Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f34382d3438203d3e203136353039.roa
File: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (raw, json)
Hash identifier: SWUG37car5l0A/TpLhoLLdjzhGw06y1FDsQ3WqIFwrg=
Subject key identifier: 89:67:F5:D4:8A:28:8A:5F:66:05:38:58:56:72:54:F9:CF:34:B6:03
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 0474D3629E7D6CA3CBE67C36A2E73BA443F6B596
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f34382d3438203d3e203136353039.roa
Signing time: Wed 13 Dec 2023 10:45:34 +0000
ROA not before: Wed 13 Dec 2023 10:40:34 +0000
ROA not after: Wed 11 Dec 2024 10:45:34 +0000
asID: 16509
IP address blocks: 2a04:b905::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:74:d3:62:9e:7d:6c:a3:cb:e6:7c:36:a2:e7:3b:a4:43:f6:b5:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Dec 13 10:40:34 2023 GMT
Not After : Dec 11 10:45:34 2024 GMT
Subject: CN=8967F5D48A288A5F66053858567254F9CF34B603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:a3:55:0a:a4:b4:43:14:32:e2:79:0a:43:
9b:86:19:65:10:ba:2c:e0:71:e4:ce:3a:eb:11:b5:
12:63:5b:ad:fb:75:a0:b2:31:b2:a6:1a:29:1d:79:
4a:57:ea:2f:3f:35:09:b3:64:ef:a5:59:31:f1:58:
bc:0d:66:85:1d:bd:c5:a0:24:bd:1d:7a:1c:a1:eb:
cb:a6:2a:4f:3c:cf:0c:f9:02:a3:ee:12:18:ae:9d:
dd:5e:3c:aa:dc:e6:6a:48:b2:68:34:c5:83:60:09:
6a:b6:5c:c4:45:b7:c2:38:b7:03:96:6c:c4:58:7c:
e2:9e:11:90:a3:ad:a4:19:35:06:a4:72:5b:aa:09:
31:47:65:f7:22:a1:3d:30:4b:57:72:72:23:62:6d:
82:a0:5e:a2:32:93:df:74:89:c2:fe:d4:f9:2a:d5:
33:73:13:67:c7:38:5f:b9:60:e9:a9:cf:1e:4b:d9:
1c:84:52:49:ea:43:12:29:a7:cf:62:bf:5c:71:11:
03:1e:56:32:7d:1c:77:28:2d:13:2e:6b:41:9c:bd:
ef:ff:47:d1:f5:4d:4a:66:96:b8:f5:cd:46:b7:62:
6f:2d:ab:1c:08:e4:a3:fc:49:60:02:6c:b6:36:b1:
04:7b:d4:de:88:dd:04:1d:a5:46:43:ff:e7:a3:36:
3e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:67:F5:D4:8A:28:8A:5F:66:05:38:58:56:72:54:F9:CF:34:B6:03
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930353a3a2f34382d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b905::/48
Signature Algorithm: sha256WithRSAEncryption
6a:17:72:87:33:a2:e4:bf:55:06:b0:e0:be:1f:1e:46:43:30:
47:28:9f:d3:43:28:2e:d6:22:31:0f:5d:0a:57:54:6f:66:1b:
2a:da:ae:4a:00:7c:f5:fb:eb:71:30:cc:7f:d5:d9:24:ef:d8:
44:f9:ad:d3:e2:da:96:4e:1e:99:34:42:fa:a5:a8:c0:90:bf:
16:c2:58:14:53:2d:77:fe:13:5b:22:f8:0a:8b:cb:5d:a7:6e:
c4:57:bf:1a:dd:33:8b:d4:ef:0f:bb:8a:8a:65:45:be:7e:e4:
17:e2:85:70:8a:05:23:22:8b:13:93:cc:ef:9e:1b:cc:a0:5c:
bd:fd:08:1e:cf:23:83:5e:fa:b0:8b:26:73:08:91:20:8a:bb:
e5:eb:12:22:58:c4:09:53:10:cb:74:f0:2e:8b:0a:83:4f:96:
32:37:74:1a:78:9f:e3:ee:22:64:21:cd:39:00:ff:e9:24:63:
a5:15:5d:39:c3:88:be:29:6d:cc:8e:a7:9d:e0:79:0d:1b:fb:
68:1d:27:e0:98:9d:1e:ea:ce:ad:1b:9c:3c:a1:1b:d1:69:5d:
a9:65:c6:49:65:bc:69:fb:b1:02:30:b0:19:5d:fd:d2:06:94:
21:b0:b1:aa:31:9b:3e:b8:c7:90:30:5f:56:b4:c4:fc:db:b2:
19:31:66:f0
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUBHTTYp59bKPL5nw2ouc7pEP2tZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzEyMTMxMDQwMzRaFw0yNDEyMTExMDQ1MzRaMDMxMTAvBgNV
BAMTKDg5NjdGNUQ0OEEyODhBNUY2NjA1Mzg1ODU2NzI1NEY5Q0YzNEI2MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH7aNVCqS0QxQy4nkKQ5uGGWUQ
uizgceTOOusRtRJjW637daCyMbKmGikdeUpX6i8/NQmzZO+lWTHxWLwNZoUdvcWg
JL0dehyh68umKk88zwz5AqPuEhiund1ePKrc5mpIsmg0xYNgCWq2XMRFt8I4twOW
bMRYfOKeEZCjraQZNQakcluqCTFHZfcioT0wS1dyciNibYKgXqIyk990icL+1Pkq
1TNzE2fHOF+5YOmpzx5L2RyEUknqQxIpp89iv1xxEQMeVjJ9HHcoLRMua0Gcve//
R9H1TUpmlrj1zUa3Ym8tqxwI5KP8SWACbLY2sQR71N6I3QQdpUZD/+ejNj6JAgMB
AAGjggHjMIIB3zAdBgNVHQ4EFgQUiWf11Iooil9mBThYVnJU+c80tgMwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzUzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAKgS5BQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBqF3KHM6Lkv1UGsOC+Hx5GQzBH
KJ/TQygu1iIxD10KV1RvZhsq2q5KAHz1++txMMx/1dkk79hE+a3T4tqWTh6ZNEL6
pajAkL8WwlgUUy13/hNbIvgKi8tdp27EV78a3TOL1O8Pu4qKZUW+fuQX4oVwigUj
IosTk8zvnhvMoFy9/QgezyODXvqwiyZzCJEgirvl6xIiWMQJUxDLdPAuiwqDT5Yy
N3QaeJ/j7iJkIc05AP/pJGOlFV05w4i+KW3Mjqed4HkNG/toHSfgmJ0e6s6tG5w8
oRvRaV2pZcZJZbxp+7ECMLAZXf3SBpQhsLGqMZs+uMeQMF9WtMT827IZMWbw
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:34 2024 by rpki-client on console-ams.rpki-client.org