Route Origin Authorization
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3332203d3e2038353837.roa
File: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (raw, json)
Hash identifier: /gK7sT8vO6oSb1xKhSKHO77+weY6Y7CXtqogLjBhWSo=
Subject key identifier: 9A:B5:8C:B8:DC:0D:6F:D0:9D:A1:E7:24:A6:31:3E:10:00:15:4B:F0
Certificate issuer: /CN=7aca2b768def8bb9544468ed5f726256c364336e
Certificate serial: 50FE627944A9600A9D7614290A423887AA4EFE49
Authority key identifier: 7A:CA:2B:76:8D:EF:8B:B9:54:44:68:ED:5F:72:62:56:C3:64:33:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/esordo3vi7lURGjtX3JiVsNkM24.cer
Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3332203d3e2038353837.roa
Signing time: Mon 10 Jun 2024 13:29:14 +0000
ROA not before: Mon 10 Jun 2024 13:24:14 +0000
ROA not after: Mon 09 Jun 2025 13:29:14 +0000
asID: 8587
IP address blocks: 2a04:b900::/30 maxlen: 32
Validation: OK
Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/7ACA2B768DEF8BB9544468ED5F726256C364336E.crl
rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/7ACA2B768DEF8BB9544468ED5F726256C364336E.mft
rsync://rpki.ripe.net/repository/DEFAULT/esordo3vi7lURGjtX3JiVsNkM24.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:fe:62:79:44:a9:60:0a:9d:76:14:29:0a:42:38:87:aa:4e:fe:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aca2b768def8bb9544468ed5f726256c364336e
Validity
Not Before: Jun 10 13:24:14 2024 GMT
Not After : Jun 9 13:29:14 2025 GMT
Subject: CN=9AB58CB8DC0D6FD09DA1E724A6313E1000154BF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:2c:a8:64:1e:65:c0:4d:05:96:9d:e4:44:
51:cd:76:62:ab:88:65:2b:4b:d2:78:ad:30:16:74:
02:0e:ee:ae:02:7e:e5:4f:0d:2f:10:f6:fa:4f:66:
bf:58:50:8f:0e:6c:64:a8:52:48:c8:6e:b1:ee:57:
f9:f2:47:30:4e:69:6c:01:ef:a6:39:ad:3a:8a:9b:
ef:53:02:7c:5c:76:b9:51:93:32:79:9a:63:8d:0b:
71:dd:df:e6:16:db:64:d1:f4:95:61:7a:d4:ef:7c:
d4:0d:c8:54:60:ea:44:9e:b6:90:4d:25:36:ac:c3:
2a:79:6c:3a:06:d9:78:0a:79:a8:7b:4a:58:1d:a0:
5b:9d:b2:f4:ff:af:cd:fb:26:83:41:76:2d:52:33:
57:38:ff:ea:8b:aa:2b:39:22:9a:35:dc:32:82:df:
c8:07:85:b3:cd:b8:51:f8:fc:9d:69:e3:5d:60:27:
12:34:ef:fc:7c:9e:1c:74:a3:62:f1:44:bd:97:83:
6e:05:11:57:c8:53:82:3a:76:9c:e8:50:43:dc:5e:
83:c3:26:3b:de:30:35:ee:16:73:b6:0e:b6:58:6a:
d3:9a:3e:64:58:aa:34:e2:9c:2a:49:1f:29:20:9b:
03:77:70:fa:63:71:d9:7c:29:be:b0:d5:72:2b:30:
34:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B5:8C:B8:DC:0D:6F:D0:9D:A1:E7:24:A6:31:3E:10:00:15:4B:F0
X509v3 Authority Key Identifier:
keyid:7A:CA:2B:76:8D:EF:8B:B9:54:44:68:ED:5F:72:62:56:C3:64:33:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/7ACA2B768DEF8BB9544468ED5F726256C364336E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/esordo3vi7lURGjtX3JiVsNkM24.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/326130343a623930303a3a2f33302d3332203d3e2038353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b900::/30
Signature Algorithm: sha256WithRSAEncryption
58:c1:df:32:76:ce:50:67:26:2a:50:8e:b4:7c:7e:b2:10:16:
c1:81:31:2c:c8:36:10:1a:77:25:64:2f:a6:e0:be:b2:99:2d:
17:10:0d:5d:e3:11:44:ab:80:a0:41:85:da:4f:95:94:ae:3e:
2b:84:7c:8f:6a:9c:77:d3:35:89:fd:8c:4a:76:07:f4:b3:79:
95:23:d1:ef:66:d6:08:88:05:78:7d:a2:e0:bc:b3:28:f2:a0:
59:d0:8a:46:eb:6d:90:e1:df:a6:76:fe:ab:2a:b7:bb:16:45:
83:0d:82:f4:f4:3f:d2:bb:b6:e2:83:1b:ec:78:ee:51:09:03:
02:50:2d:95:27:96:46:e6:a9:dc:1a:4d:0c:84:b7:37:1e:ff:
be:d3:e0:b3:33:ca:b0:ca:ad:5b:ff:61:94:19:39:f7:00:8a:
2f:03:01:c7:a6:c0:80:69:69:e2:3a:bf:5d:0f:b5:bc:87:55:
9f:66:e4:a8:d8:13:1d:3f:a8:c4:17:8f:26:5e:cc:3b:a5:6d:
39:12:9e:27:f6:cc:c6:28:cb:ce:55:4b:4a:24:5b:90:b5:21:
1e:39:9b:f5:af:02:eb:ce:c6:7f:a1:0a:c7:84:6a:02:d4:b3:
8e:c2:29:4a:32:80:54:46:bd:86:dd:94:8f:db:25:f1:44:14:
b0:0f:eb:29
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUUP5ieUSpYAqddhQpCkI4h6pO/kkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FjYTJiNzY4ZGVmOGJiOTU0NDQ2OGVkNWY3MjYyNTZj
MzY0MzM2ZTAeFw0yNDA2MTAxMzI0MTRaFw0yNTA2MDkxMzI5MTRaMDMxMTAvBgNV
BAMTKDlBQjU4Q0I4REMwRDZGRDA5REExRTcyNEE2MzEzRTEwMDAxNTRCRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYyiyoZB5lwE0Flp3kRFHNdmKr
iGUrS9J4rTAWdAIO7q4CfuVPDS8Q9vpPZr9YUI8ObGSoUkjIbrHuV/nyRzBOaWwB
76Y5rTqKm+9TAnxcdrlRkzJ5mmONC3Hd3+YW22TR9JVhetTvfNQNyFRg6kSetpBN
JTaswyp5bDoG2XgKeah7SlgdoFudsvT/r837JoNBdi1SM1c4/+qLqis5Ipo13DKC
38gHhbPNuFH4/J1p411gJxI07/x8nhx0o2LxRL2Xg24FEVfIU4I6dpzoUEPcXoPD
JjveMDXuFnO2DrZYatOaPmRYqjTinCpJHykgmwN3cPpjcdl8Kb6w1XIrMDSZAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUmrWMuNwNb9CdoeckpjE+EAAVS/AwHwYDVR0j
BBgwFoAUesordo3vi7lURGjtX3JiVsNkM24wDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl
cG8vbmxuZXRsYWJzLzEvN0FDQTJCNzY4REVGOEJCOTU0NDQ2OEVENUY3MjYyNTZD
MzY0MzM2RS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vzb3JkbzN2aTdsVVJH
anRYM0ppVnNOa00yNC5jZXIwgYQGCCsGAQUFBwELBHgwdjB0BggrBgEFBQcwC4Zo
cnN5bmM6Ly9yc3luYy5rcmlsbC5ubG5ldGxhYnMubmwvcmVwby9ubG5ldGxhYnMv
MS8zMjYxMzAzNDNhNjIzOTMwMzAzYTNhMmYzMzMwMmQzMzMyMjAzZDNlMjAzODM1
MzgzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFAioEuQAwDQYJKoZIhvcNAQELBQADggEBAFjB3zJ2zlBn
JipQjrR8frIQFsGBMSzINhAadyVkL6bgvrKZLRcQDV3jEUSrgKBBhdpPlZSuPiuE
fI9qnHfTNYn9jEp2B/SzeZUj0e9m1giIBXh9ouC8syjyoFnQikbrbZDh36Z2/qsq
t7sWRYMNgvT0P9K7tuKDG+x47lEJAwJQLZUnlkbmqdwaTQyEtzce/77T4LMzyrDK
rVv/YZQZOfcAii8DAcemwIBpaeI6v10PtbyHVZ9m5KjYEx0/qMQXjyZezDulbTkS
nif2zMYoy85VS0okW5C1IR45m/WvAuvOxn+hCseEagLUs47CKUoygFRGvYbdlI/b
JfFEFLAP6yk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:42 2024 by rpki-client on console-fra.rpki-client.org