![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3830303a3a2f34302d3438203d3e20313937373330.roa
File: 326130623a323534323a3830303a3a2f34302d3438203d3e20313937373330.roa (raw, json)
Hash identifier: 6RIJ+FummlllNKAkXQiAjBg3SRtIPtGWXG4E6NUYOLY=
Subject key identifier: 83:B2:85:E3:43:62:7E:83:C8:6C:C9:45:D4:BE:BD:33:EC:DD:CE:BB
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 199A594470256B7EFBA802CF66E96D0029489B87
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3830303a3a2f34302d3438203d3e20313937373330.roa
Signing time: Mon 04 Dec 2023 07:05:08 +0000
ROA not before: Mon 04 Dec 2023 07:00:08 +0000
ROA not after: Mon 02 Dec 2024 07:05:08 +0000
asID: 197730
IP address blocks: 2a0b:2542:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:9a:59:44:70:25:6b:7e:fb:a8:02:cf:66:e9:6d:00:29:48:9b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Dec 4 07:00:08 2023 GMT
Not After : Dec 2 07:05:08 2024 GMT
Subject: CN=83B285E343627E83C86CC945D4BEBD33ECDDCEBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:e1:f1:5d:07:22:b9:de:1a:f3:b2:7c:6a:
0d:48:e6:32:e3:a7:db:06:82:6b:1b:f6:72:a2:2a:
ab:cf:60:21:a4:b4:64:b8:b9:d4:9e:5b:2d:eb:0b:
43:c0:bb:66:1b:23:d7:59:08:ed:bb:7d:a6:28:5c:
08:04:8d:8e:bf:c8:ea:aa:f3:98:27:d1:7a:e3:dd:
3c:1f:af:8e:31:1e:f5:99:48:99:6f:17:a0:6b:aa:
0e:ee:e7:8d:c5:19:33:7a:76:29:18:d0:04:37:fe:
37:02:61:08:f1:7a:cd:64:d2:6e:08:66:b0:76:33:
d5:cb:79:50:53:43:02:d8:c2:b5:47:51:b6:0b:fa:
41:a7:ea:3d:30:4d:50:3f:26:8e:81:3a:ad:43:d5:
d6:7c:98:89:9b:87:73:f8:ce:3d:01:28:43:f9:6b:
cb:eb:53:65:05:7b:7b:83:01:02:56:b7:cb:ca:85:
10:ea:d2:e8:99:34:c2:e9:62:53:00:96:64:d8:c1:
8f:2d:ee:07:b6:f9:6e:dd:53:2e:88:0f:9a:49:d9:
0b:59:7e:5c:b7:4a:80:df:a9:36:e4:39:4e:5b:b8:
e5:b9:7e:70:28:92:e6:8f:51:86:2a:d7:9c:4a:49:
8f:e7:27:2a:3a:28:dc:8a:15:55:9b:b2:62:43:00:
f6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B2:85:E3:43:62:7E:83:C8:6C:C9:45:D4:BE:BD:33:EC:DD:CE:BB
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3830303a3a2f34302d3438203d3e20313937373330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:800::/40
Signature Algorithm: sha256WithRSAEncryption
a8:ad:9a:2a:02:a1:17:90:37:7f:4b:a5:6a:78:67:80:1f:c4:
05:46:08:b7:52:83:fd:4c:00:9c:1a:bc:d2:56:94:80:43:9b:
07:81:6c:d2:a6:b1:fb:18:11:ec:77:1b:3c:8b:bb:24:34:7f:
20:c5:df:b7:e8:b0:07:50:84:fc:bd:cb:fa:c3:42:37:82:1f:
a5:a6:44:d2:cb:32:ad:e7:d4:72:a3:21:31:c4:d7:20:a4:c6:
4a:95:20:c1:1e:8b:12:d3:fc:15:d3:46:f9:7a:fb:89:9a:9c:
81:59:85:cf:88:20:83:2e:8f:ca:23:6d:a4:e2:9e:5a:c7:4c:
c8:c5:d8:51:2a:f4:36:cc:bd:35:4b:77:89:2a:96:6f:a9:a1:
1b:4c:b8:a2:34:af:2c:6a:12:fd:15:b2:2a:f3:2d:09:19:28:
42:d4:e4:54:0f:bf:52:66:35:95:d1:6a:03:a5:8f:5f:71:b3:
c3:f8:ba:79:32:14:74:8d:e7:0a:10:c6:58:b8:e8:05:ee:88:
28:36:90:98:53:8a:03:01:9f:0b:97:07:51:7b:ac:2c:85:c9:
05:d9:49:57:19:80:38:61:c0:45:bd:4b:e4:61:e8:2d:82:e6:
e0:31:e5:47:c6:72:8d:4d:89:3b:5d:40:eb:d7:94:44:7f:04:
af:4b:87:70
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUGZpZRHAla377qALPZultAClIm4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yMzEyMDQwNzAwMDhaFw0yNDEyMDIwNzA1MDhaMDMxMTAvBgNV
BAMTKDgzQjI4NUUzNDM2MjdFODNDODZDQzk0NUQ0QkVCRDMzRUNERENFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX4+HxXQciud4a87J8ag1I5jLj
p9sGgmsb9nKiKqvPYCGktGS4udSeWy3rC0PAu2YbI9dZCO27faYoXAgEjY6/yOqq
85gn0Xrj3Twfr44xHvWZSJlvF6Brqg7u543FGTN6dikY0AQ3/jcCYQjxes1k0m4I
ZrB2M9XLeVBTQwLYwrVHUbYL+kGn6j0wTVA/Jo6BOq1D1dZ8mImbh3P4zj0BKEP5
a8vrU2UFe3uDAQJWt8vKhRDq0uiZNMLpYlMAlmTYwY8t7ge2+W7dUy6ID5pJ2QtZ
fly3SoDfqTbkOU5buOW5fnAokuaPUYYq15xKSY/nJyo6KNyKFVWbsmJDAPbpAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUg7KF40NifoPIbMlF1L69M+zdzrswHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzODMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM5MzczNzMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
CDANBgkqhkiG9w0BAQsFAAOCAQEAqK2aKgKhF5A3f0ulanhngB/EBUYIt1KD/UwA
nBq80laUgEObB4Fs0qax+xgR7HcbPIu7JDR/IMXft+iwB1CE/L3L+sNCN4IfpaZE
0ssyrefUcqMhMcTXIKTGSpUgwR6LEtP8FdNG+Xr7iZqcgVmFz4gggy6PyiNtpOKe
WsdMyMXYUSr0Nsy9NUt3iSqWb6mhG0y4ojSvLGoS/RWyKvMtCRkoQtTkVA+/UmY1
ldFqA6WPX3Gzw/i6eTIUdI3nChDGWLjoBe6IKDaQmFOKAwGfC5cHUXusLIXJBdlJ
VxmAOGHARb1L5GHoLYLm4DHlR8ZyjU2JO11A69eURH8Er0uHcA==
-----END CERTIFICATE-----
Generated at Mon Jun 17 13:45:02 2024 by rpki-client on console-ams.rpki-client.org