Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203136353039.roa
File: 326130343a623930323a3a2f33322d3332203d3e203136353039.roa (raw, json)
Hash identifier: 17p8tCrH2OQv6xPOIrX/oE0xrvRLHpB045zI9Rxvdjc=
Subject key identifier: 64:C3:96:DD:AE:DF:5E:E2:FB:35:BC:0B:17:B6:EA:D9:22:3A:BA:8C
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 48EF8B552CB11D9E568CBEF19A763AE9953BCC58
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203136353039.roa
Signing time: Mon 26 Jun 2023 19:47:01 +0000
ROA not before: Mon 26 Jun 2023 19:42:01 +0000
ROA not after: Mon 24 Jun 2024 19:47:01 +0000
asID: 16509
IP address blocks: 2a04:b902::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:ef:8b:55:2c:b1:1d:9e:56:8c:be:f1:9a:76:3a:e9:95:3b:cc:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:01 2023 GMT
Not After : Jun 24 19:47:01 2024 GMT
Subject: CN=64C396DDAEDF5EE2FB35BC0B17B6EAD9223ABA8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:97:eb:c6:c0:cd:d2:cb:8b:fb:da:31:15:
e6:2e:64:c6:4b:79:43:a4:ad:1b:da:33:94:18:df:
71:29:2b:d9:2e:22:73:a5:10:5e:af:d1:00:39:40:
b7:e2:de:64:82:9d:e2:5e:39:06:dd:f2:b7:e4:b6:
32:f1:ce:ba:76:71:9b:a6:04:5f:b8:fa:a7:21:f6:
cf:0f:40:56:f1:33:fd:8d:8a:a6:84:6c:3f:d5:a8:
38:99:80:91:03:f4:11:f1:55:dd:4b:99:15:dc:0e:
14:88:95:66:72:1f:38:9a:07:d7:37:da:75:b6:78:
9a:34:a2:f7:01:99:da:db:90:06:3a:0a:ac:29:c7:
d6:1f:16:5a:db:1a:f0:9a:10:51:7c:88:97:2e:d3:
87:7e:ca:2d:4b:ea:5d:40:77:f0:8e:e5:00:51:b4:
d7:d6:48:56:f0:d0:74:7e:3a:b7:bd:e8:56:3b:01:
11:99:e8:31:bb:33:e9:f8:b1:58:23:4d:c8:06:0c:
f2:65:35:f8:d8:a2:30:1f:3a:06:e1:9e:41:96:ff:
ce:14:11:60:41:a9:0f:51:d6:b0:da:6a:6d:9a:41:
02:ce:20:f2:24:a3:1a:73:b5:c1:a8:32:9a:66:4b:
e3:75:87:51:4b:fe:77:3d:b8:f3:bc:6f:17:f6:61:
b8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C3:96:DD:AE:DF:5E:E2:FB:35:BC:0B:17:B6:EA:D9:22:3A:BA:8C
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b902::/32
Signature Algorithm: sha256WithRSAEncryption
5c:af:db:2a:cd:7f:84:c8:ce:69:7c:6a:7d:00:f1:37:99:c7:
c4:8c:1d:25:ec:d6:74:d1:1f:3e:18:e9:6c:de:d8:6b:5c:5c:
86:e5:18:d3:9e:85:17:77:2f:3d:4f:59:1a:77:a4:5f:f2:c8:
71:39:1b:21:d0:23:67:86:0e:6a:7c:13:fe:22:d0:1e:35:b7:
6b:a5:61:7b:08:b2:8e:47:3f:5d:9a:78:d4:bb:8c:e4:58:28:
4e:06:9b:2a:04:8b:69:35:76:2f:8b:ae:0b:4e:f7:9b:fe:10:
12:22:1c:ff:d2:9a:a3:f1:7a:87:28:bf:b1:2b:ea:3b:44:fc:
c7:0d:23:0c:07:2f:de:79:b3:a7:ac:aa:06:57:36:64:b5:52:
bf:86:10:5e:37:63:c0:4d:b3:ad:ee:e8:02:70:f5:49:5f:70:
e9:7a:8e:ba:c5:c0:e8:5a:1c:c9:95:0a:51:c1:06:93:a8:ee:
13:d8:ba:f4:89:ba:d5:10:8f:74:7a:0c:58:47:f8:10:f8:37:
49:43:fe:b1:93:43:3c:a8:51:d1:d5:97:be:ba:29:de:34:19:
31:da:23:8d:d5:8b:27:ff:90:7a:f5:21:f9:1f:fd:1d:89:f1:
a5:89:76:16:01:11:79:42:04:10:dc:ca:4d:c2:e6:76:53:47:
98:c6:a2:74
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUSO+LVSyxHZ5WjL7xmnY66ZU7zFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDFaFw0yNDA2MjQxOTQ3MDFaMDMxMTAvBgNV
BAMTKDY0QzM5NkREQUVERjVFRTJGQjM1QkMwQjE3QjZFQUQ5MjIzQUJBOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6nZfrxsDN0suL+9oxFeYuZMZL
eUOkrRvaM5QY33EpK9kuInOlEF6v0QA5QLfi3mSCneJeOQbd8rfktjLxzrp2cZum
BF+4+qch9s8PQFbxM/2NiqaEbD/VqDiZgJED9BHxVd1LmRXcDhSIlWZyHziaB9c3
2nW2eJo0ovcBmdrbkAY6Cqwpx9YfFlrbGvCaEFF8iJcu04d+yi1L6l1Ad/CO5QBR
tNfWSFbw0HR+Ore96FY7ARGZ6DG7M+n4sVgjTcgGDPJlNfjYojAfOgbhnkGW/84U
EWBBqQ9R1rDaam2aQQLOIPIkoxpztcGoMppmS+N1h1FL/nc9uPO8bxf2YbjRAgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQUZMOW3a7fXuL7NbwLF7bq2SI6uowwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzIzYTNhMmYzMzMyMmQzMzMyMjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAKgS5AjANBgkqhkiG9w0BAQsFAAOCAQEAXK/bKs1/hMjOaXxqfQDxN5nHxIwd
JezWdNEfPhjpbN7Ya1xchuUY056FF3cvPU9ZGnekX/LIcTkbIdAjZ4YOanwT/iLQ
HjW3a6Vhewiyjkc/XZp41LuM5FgoTgabKgSLaTV2L4uuC073m/4QEiIc/9Kao/F6
hyi/sSvqO0T8xw0jDAcv3nmzp6yqBlc2ZLVSv4YQXjdjwE2zre7oAnD1SV9w6XqO
usXA6FocyZUKUcEGk6juE9i69Im61RCPdHoMWEf4EPg3SUP+sZNDPKhR0dWXvrop
3jQZMdojjdWLJ/+QevUh+R/9HYnxpYl2FgEReUIEENzKTcLmdlNHmMaidA==
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:11 2024 by rpki-client on console-fra.rpki-client.org