81:55:08:08:f4:cf:3a:31:34:48:c8:20:01:fd:
bb:23:9a:26:77:57:29:a1:ff:a9:93:f1:83:7f:3c:10:16:57:
61:57:07:9f:31:38:a5:4a:b3:b3:4b:97:d5:96:84:7f:1c:2c:
8c:50:d3:93:05:88:cf:7b:a0:7e:a5:67:ae:33:fc:83:b9:b6:
05:41:c1:b2:04:0e:d7:ae:97:3a:df:ac:52:46:d0:c4:d0:08:
6b:22:d0:1d:c6:91:f1:17:ba:b6:93:6a:a2:cd:9c:49:ca:7d:
ba:53:8e:2a:6f:e7:75:cd:16:6a:4d:89:61:0b:ce:cc:8a:b3:
10:07:21:f1:f5:26:7f:06:1e:b1:e9:37:6c:a3:22:4d:8d:59:
fc:28:1c:b6:56:f5:53:26:41:bb:33:11:8f:a5:af:fe:46:e7:
0b:a4:cc:f2:eb:48:9e:51:c0:21:54:e2:23:94:a7:ee:b0:c6:
13:f9:a2:58:42:86:d8:7e:f9:6f:64:34:0e:8a:02:19:a6:2a:
aa:1f:19:ab:1e:1b:79:22:95:46:9b:f6:16:07:df:35:1b:0b:
ef:13:0d:e1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUGeYMj0+UV8oBGRMx6bnuzP+6f6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDRaFw0yNTA1MjYyMDExNDRaMDMxMTAvBgNV
BAMTKEU1M0Y1MzRCRDFENzc2REFDREQwMDJEMUVDMEM1OUUyM0E2RTIwMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEUUuqTL93EW3JflUbbhppbEI4
+c9DN8hKI+ujtzlbXC/6zFv0tWxgGKDkaEgMiQtQt9TEiuCaScIxP76eYFdlUROp
QEbXbyur/0ogsx6F5LCdLKvE9K/K+VLMSjzdKNq7Jqm1fwKAYL8Fo907HGwMu+d6
ET1fMPFo+iFQJ2uB0SmQZgHw6sD9TlsIB73Oqdqj7jF2BmOu64vfiZoy0ha3r6MR
Q3GPnbwOyVdtQTznnP4Atcu9G5573QsKPON3bLZ6Gq8YZcblYCBQvG2WTQbOM0XV
uDweCbx85u7WTz+zvBu76vCq7FgbwPDQKbgLekiQBNAZQZgwxaDm7Hk3Iwf9AgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQU5T9TS9HXdtrN0ALR7AxZ4jpuIBUwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzIzYTNhMmYzMzMyMmQzMzMyMjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAKgS5AjANBgkqhkiG9w0BAQsFAAOCAQEAifBiRD6T55roMX3Lw8t2oskuQGsX
TI0Y4GV/ks1uOrhhuOZe/isCg4FVCAj0zzoxNEjIIAH9uyOaJndXKaH/qZPxg388
EBZXYVcHnzE4pUqzs0uX1ZaEfxwsjFDTkwWIz3ugfqVnrjP8g7m2BUHBsgQO166X
Ot+sUkbQxNAIayLQHcaR8Re6tpNqos2cScp9ulOOKm/ndc0Wak2JYQvOzIqzEAch
8fUmfwYesek3bKMiTY1Z/Cgctlb1UyZBuzMRj6Wv/kbnC6TM8utInlHAIVTiI5Sn
7rDGE/miWEKG2H75b2Q0DooCGaYqqh8Zqx4beSKVRpv2FgffNRsL7xMN4Q==
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:34 2024 by rpki-client on console-ams.rpki-client.org