Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930363a3a2f34382d3438203d3e2030.roa
File: 326130343a623930363a3a2f34382d3438203d3e2030.roa (raw, json)
Hash identifier: 80ZUUnVLacxMd5C8rL2zeQpWYPULkPBlGGWxaUPjhF4=
Subject key identifier: 6F:0B:33:77:66:3D:2C:02:8A:09:85:90:C8:DB:B0:50:59:74:EC:FB
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 0759C8DDC0C8ED84216B955D7D5C24030930B0B9
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930363a3a2f34382d3438203d3e2030.roa
Signing time: Mon 26 Jun 2023 19:47:01 +0000
ROA not before: Mon 26 Jun 2023 19:42:01 +0000
ROA not after: Mon 24 Jun 2024 19:47:01 +0000
asID: 0
IP address blocks: 2a04:b906::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:59:c8:dd:c0:c8:ed:84:21:6b:95:5d:7d:5c:24:03:09:30:b0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:01 2023 GMT
Not After : Jun 24 19:47:01 2024 GMT
Subject: CN=6F0B3377663D2C028A098590C8DBB0505974ECFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:02:d7:05:3a:b4:1f:45:4a:07:34:69:96:e8:
85:29:48:66:8b:aa:a0:62:67:78:dd:ab:3f:a1:12:
f7:e3:13:18:d4:62:7a:f2:16:a0:8e:a4:66:ed:c3:
27:3f:09:c5:e8:20:3b:57:5d:fa:77:5f:ef:ec:86:
22:a2:b0:a9:0d:e9:1c:f4:41:e8:d3:c4:88:90:f0:
5c:56:d0:bb:c2:1d:53:3e:12:fe:5e:ba:1e:05:9b:
db:76:2f:d6:35:af:46:4a:c6:98:64:88:e5:03:74:
3d:8d:2c:2a:3f:e9:e2:c5:5e:38:45:0e:54:e1:ef:
e4:cb:48:a4:41:a4:73:fb:17:76:56:fc:ca:9b:ac:
e8:64:98:c7:56:33:c0:7b:9e:2f:e7:ca:28:37:0b:
76:37:95:c8:94:cd:78:39:8c:8d:71:77:9a:b5:46:
9f:f1:f0:f1:c0:24:a0:8d:c0:6a:25:71:76:e2:60:
99:cf:e0:4f:11:f8:84:a6:2c:77:4f:4f:4a:0f:f6:
e9:9e:68:a8:73:80:47:4c:9d:02:15:d0:2f:dd:73:
ec:f4:52:16:d6:4a:95:62:4b:f4:df:cf:12:5e:5e:
47:79:22:ab:a1:a1:99:3d:42:a7:ba:b9:6e:6f:84:
39:c8:c5:b3:14:21:92:67:c2:bf:89:aa:a3:ad:e2:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0B:33:77:66:3D:2C:02:8A:09:85:90:C8:DB:B0:50:59:74:EC:FB
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930363a3a2f34382d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b906::/48
Signature Algorithm: sha256WithRSAEncryption
65:c5:3c:d6:41:8a:25:ef:81:ff:c3:71:c1:21:ec:1e:b6:4e:
36:6e:7a:87:47:2b:1d:69:2e:46:39:29:c1:53:7f:93:e7:b3:
f1:46:98:9a:3d:df:58:e4:d1:cf:14:76:e5:40:33:e8:e9:0f:
08:bc:96:7c:24:71:32:75:db:09:8e:aa:de:c6:3d:80:a4:ee:
84:0c:1b:6f:38:6c:f4:1f:41:8f:27:f2:96:f6:42:40:94:2e:
b3:1b:ab:62:c1:73:41:8d:e0:c0:43:f3:40:32:04:c4:3e:c1:
5f:ec:ce:5d:ff:d9:1b:b9:f8:e4:c1:90:c3:61:35:ef:bb:21:
a2:e2:8c:b9:2b:b6:c2:58:ba:40:6a:97:13:42:c9:40:24:b7:
68:77:c8:04:a9:c1:0e:ce:b9:44:da:88:a4:75:76:3d:53:ec:
82:0c:c7:8f:8a:05:d1:29:55:8a:47:89:3c:d4:1b:4e:4c:af:
4b:d0:e5:71:a4:e9:ff:25:96:ad:14:8d:45:87:d0:aa:94:6c:
83:23:b2:1d:61:5c:b0:e0:21:65:97:a7:7b:cd:38:02:86:6b:
9e:ca:d9:0e:b2:55:d3:5b:c4:6d:ba:1b:6f:68:71:53:2f:6b:
2d:bc:46:7a:6f:69:91:2d:88:0a:dd:84:68:22:6a:29:68:cf:
51:cb:db:ca
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUB1nI3cDI7YQha5VdfVwkAwkwsLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDFaFw0yNDA2MjQxOTQ3MDFaMDMxMTAvBgNV
BAMTKDZGMEIzMzc3NjYzRDJDMDI4QTA5ODU5MEM4REJCMDUwNTk3NEVDRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbAtcFOrQfRUoHNGmW6IUpSGaL
qqBiZ3jdqz+hEvfjExjUYnryFqCOpGbtwyc/CcXoIDtXXfp3X+/shiKisKkN6Rz0
QejTxIiQ8FxW0LvCHVM+Ev5euh4Fm9t2L9Y1r0ZKxphkiOUDdD2NLCo/6eLFXjhF
DlTh7+TLSKRBpHP7F3ZW/MqbrOhkmMdWM8B7ni/nyig3C3Y3lciUzXg5jI1xd5q1
Rp/x8PHAJKCNwGolcXbiYJnP4E8R+ISmLHdPT0oP9umeaKhzgEdMnQIV0C/dc+z0
UhbWSpViS/TfzxJeXkd5IquhoZk9Qqe6uW5vhDnIxbMUIZJnwr+JqqOt4pVrAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUbwszd2Y9LAKKCYWQyNuwUFl07PswHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB3BggrBgEFBQcBCwRrMGkwZwYIKwYBBQUHMAuGW3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzYzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEuQYA
ADANBgkqhkiG9w0BAQsFAAOCAQEAZcU81kGKJe+B/8NxwSHsHrZONm56h0crHWku
RjkpwVN/k+ez8UaYmj3fWOTRzxR25UAz6OkPCLyWfCRxMnXbCY6q3sY9gKTuhAwb
bzhs9B9BjyfylvZCQJQusxurYsFzQY3gwEPzQDIExD7BX+zOXf/ZG7n45MGQw2E1
77shouKMuSu2wli6QGqXE0LJQCS3aHfIBKnBDs65RNqIpHV2PVPsggzHj4oF0SlV
ikeJPNQbTkyvS9DlcaTp/yWWrRSNRYfQqpRsgyOyHWFcsOAhZZene804AoZrnsrZ
DrJV01vEbbobb2hxUy9rLbxGem9pkS2ICt2EaCJqKWjPUcvbyg==
-----END CERTIFICATE-----
Generated at Fri Apr 19 14:35:11 2024 by rpki-client on console-fra.rpki-client.org