Route Origin Authorization
$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139302e302f32342d3234203d3e2030.roa
File: 34352e3133322e3139302e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: BZJT8EbwRaDxjL7KKjabnaQJK3brt6+TkqqK548Wl2g=
Subject key identifier: 73:E4:92:BF:ED:B4:C7:01:1D:86:6C:F3:8C:2E:30:6D:D2:18:9C:3A
Certificate issuer: /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial: 62AEB3843808FE8615C13C034A32EEFD453E4CAC
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access: rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139302e302f32342d3234203d3e2030.roa
Signing time: Mon 11 May 2026 18:06:06 +0000
ROA not before: Mon 11 May 2026 18:01:06 +0000
ROA not after: Mon 10 May 2027 18:06:06 +0000
asID: 0
IP address blocks: 45.132.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 01:45:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:ae:b3:84:38:08:fe:86:15:c1:3c:03:4a:32:ee:fd:45:3e:4c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
Validity
Not Before: May 11 18:01:06 2026 GMT
Not After : May 10 18:06:06 2027 GMT
Subject: CN=73E492BFEDB4C7011D866CF38C2E306DD2189C3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:44:87:75:69:c5:93:6c:b7:fc:82:a7:94:
2f:3c:67:4d:df:43:11:8c:54:5b:3f:f7:dc:12:2b:
ed:14:d0:30:f6:c5:6b:2e:16:e1:0e:55:50:68:39:
bb:8d:d3:ba:b3:62:08:5d:ba:f4:59:d5:fb:37:e7:
19:99:e5:06:6b:d2:01:72:78:ec:3f:bb:46:76:dc:
06:a3:85:ba:3c:2b:d1:f1:f2:34:06:cf:89:91:c3:
36:b9:ff:20:4e:f4:e1:44:97:90:36:d3:36:8b:e0:
3a:58:e7:ea:84:56:25:a2:8e:14:77:e6:6f:73:90:
f5:78:ef:18:79:1f:ce:bf:1a:ac:8b:06:50:32:b4:
92:6d:a2:86:49:5d:c7:07:b5:c1:89:37:45:c7:3b:
93:01:22:0d:c5:95:71:d4:47:89:f7:f6:cc:73:22:
22:ca:d8:e9:df:48:01:ab:1b:39:a9:a4:5b:d1:bb:
d6:a0:0e:07:40:40:e3:b3:6b:5d:96:8e:a8:31:ee:
77:93:91:56:16:a0:57:ca:55:9e:51:e7:ca:8b:d4:
06:3a:84:df:39:23:42:d1:75:d0:b8:7c:d7:95:7f:
14:59:13:f5:3e:54:66:1f:00:38:6a:ed:8b:2c:78:
98:93:1b:a7:74:51:72:4d:b0:64:0c:7e:42:31:b1:
18:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E4:92:BF:ED:B4:C7:01:1D:86:6C:F3:8C:2E:30:6D:D2:18:9C:3A
X509v3 Authority Key Identifier:
keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject Information Access:
Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3139302e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.190.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0a:b2:b5:e4:fb:3c:61:fa:e2:d5:50:49:14:91:5c:44:b7:
f3:73:e0:5d:51:97:39:c6:e5:74:78:9f:6a:9e:9a:72:0c:5a:
5d:16:cc:42:67:a4:56:4c:01:69:d5:ea:e3:51:5e:fd:34:03:
5b:ec:8a:d7:64:e8:8c:2c:37:ae:3c:4e:b8:13:b2:fa:43:8a:
d8:19:7a:38:c9:bd:8e:f8:8c:37:28:be:29:84:7c:39:70:9f:
58:b3:2f:ec:2a:c5:62:d3:50:52:93:3d:59:81:40:4f:69:58:
a0:be:e8:09:c0:14:a6:b8:b5:3e:5f:68:b2:29:8d:98:fb:2a:
de:a3:12:3a:64:cd:c3:0a:85:a1:e2:95:44:61:13:95:42:40:
55:da:f6:bc:8c:64:7b:49:39:0b:3d:31:a2:3b:ce:44:bc:5a:
0d:87:67:8c:a0:60:7c:c7:19:b6:ba:d9:95:b9:55:3e:c9:73:
ef:b5:24:00:ef:43:8c:4b:5d:08:b5:f1:f9:ae:ea:ac:65:ef:
56:f2:f7:01:9f:67:a5:b1:31:b0:6a:fc:1e:bd:30:83:26:af:
a7:82:6b:89:1a:3b:83:31:2b:fd:eb:44:18:d3:4a:9d:56:f5:
ae:41:e5:ae:bc:32:23:2c:fc:1f:13:7e:73:3c:7a:c7:50:27:
a4:53:8d:38
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUYq6zhDgI/oYVwTwDSjLu/UU+TKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNjA1MTExODAxMDZaFw0yNzA1MTAxODA2MDZaMDMxMTAvBgNV
BAMTKDczRTQ5MkJGRURCNEM3MDExRDg2NkNGMzhDMkUzMDZERDIxODlDM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGhkSHdWnFk2y3/IKnlC88Z03f
QxGMVFs/99wSK+0U0DD2xWsuFuEOVVBoObuN07qzYghduvRZ1fs35xmZ5QZr0gFy
eOw/u0Z23Aajhbo8K9Hx8jQGz4mRwza5/yBO9OFEl5A20zaL4DpY5+qEViWijhR3
5m9zkPV47xh5H86/GqyLBlAytJJtooZJXccHtcGJN0XHO5MBIg3FlXHUR4n39sxz
IiLK2OnfSAGrGzmppFvRu9agDgdAQOOza12Wjqgx7neTkVYWoFfKVZ5R58qL1AY6
hN85I0LRddC4fNeVfxRZE/U+VGYfADhq7YsseJiTG6d0UXJNsGQMfkIxsRixAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUc+SSv+20xwEdhmzzjC4wbdIYnDowHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL2tyaWxsLnJn
Lm5ldC9yZXBvL3Jwa2ktYmVhY29ucy1jYS8wLzM0MzUyZTMxMzMzMjJlMzEzOTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL4wDQYJKoZI
hvcNAQELBQADggEBACgKsrXk+zxh+uLVUEkUkVxEt/Nz4F1RlznG5XR4n2qemnIM
Wl0WzEJnpFZMAWnV6uNRXv00A1vsitdk6IwsN648TrgTsvpDitgZejjJvY74jDco
vimEfDlwn1izL+wqxWLTUFKTPVmBQE9pWKC+6AnAFKa4tT5faLIpjZj7Kt6jEjpk
zcMKhaHilURhE5VCQFXa9ryMZHtJOQs9MaI7zkS8Wg2HZ4ygYHzHGba62ZW5VT7J
c++1JADvQ4xLXQi18fmu6qxl71by9wGfZ6WxMbBq/B69MIMmr6eCa4kaO4MxK/3r
RBjTSp1W9a5B5a68MiMs/B8TfnM8esdQJ6RTjTg=
-----END CERTIFICATE-----
Generated at Tue May 12 21:40:32 2026 by rpki-client