Route Origin Authorization
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/0/3138352e34392e3134302e302f32332d3233203d3e2038353837.roa
File: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (raw, json)
Hash identifier: iophDwDgs9y+WYPAPaxOT+D0RgjlxHssciwTI2lGWd8=
Subject key identifier: BA:17:1C:BA:C8:FC:F5:73:F0:DC:31:3B:EC:82:FF:F7:B2:91:F5:CA
Certificate issuer: /CN=be74d3bba33a0916f10207854a8fc2b7d4a828d4
Certificate serial: 2645B7DA0AC19CFD1F879FC9212F45A31CF0F3F1
Authority key identifier: BE:74:D3:BB:A3:3A:09:16:F1:02:07:85:4A:8F:C2:B7:D4:A8:28:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnTTu6M6CRbxAgeFSo_Ct9SoKNQ.cer
Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/0/3138352e34392e3134302e302f32332d3233203d3e2038353837.roa
Signing time: Mon 10 Jun 2024 10:21:27 +0000
ROA not before: Mon 10 Jun 2024 10:16:27 +0000
ROA not after: Mon 09 Jun 2025 10:21:27 +0000
asID: 8587
IP address blocks: 185.49.140.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:45:b7:da:0a:c1:9c:fd:1f:87:9f:c9:21:2f:45:a3:1c:f0:f3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be74d3bba33a0916f10207854a8fc2b7d4a828d4
Validity
Not Before: Jun 10 10:16:27 2024 GMT
Not After : Jun 9 10:21:27 2025 GMT
Subject: CN=BA171CBAC8FCF573F0DC313BEC82FFF7B291F5CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cf:bc:af:59:63:39:3b:62:f5:55:79:9d:ac:
3e:21:e8:a3:56:15:83:44:29:13:f2:8d:d6:4c:ac:
35:77:3c:1b:b3:26:46:a9:93:a3:0b:bd:6b:a7:3c:
20:fc:ed:b6:d4:f3:5e:ba:12:9e:b3:f0:9d:63:59:
7e:3e:fd:49:48:0b:c3:04:a8:ad:71:b4:13:4e:15:
9b:99:01:f6:76:58:57:93:b2:58:5f:5b:95:a8:18:
44:a9:a3:1b:2b:8e:ff:d3:4c:8d:18:66:3a:14:a7:
e5:50:fe:12:34:09:75:11:82:25:1c:c1:c5:51:7b:
2a:31:25:bb:35:1f:89:4a:2e:6a:49:2d:ff:f4:3e:
31:fa:60:0f:79:65:ef:ba:d7:11:e8:62:c9:44:ba:
f8:4d:06:d4:31:16:c4:f2:1a:ac:91:d0:b9:4f:8c:
db:8d:6e:98:f3:4b:dd:43:2e:e2:09:a9:de:71:cd:
83:c0:ca:cb:31:01:2a:62:1b:f0:48:87:ef:10:30:
db:9f:80:48:3c:1a:73:d5:b9:58:2c:99:9e:ac:aa:
c4:e3:6d:96:42:38:3b:3a:93:09:8e:2b:e9:e3:36:
b1:8a:c2:07:51:48:b0:34:b9:82:e1:1e:d2:53:a6:
88:b0:bf:47:e0:e1:75:87:4d:57:1a:b5:f8:dc:da:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:17:1C:BA:C8:FC:F5:73:F0:DC:31:3B:EC:82:FF:F7:B2:91:F5:CA
X509v3 Authority Key Identifier:
keyid:BE:74:D3:BB:A3:3A:09:16:F1:02:07:85:4A:8F:C2:B7:D4:A8:28:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/0/BE74D3BBA33A0916F10207854A8FC2B7D4A828D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnTTu6M6CRbxAgeFSo_Ct9SoKNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/0/3138352e34392e3134302e302f32332d3233203d3e2038353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.140.0/23
Signature Algorithm: sha256WithRSAEncryption
59:7d:a6:f9:c3:e7:99:6d:b1:ca:be:ae:36:e7:8a:10:47:75:
cb:d4:00:51:1e:7e:57:51:08:94:f6:3f:9d:e8:7b:fc:0c:bd:
78:e5:27:dc:78:84:d1:be:86:20:db:f2:c6:3a:11:60:45:10:
a8:81:46:51:d5:04:92:0e:b4:5c:35:2c:94:54:93:b8:18:82:
4a:89:e6:59:eb:86:71:03:a5:fe:31:9e:43:b5:93:9f:e9:e7:
96:56:55:67:ed:71:ba:73:d4:3d:ce:92:a9:a2:24:7c:7f:c5:
2b:eb:5c:b8:a6:a8:42:e7:fa:db:4a:c8:f7:d2:0a:5d:24:49:
82:35:68:31:37:eb:bc:14:4f:bb:f2:3c:72:e9:2f:b9:6b:b8:
bd:b9:a2:93:37:2f:ef:29:b0:f1:7f:5b:aa:ac:02:2d:84:5c:
5c:f6:67:a7:75:da:b8:df:c7:7c:74:61:f6:e1:ad:43:f3:dc:
eb:ee:38:d7:18:07:bc:3a:fe:28:b2:f8:36:01:9c:fc:17:50:
12:fd:26:30:95:83:04:8c:ca:55:82:19:50:fd:8f:4f:3e:3c:
82:a0:0d:a6:c7:46:51:71:2e:9e:bc:70:43:03:b9:12:12:3b:
cf:65:d8:4d:04:1f:69:58:7e:81:50:71:11:ba:8a:e0:18:92:
c2:20:ab:c7
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUJkW32grBnP0fh5/JIS9Foxzw8/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmU3NGQzYmJhMzNhMDkxNmYxMDIwNzg1NGE4ZmMyYjdk
NGE4MjhkNDAeFw0yNDA2MTAxMDE2MjdaFw0yNTA2MDkxMDIxMjdaMDMxMTAvBgNV
BAMTKEJBMTcxQ0JBQzhGQ0Y1NzNGMERDMzEzQkVDODJGRkY3QjI5MUY1Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYz7yvWWM5O2L1VXmdrD4h6KNW
FYNEKRPyjdZMrDV3PBuzJkapk6MLvWunPCD87bbU8166Ep6z8J1jWX4+/UlIC8ME
qK1xtBNOFZuZAfZ2WFeTslhfW5WoGESpoxsrjv/TTI0YZjoUp+VQ/hI0CXURgiUc
wcVReyoxJbs1H4lKLmpJLf/0PjH6YA95Ze+61xHoYslEuvhNBtQxFsTyGqyR0LlP
jNuNbpjzS91DLuIJqd5xzYPAyssxASpiG/BIh+8QMNufgEg8GnPVuVgsmZ6sqsTj
bZZCODs6kwmOK+njNrGKwgdRSLA0uYLhHtJTpoiwv0fg4XWHTVcatfjc2hTlAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUuhccusj89XPw3DE77IL/97KR9cowHwYDVR0j
BBgwFoAUvnTTu6M6CRbxAgeFSo/Ct9SoKNQwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl
cG8vbmxuZXRsYWJzLzAvQkU3NEQzQkJBMzNBMDkxNkYxMDIwNzg1NEE4RkMyQjdE
NEE4MjhENC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZuVFR1Nk02Q1JieEFn
ZUZTb19DdDlTb0tOUS5jZXIwgYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4Zq
cnN5bmM6Ly9yc3luYy5rcmlsbC5ubG5ldGxhYnMubmwvcmVwby9ubG5ldGxhYnMv
MC8zMTM4MzUyZTM0MzkyZTMxMzQzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM4
MzUzODM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBuTGMMA0GCSqGSIb3DQEBCwUAA4IBAQBZfab5w+eZ
bbHKvq4254oQR3XL1ABRHn5XUQiU9j+d6Hv8DL145SfceITRvoYg2/LGOhFgRRCo
gUZR1QSSDrRcNSyUVJO4GIJKieZZ64ZxA6X+MZ5DtZOf6eeWVlVn7XG6c9Q9zpKp
oiR8f8Ur61y4pqhC5/rbSsj30gpdJEmCNWgxN+u8FE+78jxy6S+5a7i9uaKTNy/v
KbDxf1uqrAIthFxc9menddq438d8dGH24a1D89zr7jjXGAe8Ov4osvg2AZz8F1AS
/SYwlYMEjMpVghlQ/Y9PPjyCoA2mx0ZRcS6evHBDA7kSEjvPZdhNBB9pWH6BUHER
uorgGJLCIKvH
-----END CERTIFICATE-----
Generated at Sun Jun 15 23:54:54 2025 by rpki-client