Route Origin Authorization
$ rpki-client -vvf krill.signalx.cloud/repo/signalx-rpki/6/326130623a346238303a3a2f32392d3239203d3e20323134343032.roa
File: 326130623a346238303a3a2f32392d3239203d3e20323134343032.roa (raw, json)
Hash identifier: yiOFm0iRPgUbU/jD7XkXLY6ez7I4l5mzijIKW5fOvr4=
Subject key identifier: 65:6C:E2:89:9E:17:60:FD:B4:1B:7A:0A:30:D4:EF:B4:2D:2C:E4:1C
Certificate issuer: /CN=88332c8750cc71629e694fddb3615ae083589921
Certificate serial: 17D70923DC1E944C7F84EBF6B76E04FC4EDC94FB
Authority key identifier: 88:33:2C:87:50:CC:71:62:9E:69:4F:DD:B3:61:5A:E0:83:58:99:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDMsh1DMcWKeaU_ds2Fa4INYmSE.cer
Subject info access: rsync://krill.signalx.cloud/repo/signalx-rpki/6/326130623a346238303a3a2f32392d3239203d3e20323134343032.roa
Signing time: Mon 04 Aug 2025 07:55:45 +0000
ROA not before: Mon 04 Aug 2025 07:50:45 +0000
ROA not after: Mon 03 Aug 2026 07:55:45 +0000
asID: 214402
IP address blocks: 2a0b:4b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://krill.signalx.cloud/repo/signalx-rpki/6/88332C8750CC71629E694FDDB3615AE083589921.crl
rsync://krill.signalx.cloud/repo/signalx-rpki/6/88332C8750CC71629E694FDDB3615AE083589921.mft
rsync://rpki.ripe.net/repository/DEFAULT/iDMsh1DMcWKeaU_ds2Fa4INYmSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d7:09:23:dc:1e:94:4c:7f:84:eb:f6:b7:6e:04:fc:4e:dc:94:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88332c8750cc71629e694fddb3615ae083589921
Validity
Not Before: Aug 4 07:50:45 2025 GMT
Not After : Aug 3 07:55:45 2026 GMT
Subject: CN=656CE2899E1760FDB41B7A0A30D4EFB42D2CE41C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:65:36:b5:3e:4d:1d:cf:d3:78:7a:97:1c:
87:82:e7:81:17:96:07:5f:ea:b6:21:c1:52:cf:3d:
6e:46:b8:3c:aa:8d:07:e7:f3:57:32:5e:6d:17:f8:
c8:cb:4e:0e:6e:81:df:10:ed:7e:a9:a1:a2:5f:85:
c0:90:2f:94:7c:c8:d0:c6:3e:b9:0e:a4:b1:93:0f:
14:70:69:04:e7:6b:fe:81:8f:d3:e8:d9:f1:04:31:
59:b7:aa:3b:4c:e5:7f:ba:d9:6f:2e:a1:ef:8e:17:
0d:a8:90:59:9d:10:b6:3f:0c:7f:59:52:b0:15:ad:
cb:b3:08:a5:19:e0:10:4a:e5:17:3f:8e:0b:df:63:
01:26:6c:6f:b1:dc:d4:8d:b9:23:cf:80:95:9b:c6:
71:cf:0f:2f:3c:f9:a6:a0:c7:c3:32:9a:74:62:b8:
5a:a0:76:e1:42:2b:c3:28:41:06:ec:1a:48:ad:bb:
41:8a:66:68:ff:70:6a:0d:01:8f:80:03:20:e2:7d:
aa:03:1e:a8:60:59:dd:38:10:7a:22:17:3a:89:fe:
37:f9:77:e4:f9:60:eb:8d:7d:d7:46:ea:73:c7:23:
5d:f9:df:4e:e5:d2:d7:af:63:8c:58:6e:7b:e0:54:
95:b8:41:f4:37:90:ae:e6:a5:c7:94:8c:48:c8:08:
ab:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6C:E2:89:9E:17:60:FD:B4:1B:7A:0A:30:D4:EF:B4:2D:2C:E4:1C
X509v3 Authority Key Identifier:
keyid:88:33:2C:87:50:CC:71:62:9E:69:4F:DD:B3:61:5A:E0:83:58:99:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.signalx.cloud/repo/signalx-rpki/6/88332C8750CC71629E694FDDB3615AE083589921.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDMsh1DMcWKeaU_ds2Fa4INYmSE.cer
Subject Information Access:
Signed Object - URI:rsync://krill.signalx.cloud/repo/signalx-rpki/6/326130623a346238303a3a2f32392d3239203d3e20323134343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
84:cd:53:9f:6b:2b:d1:0c:32:6c:64:d9:81:b3:77:37:75:e8:
1a:53:01:8d:76:76:d2:b4:7b:77:96:f8:e8:27:35:7e:4c:71:
0e:eb:c9:28:85:b5:07:24:6b:ef:be:55:b5:ad:77:03:28:5d:
6e:ec:38:ff:39:d5:57:e7:df:fc:30:04:88:85:d3:3c:3c:83:
84:ca:26:0c:56:7e:52:6c:fd:7b:fc:e7:d6:93:d6:7c:e4:ea:
cd:bc:4e:a3:0f:da:59:e1:90:e8:7c:cb:0a:2b:a2:27:bc:b3:
6f:5b:52:44:9a:8e:69:7f:ac:ad:71:7d:ad:c8:b9:7d:7e:3d:
78:aa:25:6f:a5:ec:7d:23:92:93:44:85:f6:70:ab:43:14:5d:
d3:6d:0a:30:c8:4c:24:62:0b:00:8b:da:85:2c:b8:20:d7:a0:
d4:be:21:44:a4:1e:4f:f0:d2:dd:e9:36:4e:54:bf:c5:7d:8a:
41:bd:97:73:2c:6f:f5:0d:5c:49:71:4e:a9:7b:cc:bc:eb:7d:
6f:07:ff:dd:ad:b4:a5:0d:14:b0:b9:15:70:67:55:7b:94:88:
f8:29:e4:6a:62:87:a3:14:fa:39:24:32:18:55:e0:25:a2:26:
24:88:f0:d7:a3:be:fc:16:21:13:5b:44:88:c1:6c:d8:a8:02:
2e:ef:20:6d
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUF9cJI9welEx/hOv2t24E/E7clPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODgzMzJjODc1MGNjNzE2MjllNjk0ZmRkYjM2MTVhZTA4
MzU4OTkyMTAeFw0yNTA4MDQwNzUwNDVaFw0yNjA4MDMwNzU1NDVaMDMxMTAvBgNV
BAMTKDY1NkNFMjg5OUUxNzYwRkRCNDFCN0EwQTMwRDRFRkI0MkQyQ0U0MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs7WU2tT5NHc/TeHqXHIeC54EX
lgdf6rYhwVLPPW5GuDyqjQfn81cyXm0X+MjLTg5ugd8Q7X6poaJfhcCQL5R8yNDG
PrkOpLGTDxRwaQTna/6Bj9Po2fEEMVm3qjtM5X+62W8uoe+OFw2okFmdELY/DH9Z
UrAVrcuzCKUZ4BBK5Rc/jgvfYwEmbG+x3NSNuSPPgJWbxnHPDy88+aagx8MymnRi
uFqgduFCK8MoQQbsGkitu0GKZmj/cGoNAY+AAyDifaoDHqhgWd04EHoiFzqJ/jf5
d+T5YOuNfddG6nPHI135307l0tevY4xYbnvgVJW4QfQ3kK7mpceUjEjICKuLAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUZWziiZ4XYP20G3oKMNTvtC0s5BwwHwYDVR0j
BBgwFoAUiDMsh1DMcWKeaU/ds2Fa4INYmSEwDgYDVR0PAQH/BAQDAgeAMG0GA1Ud
HwRmMGQwYqBgoF6GXHJzeW5jOi8va3JpbGwuc2lnbmFseC5jbG91ZC9yZXBvL3Np
Z25hbHgtcnBraS82Lzg4MzMyQzg3NTBDQzcxNjI5RTY5NEZEREIzNjE1QUUwODM1
ODk5MjEuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9pRE1zaDFETWNXS2VhVV9k
czJGYTRJTlltU0UuY2VyMIGGBggrBgEFBQcBCwR6MHgwdgYIKwYBBQUHMAuGanJz
eW5jOi8va3JpbGwuc2lnbmFseC5jbG91ZC9yZXBvL3NpZ25hbHgtcnBraS82LzMy
NjEzMDYyM2EzNDYyMzgzMDNhM2EyZjMyMzkyZDMyMzkyMDNkM2UyMDMyMzEzNDM0
MzAzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFAyoLS4AwDQYJKoZIhvcNAQELBQADggEBAITNU59rK9EM
Mmxk2YGzdzd16BpTAY12dtK0e3eW+OgnNX5McQ7rySiFtQcka+++VbWtdwMoXW7s
OP851Vfn3/wwBIiF0zw8g4TKJgxWflJs/Xv859aT1nzk6s28TqMP2lnhkOh8ywor
oie8s29bUkSajml/rK1xfa3IuX1+PXiqJW+l7H0jkpNEhfZwq0MUXdNtCjDITCRi
CwCL2oUsuCDXoNS+IUSkHk/w0t3pNk5Uv8V9ikG9l3Msb/UNXElxTql7zLzrfW8H
/92ttKUNFLC5FXBnVXuUiPgp5Gpih6MU+jkkMhhV4CWiJiSI8NejvvwWIRNbRIjB
bNioAi7vIG0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:35:09 2025 by rpki-client