Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930343a3a2f34382d3438203d3e20323131333231.roa
File: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (raw, json)
Hash identifier: A+dtJHk9x6wVW6MqVzvQjBJjP5URhPa7hwbl1on+wTQ=
Subject key identifier: 83:88:77:03:E0:20:96:D1:2B:19:2D:FD:B9:A7:A2:D0:43:6D:E5:FA
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 2FF7B05003642A798431893E3A627AC4EC2B377F
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930343a3a2f34382d3438203d3e20323131333231.roa
Signing time: Mon 26 Jun 2023 19:47:01 +0000
ROA not before: Mon 26 Jun 2023 19:42:01 +0000
ROA not after: Mon 24 Jun 2024 19:47:01 +0000
asID: 211321
IP address blocks: 2a04:b904::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:f7:b0:50:03:64:2a:79:84:31:89:3e:3a:62:7a:c4:ec:2b:37:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:01 2023 GMT
Not After : Jun 24 19:47:01 2024 GMT
Subject: CN=83887703E02096D12B192DFDB9A7A2D0436DE5FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:73:1c:ad:3b:1c:33:63:96:1d:2a:b2:8c:11:
90:3f:ee:12:8e:41:f9:77:e8:48:ab:f8:64:e0:ff:
dc:61:76:63:42:4d:c0:4e:a1:35:2e:2a:05:4c:f4:
5a:1d:41:7a:a9:4f:0c:07:29:e4:df:86:33:bd:83:
62:04:e5:d5:d9:15:8d:bb:61:c9:12:7c:70:a1:a7:
e7:a2:bc:09:74:48:f3:9f:e1:d4:33:7c:9d:5c:e7:
02:28:35:62:78:73:7c:fd:33:a1:07:7c:a2:a3:fc:
6a:20:71:8e:5e:64:10:81:43:a1:36:16:1f:6f:6d:
01:fb:35:e3:cd:bd:28:43:71:21:b4:dc:65:e1:15:
c7:02:bf:7a:8c:27:98:4e:78:69:ba:9f:f7:ec:2d:
d7:c1:04:30:06:06:db:0a:fc:46:35:59:de:0b:70:
fe:d5:c2:ae:86:d4:1f:5f:7b:0b:54:84:f7:7b:1b:
22:f6:74:4a:8b:f5:cc:8a:78:17:f6:ac:d4:67:03:
9e:11:07:bb:4e:ca:48:57:d3:56:67:f2:43:77:5a:
a5:dd:a1:f5:44:f6:78:77:58:c1:49:d8:cb:b1:d3:
e7:ee:6c:22:cf:fd:fd:72:b7:84:9d:79:a4:89:84:
d4:16:6c:23:37:11:b9:eb:d3:d4:b5:f6:88:fc:57:
39:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:88:77:03:E0:20:96:D1:2B:19:2D:FD:B9:A7:A2:D0:43:6D:E5:FA
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930343a3a2f34382d3438203d3e20323131333231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b904::/48
Signature Algorithm: sha256WithRSAEncryption
06:d8:e7:2a:b7:c6:79:a2:d7:52:a6:75:99:e8:05:81:f2:29:
c0:be:3d:80:18:f4:21:dd:4e:ff:e8:79:04:73:c3:1f:15:20:
7f:5b:c1:1e:d8:da:30:87:30:03:24:1d:f6:28:46:91:a2:30:
ad:9d:84:af:cd:63:76:e1:c4:10:31:e3:3b:9d:e9:3b:66:a3:
04:6d:c6:e9:20:52:f4:d7:dd:ef:c9:da:bc:b4:ff:01:18:f4:
49:db:0d:09:c3:a9:71:62:f3:3c:ab:23:90:ba:8f:76:ef:88:
4f:39:7c:9c:6e:7a:ef:05:ab:5f:42:3d:31:9e:32:bb:99:bc:
05:ee:b6:c8:9c:58:b3:2f:e9:5a:36:e2:32:a8:dc:47:6f:cc:
91:7e:c3:37:d0:25:37:91:aa:02:f8:c1:83:a3:0e:9e:d9:c6:
4f:35:7e:8c:73:3d:75:cf:31:02:e1:d2:1d:70:2c:0a:1a:3b:
c6:96:05:5d:b0:65:33:fa:1a:9e:50:ce:9d:63:1d:06:dc:94:
c4:00:21:82:40:ed:af:71:7a:b5:6e:ea:11:f5:35:8d:2d:81:
dd:26:a5:69:23:32:f6:4f:2c:0a:b0:b9:6d:b9:27:04:28:a6:
ec:9e:5b:bc:87:de:7f:15:50:03:6b:0b:4a:8d:32:c3:c3:91:
43:c8:32:4a
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUL/ewUANkKnmEMYk+OmJ6xOwrN38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDFaFw0yNDA2MjQxOTQ3MDFaMDMxMTAvBgNV
BAMTKDgzODg3NzAzRTAyMDk2RDEyQjE5MkRGREI5QTdBMkQwNDM2REU1RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBcxytOxwzY5YdKrKMEZA/7hKO
Qfl36Eir+GTg/9xhdmNCTcBOoTUuKgVM9FodQXqpTwwHKeTfhjO9g2IE5dXZFY27
YckSfHChp+eivAl0SPOf4dQzfJ1c5wIoNWJ4c3z9M6EHfKKj/GogcY5eZBCBQ6E2
Fh9vbQH7NePNvShDcSG03GXhFccCv3qMJ5hOeGm6n/fsLdfBBDAGBtsK/EY1Wd4L
cP7Vwq6G1B9fewtUhPd7GyL2dEqL9cyKeBf2rNRnA54RB7tOykhX01Zn8kN3WqXd
ofVE9nh3WMFJ2Mux0+fubCLP/f1yt4SdeaSJhNQWbCM3Ebnr09S19oj8VzlPAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUg4h3A+AgltErGS39uaei0ENt5fowHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBgQYIKwYBBQUHAQsEdTBzMHEGCCsGAQUFBzALhmVyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzI2MTMwMzQzYTYy
MzkzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMxMzMzMjMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgS5BAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAG2Ocqt8Z5otdSpnWZ6AWB
8inAvj2AGPQh3U7/6HkEc8MfFSB/W8Ee2NowhzADJB32KEaRojCtnYSvzWN24cQQ
MeM7nek7ZqMEbcbpIFL0193vydq8tP8BGPRJ2w0Jw6lxYvM8qyOQuo9274hPOXyc
bnrvBatfQj0xnjK7mbwF7rbInFizL+laNuIyqNxHb8yRfsM30CU3kaoC+MGDow6e
2cZPNX6Mcz11zzEC4dIdcCwKGjvGlgVdsGUz+hqeUM6dYx0G3JTEACGCQO2vcXq1
buoR9TWNLYHdJqVpIzL2TywKsLltuScEKKbsnlu8h95/FVADawtKjTLDw5FDyDJK
-----END CERTIFICATE-----
Generated at Thu May 16 21:49:09 2024 by rpki-client on console-ams.rpki-client.org