Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235352e302f32342d3332203d3e203233383538.roa
File: 3138352e33372e3235352e302f32342d3332203d3e203233383538.roa (raw, json)
Hash identifier: 53m+ftbfDXSKBRFpCpSF+PApitRNJ4vzOZgjhmEiTrw=
Subject key identifier: 52:62:7A:54:D3:C3:91:57:9A:7D:FC:9B:37:58:0D:3D:77:FB:21:B4
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 3F579739758DF6E9F81A6F96F07EBDD23156CDE1
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235352e302f32342d3332203d3e203233383538.roa
Signing time: Thu 09 Jan 2025 14:47:43 +0000
ROA not before: Thu 09 Jan 2025 14:42:43 +0000
ROA not after: Thu 08 Jan 2026 14:47:43 +0000
asID: 23858
IP address blocks: 185.37.255.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 08:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:57:97:39:75:8d:f6:e9:f8:1a:6f:96:f0:7e:bd:d2:31:56:cd:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Jan 9 14:42:43 2025 GMT
Not After : Jan 8 14:47:43 2026 GMT
Subject: CN=52627A54D3C391579A7DFC9B37580D3D77FB21B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ed:e3:69:78:83:17:ea:de:ca:4c:73:13:57:
a4:db:ec:d2:b2:25:86:ac:92:c7:63:28:f9:df:86:
06:c4:dc:e4:d9:83:b6:e6:2f:9a:3b:a0:1b:e2:23:
c0:61:f3:ba:3f:1e:56:de:65:c5:7f:be:06:ce:c4:
d1:e5:76:26:cc:5c:ad:45:7e:f0:2a:66:82:05:04:
dd:4e:82:fb:86:af:13:d2:e6:fd:80:d2:81:11:ff:
99:b1:c1:1b:a8:42:aa:ff:31:9e:af:9e:46:be:1a:
61:fd:74:e1:a0:6f:ab:7c:8d:59:96:ec:ce:bf:3c:
a8:1d:9d:89:78:ee:a6:2d:8b:4c:43:aa:6f:2e:f5:
8f:b1:f8:41:73:fe:fa:82:6b:78:5b:22:49:07:b6:
c4:20:6a:b7:13:17:6f:4b:a6:83:17:54:4c:36:eb:
21:9b:9c:41:0a:c9:83:6b:e9:60:91:e7:63:d6:20:
52:9d:5d:67:bf:19:5e:00:cb:f6:7f:d2:5c:f1:14:
1c:63:fc:74:07:57:ae:c9:b3:26:4a:f0:96:c7:a6:
ed:f7:ec:d8:1c:e5:e4:cb:ea:5d:88:e6:55:57:7c:
e2:47:30:9f:da:b0:4c:d3:fe:a9:47:c3:0f:45:8b:
b2:11:a4:fd:70:9c:73:13:6a:fd:22:e8:6a:33:1e:
9a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:62:7A:54:D3:C3:91:57:9A:7D:FC:9B:37:58:0D:3D:77:FB:21:B4
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235352e302f32342d3332203d3e203233383538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.255.0/24
Signature Algorithm: sha256WithRSAEncryption
79:67:fd:52:4a:00:94:10:12:67:b5:5c:ec:45:b1:7c:8f:bd:
d5:75:93:18:8e:98:ff:b7:8b:a6:f1:12:56:50:39:88:9e:f3:
fe:bf:4c:ab:07:20:e9:0f:f2:1f:a2:c3:28:8c:25:5e:ae:17:
e7:0f:57:e1:fc:d7:99:01:1c:23:c1:d0:52:1b:29:67:25:34:
34:fe:c1:af:04:78:7a:a2:ad:83:7b:69:ec:d7:59:cb:0e:13:
ed:36:8f:a0:df:8a:84:1d:77:3c:2c:df:0e:f8:13:6c:80:2c:
30:61:30:3f:1c:d0:7e:7a:a3:c8:cf:25:c7:21:d2:ad:33:6f:
2e:06:aa:41:6b:b1:88:d4:26:0c:d6:99:5c:e2:ef:2a:c5:9c:
c9:17:21:b5:dd:c7:94:4a:f6:31:f9:78:96:56:95:99:35:61:
52:73:e5:cb:13:c6:f5:92:a2:13:84:52:1b:d0:cc:6e:1f:1b:
06:e5:2b:35:16:29:9c:62:ec:a2:70:a5:20:53:78:16:40:6a:
72:99:a0:72:91:4f:ff:d9:e6:cb:ec:3c:89:c9:aa:7b:6a:c1:
c4:3a:36:b0:c7:fe:19:c2:f1:e6:8e:b3:a8:12:44:c6:36:09:
9f:9d:d5:c0:8c:0c:4a:c3:a5:ec:59:13:db:21:4f:f0:62:bc:
35:dc:0b:4a
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUP1eXOXWN9un4Gm+W8H690jFWzeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTAxMDkxNDQyNDNaFw0yNjAxMDgxNDQ3NDNaMDMxMTAvBgNV
BAMTKDUyNjI3QTU0RDNDMzkxNTc5QTdERkM5QjM3NTgwRDNENzdGQjIxQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC7eNpeIMX6t7KTHMTV6Tb7NKy
JYasksdjKPnfhgbE3OTZg7bmL5o7oBviI8Bh87o/HlbeZcV/vgbOxNHldibMXK1F
fvAqZoIFBN1OgvuGrxPS5v2A0oER/5mxwRuoQqr/MZ6vnka+GmH9dOGgb6t8jVmW
7M6/PKgdnYl47qYti0xDqm8u9Y+x+EFz/vqCa3hbIkkHtsQgarcTF29LpoMXVEw2
6yGbnEEKyYNr6WCR52PWIFKdXWe/GV4Ay/Z/0lzxFBxj/HQHV67JsyZK8JbHpu33
7Ngc5eTL6l2I5lVXfOJHMJ/asEzT/qlHww9Fi7IRpP1wnHMTav0i6GozHpoxAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUUmJ6VNPDkVeaffybN1gNPXf7IbQwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB4BggrBgEFBQcBCwRsMGowaAYIKwYBBQUHMAuGXHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzNTJlMzAyZjMyMzQy
ZDMzMzIyMDNkM2UyMDMyMzMzODM1Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5Jf8wDQYJKoZIhvcN
AQELBQADggEBAHln/VJKAJQQEme1XOxFsXyPvdV1kxiOmP+3i6bxElZQOYie8/6/
TKsHIOkP8h+iwyiMJV6uF+cPV+H815kBHCPB0FIbKWclNDT+wa8EeHqirYN7aezX
WcsOE+02j6DfioQddzws3w74E2yALDBhMD8c0H56o8jPJcch0q0zby4GqkFrsYjU
JgzWmVzi7yrFnMkXIbXdx5RK9jH5eJZWlZk1YVJz5csTxvWSohOEUhvQzG4fGwbl
KzUWKZxi7KJwpSBTeBZAanKZoHKRT//Z5svsPInJqntqwcQ6NrDH/hnC8eaOs6gS
RMY2CZ+d1cCMDErDpexZE9shT/BivDXcC0o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:22:13 2025 by rpki-client