Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f34382d3438203d3e203134363138.roa
File: 326130343a623930353a3a2f34382d3438203d3e203134363138.roa (raw, json)
Hash identifier: 6p4aFGl0dNowe4dDEzVpdf9C/WfLOZ1eqTuby7Oka6w=
Subject key identifier: B4:48:C3:3B:82:61:73:D3:90:66:61:F1:09:44:C2:5D:3F:08:23:FF
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 738F4C005EF4BF18304912DA06522B50A91FAF0F
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f34382d3438203d3e203134363138.roa
Signing time: Wed 13 Dec 2023 10:45:06 +0000
ROA not before: Wed 13 Dec 2023 10:40:06 +0000
ROA not after: Wed 11 Dec 2024 10:45:06 +0000
asID: 14618
IP address blocks: 2a04:b905::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:8f:4c:00:5e:f4:bf:18:30:49:12:da:06:52:2b:50:a9:1f:af:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Dec 13 10:40:06 2023 GMT
Not After : Dec 11 10:45:06 2024 GMT
Subject: CN=B448C33B826173D3906661F10944C25D3F0823FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:13:92:1a:5f:26:c0:94:bd:78:02:69:a6:
4a:ce:19:9f:fd:b6:67:f6:08:cf:e2:cf:82:7f:cb:
1a:ed:b7:70:9f:00:3b:e9:92:15:6d:ae:05:3d:fe:
47:3f:4a:2a:ec:74:5d:08:26:b3:60:06:f9:08:e8:
e9:9c:f5:ed:51:22:f6:c7:0e:2b:92:cf:04:a6:8d:
2e:a1:91:37:28:88:4c:4a:ed:9a:3e:77:c9:89:c9:
b9:d4:72:00:fb:06:09:a4:cc:c5:e0:b5:c3:98:04:
33:70:dc:92:02:5f:68:6e:e5:08:9c:e3:9b:05:bf:
f1:38:7b:d2:49:51:c5:d5:5b:e6:d3:64:fa:09:f9:
a2:43:1d:b2:f6:fc:36:39:d7:f6:49:c9:67:f1:03:
5f:4e:29:5f:60:eb:b2:0a:cf:84:75:9c:08:82:42:
6c:5c:05:45:75:ec:12:61:f7:cf:65:0b:86:a3:de:
c7:44:72:ae:e8:83:97:63:74:87:0d:15:90:8a:a8:
d5:2b:67:46:6c:9d:da:30:69:45:6d:09:7e:8d:1b:
91:62:7c:81:e6:85:f4:b4:b8:81:40:58:16:18:05:
86:f3:f2:04:2f:9b:f3:22:5a:c0:d7:a9:79:5a:f1:
0b:d7:65:97:c4:7d:8a:19:e2:d5:69:33:f6:43:ec:
fc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:48:C3:3B:82:61:73:D3:90:66:61:F1:09:44:C2:5D:3F:08:23:FF
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f34382d3438203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b905::/48
Signature Algorithm: sha256WithRSAEncryption
7b:a1:c4:03:89:39:78:a0:d3:80:57:97:f3:d9:24:c4:c6:55:
1e:f9:9f:f6:c4:2f:29:b0:3d:19:2c:c4:43:8a:37:fe:c0:a0:
aa:8c:21:8b:1a:01:b5:b8:fc:1c:72:4b:b1:e3:4f:b0:d7:c8:
e3:79:d6:8b:c6:23:72:08:29:56:de:00:16:9b:fd:09:1a:69:
da:fd:81:18:ac:bf:5b:bd:7b:4c:22:cc:65:87:4b:d6:1a:83:
42:b1:18:7c:0b:c6:ab:67:b9:12:64:b9:a5:3a:0d:f8:9f:55:
09:3f:02:92:85:5e:f7:16:53:89:43:6c:93:cb:a4:ff:a6:98:
3b:f9:5a:f9:a9:59:40:24:8e:04:73:33:ad:f7:d6:97:18:0d:
9a:24:38:d6:ee:d7:1d:16:82:20:ea:9b:01:09:18:d8:dc:cd:
9a:95:de:fa:86:54:91:88:ef:8e:78:15:9b:2b:64:5e:3f:c9:
45:f8:29:08:db:3c:6f:31:73:58:e8:02:ec:ab:61:55:65:17:
ea:37:2a:79:8b:aa:0f:83:fc:0b:5d:2b:0b:ec:a2:fb:aa:e7:
bb:1a:c3:69:30:f2:23:31:57:14:16:b4:46:e2:d0:8e:f1:84:
75:57:6e:58:a4:e4:6b:f9:40:ac:c3:ca:73:89:59:43:4d:dd:
71:39:76:f3
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUc49MAF70vxgwSRLaBlIrUKkfrw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzEyMTMxMDQwMDZaFw0yNDEyMTExMDQ1MDZaMDMxMTAvBgNV
BAMTKEI0NDhDMzNCODI2MTczRDM5MDY2NjFGMTA5NDRDMjVEM0YwODIzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi3BOSGl8mwJS9eAJppkrOGZ/9
tmf2CM/iz4J/yxrtt3CfADvpkhVtrgU9/kc/SirsdF0IJrNgBvkI6Omc9e1RIvbH
DiuSzwSmjS6hkTcoiExK7Zo+d8mJybnUcgD7BgmkzMXgtcOYBDNw3JICX2hu5Qic
45sFv/E4e9JJUcXVW+bTZPoJ+aJDHbL2/DY51/ZJyWfxA19OKV9g67IKz4R1nAiC
QmxcBUV17BJh989lC4aj3sdEcq7og5djdIcNFZCKqNUrZ0ZsndowaUVtCX6NG5Fi
fIHmhfS0uIFAWBYYBYbz8gQvm/MiWsDXqXla8QvXZZfEfYoZ4tVpM/ZD7PwpAgMB
AAGjggHjMIIB3zAdBgNVHQ4EFgQUtEjDO4Jhc9OQZmHxCUTCXT8II/8wHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzUzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAKgS5BQAAMA0GCSqGSIb3DQEBCwUAA4IBAQB7ocQDiTl4oNOAV5fz2STExlUe
+Z/2xC8psD0ZLMRDijf+wKCqjCGLGgG1uPwcckux40+w18jjedaLxiNyCClW3gAW
m/0JGmna/YEYrL9bvXtMIsxlh0vWGoNCsRh8C8arZ7kSZLmlOg34n1UJPwKShV73
FlOJQ2yTy6T/ppg7+Vr5qVlAJI4EczOt99aXGA2aJDjW7tcdFoIg6psBCRjY3M2a
ld76hlSRiO+OeBWbK2ReP8lF+CkI2zxvMXNY6ALsq2FVZRfqNyp5i6oPg/wLXSsL
7KL7que7GsNpMPIjMVcUFrRG4tCO8YR1V25YpORr+UCsw8pziVlDTd1xOXbz
-----END CERTIFICATE-----
Generated at Wed May 1 18:31:38 2024 by rpki-client on console-fra.rpki-client.org