Route Origin Authorization
$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34382d3438203d3e2030.roa
File: 326130343a623930373a3a2f34382d3438203d3e2030.roa (raw, json)
Hash identifier: 1q2TA9Ws/R5JE5uOmwwwCoRVkc8OHlVVHaxeWJ2op98=
Subject key identifier: F4:C1:8E:C4:F3:7B:BF:1D:90:27:D1:B8:BE:BE:89:81:6A:4A:17:43
Certificate issuer: /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial: 4AE50DCDEE7619545A91FB7302478767CAEDA048
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access: rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34382d3438203d3e2030.roa
Signing time: Mon 27 May 2024 20:11:44 +0000
ROA not before: Mon 27 May 2024 20:06:44 +0000
ROA not after: Mon 26 May 2025 20:11:44 +0000
asID: 0
IP address blocks: 2a04:b907::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:e5:0d:cd:ee:76:19:54:5a:91:fb:73:02:47:87:67:ca:ed:a0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Validity
Not Before: May 27 20:06:44 2024 GMT
Not After : May 26 20:11:44 2025 GMT
Subject: CN=F4C18EC4F37BBF1D9027D1B8BEBE89816A4A1743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fb:47:40:31:d2:c1:92:94:a3:da:fd:a5:02:
ef:b0:a8:cf:99:7a:74:fc:5e:b5:9d:55:f5:fa:46:
7e:f1:61:46:ec:32:34:3d:ae:40:1e:91:1b:b9:5b:
00:b3:bf:f3:8d:d5:b6:c5:51:c2:75:9d:9f:c1:45:
cc:7b:cb:16:aa:4a:33:4a:68:7a:56:db:e5:26:d3:
fd:7e:45:ec:02:b4:dd:49:74:37:d5:6e:5c:c0:04:
48:d2:97:34:62:06:4b:aa:04:c6:e9:1c:ae:85:2a:
50:37:94:dd:ed:e3:c9:b9:1c:29:37:78:9f:1d:e9:
4b:80:23:64:1e:7c:c7:4b:e5:e6:ce:9c:9c:d0:39:
cd:34:5b:ba:7a:2d:04:f7:39:6b:1b:1e:1c:97:72:
f0:b3:17:82:b9:d9:84:b0:2b:40:99:e5:3a:ae:36:
7b:3d:2b:ae:0e:b8:df:53:f3:98:f1:58:c4:93:ec:
42:4b:f1:ee:23:e7:79:1f:40:16:7b:9e:7d:43:f5:
79:e6:cd:04:03:85:d2:61:69:25:09:c7:cf:e1:e8:
c6:e4:0c:e4:c5:f4:cf:a0:6f:80:c7:3b:8f:be:ba:
11:ce:76:41:2e:d8:f3:98:50:c5:27:ae:77:d6:0f:
e9:87:e8:65:89:c5:63:1d:e2:6d:fa:17:eb:30:42:
0f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C1:8E:C4:F3:7B:BF:1D:90:27:D1:B8:BE:BE:89:81:6A:4A:17:43
X509v3 Authority Key Identifier:
keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34382d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b907::/48
Signature Algorithm: sha256WithRSAEncryption
35:47:f1:70:17:82:bb:f2:32:34:71:f7:d0:1b:c6:59:07:1d:
96:9a:4d:78:3b:cd:25:2c:d7:00:51:ab:6a:db:43:01:b2:11:
0d:e3:c9:ae:18:2a:08:70:f9:1c:ff:c8:d5:6e:29:91:f1:9a:
16:6f:75:4e:fd:f2:4e:6a:9b:a0:bd:bb:07:9e:b0:96:48:fa:
6e:51:8e:36:b8:8b:aa:16:7d:4f:bd:79:74:3c:67:55:d8:1d:
fb:b1:45:5b:69:65:e1:ff:cd:cc:0e:3e:73:02:27:d7:8e:71:
69:82:d2:a5:3c:4b:b5:e4:8f:d9:ba:40:7e:0f:15:62:7f:b7:
15:dc:f7:1a:60:fc:87:05:39:69:34:d6:4c:09:8b:f7:21:84:
bf:7a:eb:f3:19:ef:71:9e:cb:4b:42:84:d1:1f:7e:af:8d:48:
f3:68:d8:a7:55:43:fc:89:49:30:80:3a:d8:35:92:c3:5a:ef:
1f:3b:0b:58:c2:1d:b3:6e:d4:e0:bd:56:18:a8:6f:d3:4c:71:
c7:7f:bd:65:3d:f6:ad:f6:4f:3c:46:4f:00:73:06:78:83:a7:
27:e0:91:d0:b9:ba:74:53:89:ba:04:cc:55:a1:58:34:cd:c0:
28:5c:ae:90:56:39:66:4e:77:f9:32:3b:42:38:0a:24:3b:58:
20:65:0a:02
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUSuUNze52GVRakftzAkeHZ8rtoEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDRaFw0yNTA1MjYyMDExNDRaMDMxMTAvBgNV
BAMTKEY0QzE4RUM0RjM3QkJGMUQ5MDI3RDFCOEJFQkU4OTgxNkE0QTE3NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW+0dAMdLBkpSj2v2lAu+wqM+Z
enT8XrWdVfX6Rn7xYUbsMjQ9rkAekRu5WwCzv/ON1bbFUcJ1nZ/BRcx7yxaqSjNK
aHpW2+Um0/1+RewCtN1JdDfVblzABEjSlzRiBkuqBMbpHK6FKlA3lN3t48m5HCk3
eJ8d6UuAI2QefMdL5ebOnJzQOc00W7p6LQT3OWsbHhyXcvCzF4K52YSwK0CZ5Tqu
Nns9K64OuN9T85jxWMST7EJL8e4j53kfQBZ7nn1D9XnmzQQDhdJhaSUJx8/h6Mbk
DOTF9M+gb4DHO4++uhHOdkEu2POYUMUnrnfWD+mH6GWJxWMd4m36F+swQg9LAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQU9MGOxPN7vx2QJ9G4vr6JgWpKF0MwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjB3BggrBgEFBQcBCwRrMGkwZwYIKwYBBQUHMAuGW3JzeW5jOi8v
cnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5ldGxhYnMvMS8zMjYxMzAzNDNhNjIz
OTMwMzczYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEuQcA
ADANBgkqhkiG9w0BAQsFAAOCAQEANUfxcBeCu/IyNHH30BvGWQcdlppNeDvNJSzX
AFGrattDAbIRDePJrhgqCHD5HP/I1W4pkfGaFm91Tv3yTmqboL27B56wlkj6blGO
NriLqhZ9T715dDxnVdgd+7FFW2ll4f/NzA4+cwIn145xaYLSpTxLteSP2bpAfg8V
Yn+3Fdz3GmD8hwU5aTTWTAmL9yGEv3rr8xnvcZ7LS0KE0R9+r41I82jYp1VD/IlJ
MIA62DWSw1rvHzsLWMIds27U4L1WGKhv00xxx3+9ZT32rfZPPEZPAHMGeIOnJ+CR
0Lm6dFOJugTMVaFYNM3AKFyukFY5Zk53+TI7QjgKJDtYIGUKAg==
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:34 2024 by rpki-client on console-ams.rpki-client.org