Route Origin Authorization
$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3138382e302f32342d3234203d3e2033393730.roa
File: 34352e3133322e3138382e302f32342d3234203d3e2033393730.roa (raw, json)
Hash identifier: Vk/6mKwbvkxZXJqo4MiNI6c4drpgVeXWJEzA1GE2Je0=
Subject key identifier: 28:66:22:32:89:D8:E9:A0:31:3E:53:A1:70:15:05:24:1B:CF:FC:50
Certificate issuer: /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial: 074FCF0C47A252CB84416DA46B2F025655CFAC56
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access: rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3138382e302f32342d3234203d3e2033393730.roa
Signing time: Fri 06 Jun 2025 13:24:07 +0000
ROA not before: Fri 06 Jun 2025 13:19:07 +0000
ROA not after: Fri 05 Jun 2026 13:24:07 +0000
asID: 3970
IP address blocks: 45.132.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jun 2025 13:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:4f:cf:0c:47:a2:52:cb:84:41:6d:a4:6b:2f:02:56:55:cf:ac:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
Validity
Not Before: Jun 6 13:19:07 2025 GMT
Not After : Jun 5 13:24:07 2026 GMT
Subject: CN=2866223289D8E9A0313E53A1701505241BCFFC50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:d8:e3:b5:cb:b2:bf:84:01:75:3f:14:e8:
2b:fe:fc:95:1e:f1:35:5c:89:fa:2d:52:37:97:5a:
47:c5:4a:c1:5b:0f:dc:9d:61:2e:c2:1e:5e:02:07:
20:64:9a:af:47:3f:68:59:5f:53:85:3d:fc:0b:90:
03:84:d3:69:59:9e:d2:02:96:2f:71:ab:15:93:5f:
e5:99:63:85:eb:10:0e:a6:07:ab:41:fc:35:7c:3e:
9e:3e:f1:e2:aa:ae:9c:6e:a2:ae:28:73:20:53:fa:
49:12:c7:11:2e:c1:df:5f:e2:f7:7e:87:fb:58:77:
7f:2d:14:71:41:1a:4e:92:b5:61:ff:b9:8c:3c:35:
70:ee:62:7b:fb:7c:1b:d4:e1:a0:ac:03:c1:d8:e3:
42:f3:e7:de:33:46:cf:63:9e:1c:d4:40:b0:df:52:
f0:1e:f9:c1:fd:6a:21:a1:42:77:26:32:f3:03:d0:
56:88:3d:7f:03:49:0e:f0:05:40:89:42:93:9e:5b:
4a:ca:ab:c7:cd:f2:3c:a1:8c:43:90:6a:94:1e:77:
1e:2a:0a:0d:32:25:0c:ed:38:5c:ff:f5:51:67:ba:
18:a3:18:4d:16:e2:95:3e:07:0f:25:50:a7:99:f2:
91:28:c4:0a:4c:cf:09:85:75:08:e0:7d:62:34:dd:
63:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:66:22:32:89:D8:E9:A0:31:3E:53:A1:70:15:05:24:1B:CF:FC:50
X509v3 Authority Key Identifier:
keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject Information Access:
Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3138382e302f32342d3234203d3e2033393730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.188.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c6:74:8c:02:c3:50:ed:5c:38:0a:ba:41:b4:d4:a0:f2:3d:
3a:50:0d:35:17:c4:dd:5d:34:78:f7:c7:82:de:40:0e:84:e6:
1d:f7:35:41:ce:68:01:6f:5c:12:1d:8c:67:dd:20:7b:0c:ae:
75:e6:02:0c:80:16:cb:cc:40:50:1d:ef:70:03:67:06:41:53:
a4:38:5b:53:f2:db:fc:14:ef:fe:3a:8c:ca:28:0c:cb:88:d7:
5b:9f:5a:2d:81:af:36:6c:34:0c:8f:23:fe:70:74:3c:78:ef:
80:ca:a7:78:f4:ef:34:1a:62:3c:81:fa:a6:b6:22:44:84:60:
23:e7:d3:14:18:51:42:bf:e3:83:5a:49:3b:40:50:06:3a:ac:
11:91:4a:8e:c3:54:6a:0d:9f:a9:72:3b:a0:7e:fa:83:0a:98:
8e:aa:18:5b:c3:c8:ba:2f:19:fc:6b:94:47:a1:08:6d:62:86:
87:c8:40:a7:3c:17:ce:47:fc:f5:9f:bf:b2:48:c0:7e:97:e6:
44:22:d3:08:1b:c9:87:04:f9:1e:c1:62:c8:b2:8f:4f:43:09:
ed:76:12:8e:0a:6d:db:e3:62:08:c5:3e:47:5f:bf:cb:06:6e:
d2:d0:dd:a0:de:25:48:c7:b8:a2:3e:f3:0b:15:85:61:55:0d:
65:21:14:9c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUB0/PDEeiUsuEQW2kay8CVlXPrFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNTA2MDYxMzE5MDdaFw0yNjA2MDUxMzI0MDdaMDMxMTAvBgNV
BAMTKDI4NjYyMjMyODlEOEU5QTAzMTNFNTNBMTcwMTUwNTI0MUJDRkZDNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/yNjjtcuyv4QBdT8U6Cv+/JUe
8TVcifotUjeXWkfFSsFbD9ydYS7CHl4CByBkmq9HP2hZX1OFPfwLkAOE02lZntIC
li9xqxWTX+WZY4XrEA6mB6tB/DV8Pp4+8eKqrpxuoq4ocyBT+kkSxxEuwd9f4vd+
h/tYd38tFHFBGk6StWH/uYw8NXDuYnv7fBvU4aCsA8HY40Lz594zRs9jnhzUQLDf
UvAe+cH9aiGhQncmMvMD0FaIPX8DSQ7wBUCJQpOeW0rKq8fN8jyhjEOQapQedx4q
Cg0yJQztOFz/9VFnuhijGE0W4pU+Bw8lUKeZ8pEoxApMzwmFdQjgfWI03WP7AgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUKGYiMonY6aAxPlOhcBUFJBvP/FAwHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwgYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4ZkcnN5bmM6Ly9rcmlsbC5y
Zy5uZXQvcmVwby9ycGtpLWJlYWNvbnMtY2EvMC8zNDM1MmUzMTMzMzIyZTMxMzgz
ODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYS8
MA0GCSqGSIb3DQEBCwUAA4IBAQA5xnSMAsNQ7Vw4CrpBtNSg8j06UA01F8TdXTR4
98eC3kAOhOYd9zVBzmgBb1wSHYxn3SB7DK515gIMgBbLzEBQHe9wA2cGQVOkOFtT
8tv8FO/+OozKKAzLiNdbn1otga82bDQMjyP+cHQ8eO+Ayqd49O80GmI8gfqmtiJE
hGAj59MUGFFCv+ODWkk7QFAGOqwRkUqOw1RqDZ+pcjugfvqDCpiOqhhbw8i6Lxn8
a5RHoQhtYoaHyECnPBfOR/z1n7+ySMB+l+ZEItMIG8mHBPkewWLIso9PQwntdhKO
Cm3b42IIxT5HX7/LBm7S0N2g3iVIx7iiPvMLFYVhVQ1lIRSc
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:48:23 2025 by rpki-client