Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e203134363138.roa
File: 326130343a623930373a3a2f34372d3437203d3e203134363138.roa (raw, json)
Hash identifier: kiuGzuHNQdHTLOxD2p+P2GExOFlCpeZDp3P9eAdOuYU=
Subject key identifier: FA:5D:23:05:19:E2:3B:EF:47:B7:74:04:54:5B:2D:BC:EA:78:EB:F3
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 78E833D257BB0568C715EC7BC4335F0F9F1CBBAB
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e203134363138.roa
Signing time: Mon 26 Jun 2023 19:47:00 +0000
ROA not before: Mon 26 Jun 2023 19:42:00 +0000
ROA not after: Mon 24 Jun 2024 19:47:00 +0000
asID: 14618
IP address blocks: 2a04:b907::/47 maxlen: 47
Validation: Failed, certificate revoked on Wed 13 Dec 2023 10:40:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:e8:33:d2:57:bb:05:68:c7:15:ec:7b:c4:33:5f:0f:9f:1c:bb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: Jun 26 19:42:00 2023 GMT
Not After : Jun 24 19:47:00 2024 GMT
Subject: CN=FA5D230519E23BEF47B77404545B2DBCEA78EBF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ab:d2:3b:b2:9e:11:38:80:ac:08:cc:34:f9:
0a:62:07:24:f1:f8:3b:22:e2:b0:bc:ca:cf:aa:41:
89:ec:1b:38:df:71:30:8c:c4:4f:be:4c:7e:a8:2e:
7b:0d:a4:8e:05:0e:24:77:0d:ce:fd:05:c5:69:c0:
49:65:9b:30:54:be:b0:df:bb:a2:93:98:86:44:bb:
2b:33:97:49:3c:b1:ec:c9:37:db:54:19:23:6e:0b:
40:17:96:ac:dd:27:ad:f7:72:cf:12:79:47:49:ee:
ca:37:fc:ac:01:b8:3c:f4:74:02:16:88:33:1a:07:
19:0a:28:e4:3a:71:51:aa:9a:9b:2e:bc:66:08:36:
d3:86:e8:13:96:cb:fd:3f:5c:11:7c:15:4f:f7:97:
1c:27:a2:82:d3:47:04:18:cc:c3:28:48:77:0a:21:
d0:31:41:68:16:75:69:0d:93:eb:68:00:68:b8:13:
40:82:34:f6:38:45:3b:c8:b9:09:85:ff:a8:fe:07:
0c:0f:bb:7f:09:99:b3:68:b2:3b:13:88:fe:49:af:
eb:d5:a4:10:c9:54:a9:55:d6:03:d5:1c:f9:36:b6:
73:5e:b0:f3:cd:dd:a4:23:77:5f:c0:3b:fa:b2:f1:
89:e2:5e:9e:e3:2e:8c:6c:33:13:bb:b0:f2:be:fa:
6d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5D:23:05:19:E2:3B:EF:47:B7:74:04:54:5B:2D:BC:EA:78:EB:F3
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b907::/47
Signature Algorithm: sha256WithRSAEncryption
6d:34:a8:97:50:40:ab:5a:49:83:8e:56:d4:a4:b4:80:ed:91:
ac:2d:4b:c6:96:65:83:e3:0a:6d:8f:ad:32:70:62:7e:60:1f:
03:ff:45:41:1c:fb:6d:77:31:eb:3f:a3:7c:67:80:3d:e2:df:
64:82:34:50:8a:45:ee:b9:2c:1a:6d:0e:84:b8:f3:76:ee:84:
3f:e9:df:38:3d:5b:f2:da:41:b5:71:8b:9f:e8:47:f3:b8:ee:
81:c5:1a:95:27:19:12:a7:b9:7e:30:07:4b:0f:22:d2:7b:61:
29:5a:0a:37:76:c8:62:6e:df:19:53:4b:eb:49:74:a9:8c:bd:
31:6e:74:d0:19:79:2e:3b:cf:95:5a:cd:56:c1:61:af:1a:c4:
d5:e6:2e:a6:01:d4:7c:45:2c:94:8a:ef:b0:7e:f3:b2:9f:06:
d8:a3:10:f9:26:d4:43:77:d8:9b:25:67:e3:07:e6:b0:74:18:
ac:18:8b:a5:b3:d1:13:04:1f:bd:07:0e:a1:a9:82:30:e8:e8:
e6:7c:3d:05:c7:e0:6d:e3:a1:6a:88:9f:df:0f:c0:51:ce:cb:
63:91:fb:fa:88:03:39:9f:84:be:54:a8:ec:33:9a:d6:6a:3d:
69:ea:69:d7:3f:f8:b7:fb:3f:d1:68:f9:d0:36:3c:55:4c:42:
ea:1f:f3:4a
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUeOgz0le7BWjHFex7xDNfD58cu6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yMzA2MjYxOTQyMDBaFw0yNDA2MjQxOTQ3MDBaMDMxMTAvBgNV
BAMTKEZBNUQyMzA1MTlFMjNCRUY0N0I3NzQwNDU0NUIyREJDRUE3OEVCRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfq9I7sp4ROICsCMw0+QpiByTx
+Dsi4rC8ys+qQYnsGzjfcTCMxE++TH6oLnsNpI4FDiR3Dc79BcVpwEllmzBUvrDf
u6KTmIZEuyszl0k8sezJN9tUGSNuC0AXlqzdJ633cs8SeUdJ7so3/KwBuDz0dAIW
iDMaBxkKKOQ6cVGqmpsuvGYINtOG6BOWy/0/XBF8FU/3lxwnooLTRwQYzMMoSHcK
IdAxQWgWdWkNk+toAGi4E0CCNPY4RTvIuQmF/6j+BwwPu38JmbNosjsTiP5Jr+vV
pBDJVKlV1gPVHPk2tnNesPPN3aQjd1/AO/qy8YniXp7jLoxsMxO7sPK++m15AgMB
AAGjggHjMIIB3zAdBgNVHQ4EFgQU+l0jBRniO+9Ht3QEVFstvOp46/MwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzczYTNhMmYzNDM3MmQzNDM3MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcBKgS5BwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBtNKiXUECrWkmDjlbUpLSA7ZGs
LUvGlmWD4wptj60ycGJ+YB8D/0VBHPttdzHrP6N8Z4A94t9kgjRQikXuuSwabQ6E
uPN27oQ/6d84PVvy2kG1cYuf6EfzuO6BxRqVJxkSp7l+MAdLDyLSe2EpWgo3dshi
bt8ZU0vrSXSpjL0xbnTQGXkuO8+VWs1WwWGvGsTV5i6mAdR8RSyUiu+wfvOynwbY
oxD5JtRDd9ibJWfjB+awdBisGIuls9ETBB+9Bw6hqYIw6OjmfD0Fx+Bt46FqiJ/f
D8BRzstjkfv6iAM5n4S+VKjsM5rWaj1p6mnXP/i3+z/RaPnQNjxVTELqH/NK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org