
Route Origin Authorization
$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139312e302f32342d3234203d3e2033393730.roa
File: 34352e3133322e3139312e302f32342d3234203d3e2033393730.roa (raw, json)
Hash identifier: piR0xY2W/Fg7dFVRqqqeApVksNlAZNhoOxCqAZQ09I0=
Subject key identifier: 66:CE:4D:B6:14:42:EF:4C:17:85:54:93:4D:4C:7F:2A:B9:97:BE:9C
Certificate issuer: /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial: 7052ADA18B8292FD7FAEDA25E53668152DE8E99A
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access: rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139312e302f32342d3234203d3e2033393730.roa
Signing time: Sat 07 Jun 2025 19:27:31 +0000
ROA not before: Sat 07 Jun 2025 19:22:31 +0000
ROA not after: Sat 06 Jun 2026 19:27:31 +0000
asID: 3970
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 18:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:52:ad:a1:8b:82:92:fd:7f:ae:da:25:e5:36:68:15:2d:e8:e9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
Validity
Not Before: Jun 7 19:22:31 2025 GMT
Not After : Jun 6 19:27:31 2026 GMT
Subject: CN=66CE4DB61442EF4C178554934D4C7F2AB997BE9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:e5:12:55:99:18:c1:35:fd:88:46:12:3d:
ec:fd:51:f8:0d:a2:63:13:dd:30:b0:15:28:01:7e:
1f:37:53:30:af:24:b4:42:4d:47:cc:dc:33:d4:78:
af:b0:d7:43:1e:5d:80:d3:89:4b:13:c0:6f:eb:2c:
99:aa:06:d6:c6:43:45:25:83:1d:bb:46:c7:7a:6f:
f4:29:f2:a0:3d:8e:85:f3:f2:95:23:f0:18:b5:56:
8d:b3:df:d6:eb:27:fd:05:94:b8:be:d8:5e:50:2d:
b4:d9:a3:63:53:40:b5:31:5f:c6:96:58:b1:af:3e:
27:83:47:84:69:99:37:b9:77:4b:8a:44:ee:84:d4:
15:6e:30:6b:22:a9:59:68:1c:7c:2d:be:12:0e:b3:
bf:54:1b:86:7b:a7:f2:b3:a8:01:17:27:84:31:53:
4c:06:c2:01:75:4a:84:4c:7e:91:79:40:7f:b6:b8:
dc:fb:25:72:74:93:c7:e1:a8:93:44:94:c0:60:fd:
e7:d9:33:06:fe:63:45:1c:dd:25:e0:21:c9:98:ca:
d0:ac:38:c6:a8:d4:8c:3f:98:62:5f:c5:8a:d6:fb:
7a:75:a1:21:db:1b:fd:6c:ef:9c:9b:a7:7d:12:9c:
6b:58:f0:69:18:84:01:1f:76:f0:83:53:e8:ec:a1:
8c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CE:4D:B6:14:42:EF:4C:17:85:54:93:4D:4C:7F:2A:B9:97:BE:9C
X509v3 Authority Key Identifier:
keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject Information Access:
Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139312e302f32342d3234203d3e2033393730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
46:78:26:5c:bf:e8:49:b2:ca:e5:e1:a3:0d:23:43:4d:c9:12:
e3:61:d4:b7:6a:aa:b8:c4:f8:8e:81:51:f5:5b:b0:b5:6c:d7:
05:6b:95:20:ef:79:6c:f3:4a:b2:a6:e7:f8:e6:2b:51:3f:99:
fb:f6:94:cf:66:bf:a6:54:bf:7f:70:39:d8:39:4d:f4:81:e1:
85:d0:00:a3:cf:83:70:23:01:01:7f:ca:f2:ce:1a:0f:2e:05:
1c:21:91:6b:9d:9e:29:7e:c3:65:2e:ae:c5:ac:82:87:f3:08:
8c:2b:8d:e3:6b:38:67:b8:0e:46:bb:42:0f:7c:78:e9:3d:49:
d3:d9:88:b1:fe:c4:0e:2a:98:fe:61:e1:cd:b9:91:79:66:c2:
ab:9e:24:a0:0c:cf:b9:f9:d8:6c:9b:66:1b:59:19:d0:e8:3d:
8e:8f:01:99:00:fb:9d:b6:5d:6f:9e:87:07:ea:d4:90:ef:da:
95:a7:bd:71:92:ee:79:4c:a4:42:2f:de:b8:f2:ff:a5:25:1e:
07:64:3d:0d:4c:0e:34:ed:da:dd:93:86:dd:b5:97:7b:a5:a5:
2e:97:58:55:b2:a5:6a:49:c7:bb:14:6f:8e:55:80:42:dd:a7:
80:47:99:31:b7:41:c5:c7:38:87:b2:7c:38:78:30:df:d6:d0:
94:24:d7:02
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUcFKtoYuCkv1/rtol5TZoFS3o6ZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNTA2MDcxOTIyMzFaFw0yNjA2MDYxOTI3MzFaMDMxMTAvBgNV
BAMTKDY2Q0U0REI2MTQ0MkVGNEMxNzg1NTQ5MzRENEM3RjJBQjk5N0JFOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqOeUSVZkYwTX9iEYSPez9UfgN
omMT3TCwFSgBfh83UzCvJLRCTUfM3DPUeK+w10MeXYDTiUsTwG/rLJmqBtbGQ0Ul
gx27Rsd6b/Qp8qA9joXz8pUj8Bi1Vo2z39brJ/0FlLi+2F5QLbTZo2NTQLUxX8aW
WLGvPieDR4RpmTe5d0uKRO6E1BVuMGsiqVloHHwtvhIOs79UG4Z7p/KzqAEXJ4Qx
U0wGwgF1SoRMfpF5QH+2uNz7JXJ0k8fhqJNElMBg/efZMwb+Y0Uc3SXgIcmYytCs
OMao1Iw/mGJfxYrW+3p1oSHbG/1s75ybp30SnGtY8GkYhAEfdvCDU+jsoYxVAgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUZs5NthRC70wXhVSTTUx/KrmXvpwwHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwgYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4ZkcnN5bmM6Ly9rcmlsbC5y
Zy5uZXQvcmVwby9ycGtpLWJlYWNvbnMtY2EvMC8zNDM1MmUzMTMzMzIyZTMxMzkz
MTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYS/
MA0GCSqGSIb3DQEBCwUAA4IBAQBGeCZcv+hJssrl4aMNI0NNyRLjYdS3aqq4xPiO
gVH1W7C1bNcFa5Ug73ls80qypuf45itRP5n79pTPZr+mVL9/cDnYOU30geGF0ACj
z4NwIwEBf8ryzhoPLgUcIZFrnZ4pfsNlLq7FrIKH8wiMK43jazhnuA5Gu0IPfHjp
PUnT2Yix/sQOKpj+YeHNuZF5ZsKrniSgDM+5+dhsm2YbWRnQ6D2OjwGZAPudtl1v
nocH6tSQ79qVp71xku55TKRCL9648v+lJR4HZD0NTA407drdk4bdtZd7paUul1hV
sqVqSce7FG+OVYBC3aeAR5kxt0HFxziHsnw4eDDf1tCUJNcC
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:02:27 2025 by rpki-client