Route Origin Authorization
$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139312e302f32342d3234203d3e2033393730.roa
File: 34352e3133322e3139312e302f32342d3234203d3e2033393730.roa (raw, json)
Hash identifier: 6hky/cGOCAMsP6BNYJQzejl4+oZCjlePt/+LSM3Nai8=
Subject key identifier: CF:CB:D6:6E:EC:F2:BC:1C:41:BE:FE:C3:EB:CE:A3:58:9E:73:52:20
Certificate issuer: /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial: 76A287223B97660FCF7D1AA524E5311C40F3CAC4
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access: rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139312e302f32342d3234203d3e2033393730.roa
Signing time: Mon 17 Feb 2025 18:53:58 +0000
ROA not before: Mon 17 Feb 2025 18:48:58 +0000
ROA not after: Mon 16 Feb 2026 18:53:58 +0000
asID: 3970
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 02:53:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:a2:87:22:3b:97:66:0f:cf:7d:1a:a5:24:e5:31:1c:40:f3:ca:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
Validity
Not Before: Feb 17 18:48:58 2025 GMT
Not After : Feb 16 18:53:58 2026 GMT
Subject: CN=CFCBD66EECF2BC1C41BEFEC3EBCEA3589E735220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a2:30:58:53:24:1a:44:63:40:9b:4b:b8:99:
f0:38:ad:8a:26:e3:97:75:67:1d:d3:f6:ac:06:05:
3c:5f:f7:e6:70:99:a9:91:86:7c:c6:6b:54:01:e9:
5c:66:fa:2e:3c:4a:5f:08:a2:0a:54:9b:61:43:37:
7f:e7:e1:75:e7:38:45:e4:2c:ff:df:84:fe:f1:3e:
f3:48:9c:e3:fd:4f:31:7d:0c:bf:81:74:29:04:79:
3f:13:7a:5f:6f:81:78:b6:3d:9f:87:6f:54:f6:28:
83:7f:54:a7:49:bd:cc:58:15:53:e3:06:5a:97:99:
42:c1:7a:4b:08:51:55:15:41:be:6c:16:be:58:05:
a5:26:2a:e2:51:1f:a0:27:bd:2e:c8:87:14:29:72:
96:49:ad:33:ff:37:00:78:6e:21:5a:96:de:a8:56:
35:a4:1b:f0:9d:71:cc:64:7e:54:4b:8b:86:47:5c:
84:75:83:41:ae:db:2a:67:44:c0:f0:97:82:49:e1:
4e:d3:17:93:aa:a3:f4:4e:d8:eb:0e:97:42:67:ef:
c8:f6:95:1c:d8:b9:29:7a:e2:44:1f:c0:ab:b8:66:
63:3c:cd:6a:01:9f:13:0a:e1:73:83:42:ca:7e:93:
e8:70:e7:a7:0c:05:8c:5b:d4:de:3b:09:a7:00:30:
94:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CB:D6:6E:EC:F2:BC:1C:41:BE:FE:C3:EB:CE:A3:58:9E:73:52:20
X509v3 Authority Key Identifier:
keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject Information Access:
Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139312e302f32342d3234203d3e2033393730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
36:98:05:3d:b0:45:d8:89:78:34:1b:0a:f5:21:09:05:6b:f5:
19:ef:df:f2:65:3b:8a:7f:3e:33:04:6a:48:95:59:9e:e9:30:
0a:0a:f2:80:0f:ee:68:b2:60:e7:cc:96:5b:53:68:0e:e3:59:
a2:fc:7d:f6:70:43:93:b8:99:07:05:4b:56:87:9b:bc:b6:f6:
7d:d7:a2:d8:47:70:12:8c:c3:43:32:1d:75:6d:2b:90:59:82:
c4:9f:2c:2e:a5:34:62:d9:b6:52:58:8a:68:f6:88:07:4a:1f:
79:4d:06:e9:32:9c:41:44:9a:1e:c1:3d:06:84:11:93:d3:78:
c6:b4:bd:f2:82:b3:47:45:74:a5:28:12:56:94:a2:76:87:a1:
76:53:a8:1b:be:5f:3d:69:58:da:01:2d:1a:22:ba:3e:9a:7c:
c8:fe:cc:0b:36:c7:31:ce:74:9a:a7:21:da:4e:f2:e4:1c:2a:
06:96:5c:61:66:19:30:d2:01:8c:c1:9b:79:29:9d:06:16:31:
70:0b:ba:cf:d8:7e:af:ed:3d:24:96:9e:df:77:44:41:38:e8:
be:ce:13:84:6a:a2:a5:4a:c8:5c:34:47:b0:ee:9f:c2:74:19:
87:a5:4f:49:a6:39:d7:93:e5:5c:01:bb:b7:42:40:2e:58:0a:
7e:57:14:17
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUdqKHIjuXZg/PfRqlJOUxHEDzysQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNTAyMTcxODQ4NThaFw0yNjAyMTYxODUzNThaMDMxMTAvBgNV
BAMTKENGQ0JENjZFRUNGMkJDMUM0MUJFRkVDM0VCQ0VBMzU4OUU3MzUyMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaojBYUyQaRGNAm0u4mfA4rYom
45d1Zx3T9qwGBTxf9+ZwmamRhnzGa1QB6Vxm+i48Sl8IogpUm2FDN3/n4XXnOEXk
LP/fhP7xPvNInOP9TzF9DL+BdCkEeT8Tel9vgXi2PZ+Hb1T2KIN/VKdJvcxYFVPj
BlqXmULBeksIUVUVQb5sFr5YBaUmKuJRH6AnvS7IhxQpcpZJrTP/NwB4biFalt6o
VjWkG/CdccxkflRLi4ZHXIR1g0Gu2ypnRMDwl4JJ4U7TF5Oqo/RO2OsOl0Jn78j2
lRzYuSl64kQfwKu4ZmM8zWoBnxMK4XODQsp+k+hw56cMBYxb1N47CacAMJTvAgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUz8vWbuzyvBxBvv7D686jWJ5zUiAwHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwgYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4ZkcnN5bmM6Ly9rcmlsbC5y
Zy5uZXQvcmVwby9ycGtpLWJlYWNvbnMtY2EvMC8zNDM1MmUzMTMzMzIyZTMxMzkz
MTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYS/
MA0GCSqGSIb3DQEBCwUAA4IBAQA2mAU9sEXYiXg0Gwr1IQkFa/UZ79/yZTuKfz4z
BGpIlVme6TAKCvKAD+5osmDnzJZbU2gO41mi/H32cEOTuJkHBUtWh5u8tvZ916LY
R3ASjMNDMh11bSuQWYLEnywupTRi2bZSWIpo9ogHSh95TQbpMpxBRJoewT0GhBGT
03jGtL3ygrNHRXSlKBJWlKJ2h6F2U6gbvl89aVjaAS0aIro+mnzI/swLNscxznSa
pyHaTvLkHCoGllxhZhkw0gGMwZt5KZ0GFjFwC7rP2H6v7T0klp7fd0RBOOi+zhOE
aqKlSshcNEew7p/CdBmHpU9JpjnXk+VcAbu3QkAuWAp+VxQX
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:45:09 2025 by rpki-client