Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2033323538.roa
File: 3138352e33372e3235322e302f32322d3234203d3e2033323538.roa (raw, json)
Hash identifier: Ud8noFELJBOlRFNHt6Bu5c6/4igIlvOzTLs7z8OalKI=
Subject key identifier: 1F:17:C5:72:BE:F1:0E:51:57:3B:23:9D:4C:44:0B:5D:AE:99:35:FF
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 382F20DCBC4A6F9D20B3F321BD4ADBC28737BEBE
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2033323538.roa
Signing time: Thu 30 Apr 2026 09:16:45 +0000
ROA not before: Thu 30 Apr 2026 09:11:45 +0000
ROA not after: Thu 29 Apr 2027 09:16:45 +0000
asID: 3258
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:2f:20:dc:bc:4a:6f:9d:20:b3:f3:21:bd:4a:db:c2:87:37:be:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Apr 30 09:11:45 2026 GMT
Not After : Apr 29 09:16:45 2027 GMT
Subject: CN=1F17C572BEF10E51573B239D4C440B5DAE9935FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:b5:c1:df:a3:d7:d3:5d:62:1f:66:ca:66:c9:
c0:41:23:7a:db:2f:2e:01:39:11:2d:2a:f6:e8:ab:
ce:56:f8:18:7f:62:ff:9f:61:76:15:19:7e:75:ea:
18:6a:30:22:f8:96:de:22:6f:32:3c:0c:15:df:fc:
84:ca:d8:e8:ef:af:30:61:a6:93:82:56:fe:4c:9f:
ad:2e:29:53:4d:e5:c4:f0:60:8d:3c:c5:b1:19:46:
02:6e:69:b2:36:61:c4:d8:60:d5:b2:57:24:2c:ac:
f3:c1:53:80:7a:8f:04:81:df:95:3d:2a:81:b6:8c:
1d:f3:ec:6d:96:28:c4:d2:f1:bf:58:bc:18:14:9e:
46:6e:5f:27:b2:05:d7:fc:6d:31:7e:e4:c4:94:22:
f1:47:b5:89:fe:9f:63:bd:78:c4:0e:c3:21:85:11:
ed:ab:c8:95:8d:19:b9:17:2d:57:36:c1:bf:a1:5e:
ee:56:50:66:8d:ec:8d:99:dc:db:7a:8c:94:92:91:
49:f2:eb:45:7b:bf:88:23:b1:5c:3e:66:3f:39:48:
d9:c5:fa:f9:6f:e4:c0:d7:2f:54:7d:26:ef:f7:5c:
ce:a8:62:45:8c:59:5b:7b:f8:c7:ea:e9:94:b2:26:
da:8c:fa:84:bf:8c:1b:07:f1:f8:6f:8c:40:c8:7a:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:17:C5:72:BE:F1:0E:51:57:3B:23:9D:4C:44:0B:5D:AE:99:35:FF
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2033323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
96:59:47:03:60:ef:2a:9e:eb:a8:4e:af:1e:a2:91:30:b1:ee:
28:a2:06:d0:d1:45:a9:07:1f:d6:be:b4:64:12:26:c2:5c:bc:
3e:bf:8e:e0:99:2c:b5:c7:42:63:71:8f:ef:2b:91:c3:c5:26:
bc:0e:d1:cf:eb:68:bd:32:f2:6a:fd:e0:00:cd:a4:f5:18:7b:
92:a5:3d:d1:ea:b1:e2:ef:98:81:46:29:05:31:91:39:d9:dc:
a2:32:a8:a6:54:c2:be:3c:fe:b3:17:99:4e:36:ea:f1:f9:ad:
e8:21:d0:d9:db:8f:97:40:4c:23:4c:14:69:05:67:42:dd:c2:
aa:ed:06:28:bf:4d:20:49:37:e6:e3:14:b2:8a:a0:c7:3c:49:
eb:63:0c:c6:cd:f1:86:26:b7:03:0a:9c:36:27:8a:4e:3d:f6:
76:e6:27:6d:ec:31:43:e1:f3:df:59:5b:b8:57:cc:ac:51:32:
28:c1:e5:2c:f9:3b:42:c3:98:e2:6b:44:03:fd:a7:cb:e6:ef:
8a:71:78:31:6d:51:55:d3:37:d9:14:bc:1d:9d:c2:df:7a:e6:
5d:39:f8:27:98:69:46:4d:10:9f:ac:b0:ad:e1:67:6d:bf:e8:
e4:f7:c4:a4:41:f0:4f:66:04:12:f3:e3:63:6f:c1:b8:d5:f7:
cf:79:42:f6
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUOC8g3LxKb50gs/MhvUrbwoc3vr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNjA0MzAwOTExNDVaFw0yNzA0MjkwOTE2NDVaMDMxMTAvBgNV
BAMTKDFGMTdDNTcyQkVGMTBFNTE1NzNCMjM5RDRDNDQwQjVEQUU5OTM1RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5tcHfo9fTXWIfZspmycBBI3rb
Ly4BOREtKvboq85W+Bh/Yv+fYXYVGX516hhqMCL4lt4ibzI8DBXf/ITK2OjvrzBh
ppOCVv5Mn60uKVNN5cTwYI08xbEZRgJuabI2YcTYYNWyVyQsrPPBU4B6jwSB35U9
KoG2jB3z7G2WKMTS8b9YvBgUnkZuXyeyBdf8bTF+5MSUIvFHtYn+n2O9eMQOwyGF
Ee2ryJWNGbkXLVc2wb+hXu5WUGaN7I2Z3Nt6jJSSkUny60V7v4gjsVw+Zj85SNnF
+vlv5MDXL1R9Ju/3XM6oYkWMWVt7+Mfq6ZSyJtqM+oS/jBsH8fhvjEDIen0XAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQUHxfFcr7xDlFXOyOdTEQLXa6ZNf8wHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDMzMzIzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSX8MA0GCSqGSIb3DQEB
CwUAA4IBAQCWWUcDYO8qnuuoTq8eopEwse4oogbQ0UWpBx/WvrRkEibCXLw+v47g
mSy1x0JjcY/vK5HDxSa8DtHP62i9MvJq/eAAzaT1GHuSpT3R6rHi75iBRikFMZE5
2dyiMqimVMK+PP6zF5lONurx+a3oIdDZ24+XQEwjTBRpBWdC3cKq7QYov00gSTfm
4xSyiqDHPEnrYwzGzfGGJrcDCpw2J4pOPfZ25idt7DFD4fPfWVu4V8ysUTIoweUs
+TtCw5jia0QD/afL5u+KcXgxbVFV0zfZFLwdncLfeuZdOfgnmGlGTRCfrLCt4Wdt
v+jk98SkQfBPZgQS8+Njb8G41ffPeUL2
-----END CERTIFICATE-----
Generated at Sat May 2 00:51:18 2026 by rpki-client