Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2033323134.roa
File: 3138352e33372e3235322e302f32322d3234203d3e2033323134.roa (raw, json)
Hash identifier: 4kDWkCWoD32Q8R+xSsLxKd6NdD93vjHkBzeM3Z2IWkk=
Subject key identifier: 48:78:A5:77:42:A4:99:46:5F:1F:F3:FD:60:EF:0E:18:27:F6:FF:D4
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 7CFB0E17D21452D390AFDAC749E5BCCBE97B25AA
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2033323134.roa
Signing time: Sat 14 Sep 2024 01:22:27 +0000
ROA not before: Sat 14 Sep 2024 01:17:27 +0000
ROA not after: Sat 13 Sep 2025 01:22:27 +0000
asID: 3214
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:fb:0e:17:d2:14:52:d3:90:af:da:c7:49:e5:bc:cb:e9:7b:25:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:27 2024 GMT
Not After : Sep 13 01:22:27 2025 GMT
Subject: CN=4878A57742A499465F1FF3FD60EF0E1827F6FFD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:82:a1:1e:8b:5f:35:6a:3f:be:70:43:d8:c3:
53:0a:85:43:36:6f:ac:ef:a0:86:e7:3d:fe:ab:dd:
c3:e6:39:6a:02:36:ed:b9:6f:87:0a:0d:47:cb:76:
c0:80:1a:76:56:30:8d:06:b2:8d:c6:aa:78:9f:47:
f8:d8:60:5f:ce:72:61:20:38:2c:1f:8a:7f:fa:55:
d8:94:2d:0f:43:32:35:c5:c2:3b:aa:f4:ae:73:9c:
0d:15:57:e4:10:c2:c3:92:9c:e1:82:0d:f3:96:dd:
86:14:db:81:87:86:bb:71:fe:7f:10:b7:a3:4f:91:
12:b9:49:92:43:81:f9:17:cf:4e:3f:78:62:f1:87:
5b:77:36:11:de:d9:3e:23:bd:f5:81:db:a2:18:12:
5d:5f:e6:db:dd:83:a8:35:99:17:60:6a:d7:29:fe:
08:55:db:18:d2:29:25:d5:6b:c4:c0:74:39:13:26:
de:64:a1:f2:a9:a4:2b:62:47:78:6c:90:4e:2a:bf:
4e:80:ca:e2:de:06:53:09:e8:ab:23:c8:74:78:c5:
f5:3e:a4:f3:1d:4d:46:02:f9:d0:42:e6:a5:3a:0b:
1d:54:43:42:3c:1a:35:4b:03:f1:4d:f6:2a:92:6c:
93:46:93:ba:d0:70:04:7b:9e:19:fe:91:a8:f4:ef:
80:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:78:A5:77:42:A4:99:46:5F:1F:F3:FD:60:EF:0E:18:27:F6:FF:D4
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:1c:36:73:83:12:a6:99:4a:e4:dc:66:1f:4c:11:b4:5e:58:
a0:2c:bd:9f:bc:83:41:cb:b8:11:23:18:54:78:9c:ff:f7:f4:
cb:50:58:ad:e1:02:d4:44:57:50:c6:f8:f0:c2:41:93:a8:02:
76:c5:70:90:15:44:f5:64:2a:37:28:a2:31:e7:83:3d:ff:57:
2b:e6:f6:5c:ff:c6:d8:04:74:25:5d:56:26:59:68:39:56:33:
37:01:b8:9d:fe:ff:eb:91:d7:8e:85:90:48:2c:2c:cb:2f:62:
23:3b:93:d9:44:3a:72:b3:95:f7:8f:c6:8a:c9:36:cc:54:5f:
ed:ff:9f:f5:1e:0d:09:16:e8:17:da:d5:2d:67:e8:32:07:c7:
7f:77:51:67:3f:ae:a1:a2:a1:16:99:0c:af:b3:7b:15:9a:af:
fc:de:29:58:91:26:c4:4f:f0:c7:7b:98:bc:7d:d9:65:40:26:
6c:8e:41:d2:4c:9f:4e:7a:6f:1d:98:9e:59:1a:b4:ff:b3:1a:
59:5a:d3:6b:86:c5:d9:c2:af:2b:7b:38:b5:05:3c:04:f7:5e:
5c:88:c7:66:18:7d:b2:4f:74:14:e0:b9:f6:b4:90:68:94:ae:
b6:8c:51:0f:dd:a5:30:c4:df:a8:bb:10:01:b4:f1:e3:7b:27:
2f:c9:8b:2f
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUfPsOF9IUUtOQr9rHSeW8y+l7JaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjdaFw0yNTA5MTMwMTIyMjdaMDMxMTAvBgNV
BAMTKDQ4NzhBNTc3NDJBNDk5NDY1RjFGRjNGRDYwRUYwRTE4MjdGNkZGRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8gqEei181aj++cEPYw1MKhUM2
b6zvoIbnPf6r3cPmOWoCNu25b4cKDUfLdsCAGnZWMI0Gso3GqnifR/jYYF/OcmEg
OCwfin/6VdiULQ9DMjXFwjuq9K5znA0VV+QQwsOSnOGCDfOW3YYU24GHhrtx/n8Q
t6NPkRK5SZJDgfkXz04/eGLxh1t3NhHe2T4jvfWB26IYEl1f5tvdg6g1mRdgatcp
/ghV2xjSKSXVa8TAdDkTJt5kofKppCtiR3hskE4qv06AyuLeBlMJ6KsjyHR4xfU+
pPMdTUYC+dBC5qU6Cx1UQ0I8GjVLA/FN9iqSbJNGk7rQcAR7nhn+kaj074BPAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQUSHild0KkmUZfH/P9YO8OGCf2/9QwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDMzMzIzMTM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSX8MA0GCSqGSIb3DQEB
CwUAA4IBAQDIHDZzgxKmmUrk3GYfTBG0XligLL2fvINBy7gRIxhUeJz/9/TLUFit
4QLURFdQxvjwwkGTqAJ2xXCQFUT1ZCo3KKIx54M9/1cr5vZc/8bYBHQlXVYmWWg5
VjM3Abid/v/rkdeOhZBILCzLL2IjO5PZRDpys5X3j8aKyTbMVF/t/5/1Hg0JFugX
2tUtZ+gyB8d/d1FnP66hoqEWmQyvs3sVmq/83ilYkSbET/DHe5i8fdllQCZsjkHS
TJ9Oem8dmJ5ZGrT/sxpZWtNrhsXZwq8rezi1BTwE915ciMdmGH2yT3QU4Ln2tJBo
lK62jFEP3aUwxN+ouxABtPHjeycvyYsv
-----END CERTIFICATE-----
Generated at Thu Nov 21 16:17:29 2024 by rpki-client on console-fra.rpki-client.org