Route Origin Authorization
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203136353039.roa
File: 326130343a623930323a3a2f33322d3332203d3e203136353039.roa (raw, json)
Hash identifier: BtzWot/6Bw3wLqoZEXk0+lvLP3VLGRLwtRFU2e5GCGA=
Subject key identifier: 21:FF:4B:8E:86:D0:C5:A6:12:88:89:FE:FB:FB:3C:E4:77:A8:87:DE
Certificate issuer: /CN=7aca2b768def8bb9544468ed5f726256c364336e
Certificate serial: 21F9FE5FB1D24D62BF4002826B65A106F39683B0
Authority key identifier: 7A:CA:2B:76:8D:EF:8B:B9:54:44:68:ED:5F:72:62:56:C3:64:33:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/esordo3vi7lURGjtX3JiVsNkM24.cer
Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203136353039.roa
Signing time: Mon 10 Jun 2024 13:29:12 +0000
ROA not before: Mon 10 Jun 2024 13:24:12 +0000
ROA not after: Mon 09 Jun 2025 13:29:12 +0000
asID: 16509
IP address blocks: 2a04:b902::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Nov 2024 15:09:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:f9:fe:5f:b1:d2:4d:62:bf:40:02:82:6b:65:a1:06:f3:96:83:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aca2b768def8bb9544468ed5f726256c364336e
Validity
Not Before: Jun 10 13:24:12 2024 GMT
Not After : Jun 9 13:29:12 2025 GMT
Subject: CN=21FF4B8E86D0C5A6128889FEFBFB3CE477A887DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:62:1b:57:38:8b:57:f4:b9:23:5a:0e:13:52:
aa:93:7e:38:e0:97:50:6e:5a:99:50:26:9e:6b:75:
f4:bd:f9:a7:48:d7:17:d1:a7:5c:9d:25:91:05:8c:
15:d7:a6:eb:cb:5f:ea:a0:89:df:18:20:60:90:e0:
aa:96:fd:6f:56:38:77:ba:a2:28:51:73:e8:f0:7d:
87:48:49:2a:e3:7b:d6:8c:db:af:c6:2c:f3:e7:33:
30:c4:99:d2:06:75:5d:da:42:ad:02:88:de:0b:6d:
af:af:1c:1d:bb:43:89:ea:a5:5b:f9:c2:35:c2:80:
a0:92:b3:6f:f2:d5:b3:43:1d:61:02:51:8e:b2:79:
93:d6:61:e1:4f:4c:75:7d:b1:5b:d4:b3:18:13:cc:
71:2c:59:58:e2:03:54:42:4c:b0:40:c2:de:42:3f:
1d:20:2d:e2:2a:5e:74:99:8f:f1:83:5f:02:d2:e3:
d2:3c:1f:c1:b7:e7:d6:96:90:25:fb:1c:21:45:bb:
54:8d:9f:a6:cd:ea:9b:f9:51:b8:ba:73:26:b4:d4:
0b:f7:70:92:be:0d:f7:18:39:68:9b:45:c0:4b:c2:
2e:87:90:98:2a:27:32:1b:f3:c5:b8:a3:60:e7:91:
04:44:1a:f2:71:ab:2d:03:5f:1a:32:e3:82:d7:e9:
6c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FF:4B:8E:86:D0:C5:A6:12:88:89:FE:FB:FB:3C:E4:77:A8:87:DE
X509v3 Authority Key Identifier:
keyid:7A:CA:2B:76:8D:EF:8B:B9:54:44:68:ED:5F:72:62:56:C3:64:33:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/7ACA2B768DEF8BB9544468ED5F726256C364336E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/esordo3vi7lURGjtX3JiVsNkM24.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/326130343a623930323a3a2f33322d3332203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:b902::/32
Signature Algorithm: sha256WithRSAEncryption
28:f5:72:b2:cb:ff:c4:38:9c:a3:f7:cb:37:2d:99:90:ae:73:
b0:e8:80:b2:cb:ef:6b:6a:07:9d:ef:58:7a:e7:24:14:e4:e7:
9b:6f:57:6f:64:0b:ba:7a:6c:3d:93:87:37:d1:aa:3a:5e:c3:
44:df:71:f0:92:e4:a1:5a:38:e8:00:c5:86:7a:59:07:13:e9:
6e:a0:06:85:73:32:f4:0d:9b:19:a4:de:8f:a7:3f:68:1e:ca:
a5:28:a8:18:73:f6:f6:ee:8a:64:4c:72:92:0c:de:06:7f:ec:
bc:d2:1a:5f:b1:46:78:5f:5e:c2:00:87:dc:ef:c2:94:dd:b8:
c7:6d:fc:79:df:16:d0:07:70:08:69:1a:6f:10:f4:3c:74:53:
20:31:c1:84:7d:aa:2c:a6:7a:b5:05:ee:f1:0f:70:fe:40:2b:
8a:05:d1:de:bc:f2:b9:b8:50:ad:3d:3e:0c:e4:bc:64:c5:60:
af:9a:26:d5:ee:77:14:f0:f6:da:08:5e:35:dc:39:19:81:6b:
0e:fd:a6:c4:ca:2e:49:7f:53:6a:ee:7c:76:ea:02:36:de:a2:
fa:c8:ba:26:13:fd:9d:8b:5e:fe:5c:7d:cb:9b:89:e4:6e:3b:
c6:dd:d3:e2:ed:18:39:a9:aa:89:80:a6:f2:a9:e3:b3:0a:59:
36:6f:de:79
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUIfn+X7HSTWK/QAKCa2WhBvOWg7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FjYTJiNzY4ZGVmOGJiOTU0NDQ2OGVkNWY3MjYyNTZj
MzY0MzM2ZTAeFw0yNDA2MTAxMzI0MTJaFw0yNTA2MDkxMzI5MTJaMDMxMTAvBgNV
BAMTKDIxRkY0QjhFODZEMEM1QTYxMjg4ODlGRUZCRkIzQ0U0NzdBODg3REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCYhtXOItX9LkjWg4TUqqTfjjg
l1BuWplQJp5rdfS9+adI1xfRp1ydJZEFjBXXpuvLX+qgid8YIGCQ4KqW/W9WOHe6
oihRc+jwfYdISSrje9aM26/GLPPnMzDEmdIGdV3aQq0CiN4Lba+vHB27Q4nqpVv5
wjXCgKCSs2/y1bNDHWECUY6yeZPWYeFPTHV9sVvUsxgTzHEsWVjiA1RCTLBAwt5C
Px0gLeIqXnSZj/GDXwLS49I8H8G359aWkCX7HCFFu1SNn6bN6pv5Ubi6cya01Av3
cJK+DfcYOWibRcBLwi6HkJgqJzIb88W4o2DnkQREGvJxqy0DXxoy44LX6WyVAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUIf9LjobQxaYSiIn++/s85Heoh94wHwYDVR0j
BBgwFoAUesordo3vi7lURGjtX3JiVsNkM24wDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl
cG8vbmxuZXRsYWJzLzEvN0FDQTJCNzY4REVGOEJCOTU0NDQ2OEVENUY3MjYyNTZD
MzY0MzM2RS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vzb3JkbzN2aTdsVVJH
anRYM0ppVnNOa00yNC5jZXIwgYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4Zq
cnN5bmM6Ly9yc3luYy5rcmlsbC5ubG5ldGxhYnMubmwvcmVwby9ubG5ldGxhYnMv
MS8zMjYxMzAzNDNhNjIzOTMwMzIzYTNhMmYzMzMyMmQzMzMyMjAzZDNlMjAzMTM2
MzUzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKgS5AjANBgkqhkiG9w0BAQsFAAOCAQEAKPVyssv/
xDico/fLNy2ZkK5zsOiAssvva2oHne9YeuckFOTnm29Xb2QLunpsPZOHN9GqOl7D
RN9x8JLkoVo46ADFhnpZBxPpbqAGhXMy9A2bGaTej6c/aB7KpSioGHP29u6KZExy
kgzeBn/svNIaX7FGeF9ewgCH3O/ClN24x238ed8W0AdwCGkabxD0PHRTIDHBhH2q
LKZ6tQXu8Q9w/kArigXR3rzyubhQrT0+DOS8ZMVgr5om1e53FPD22gheNdw5GYFr
Dv2mxMouSX9Tau58duoCNt6i+si6JhP9nYte/lx9y5uJ5G47xt3T4u0YOamqiYCm
8qnjswpZNm/eeQ==
-----END CERTIFICATE-----
Generated at Fri Nov 8 18:02:45 2024 by rpki-client on console-fra.rpki-client.org