Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
File: 3138352e33372e3235322e302f32322d3234203d3e2036323333.roa (raw, json)
Hash identifier: MG2ZX0t/+W28mjDOfy/S0QZmhyZom4ZHHloLsYxn/bk=
Subject key identifier: 20:AB:39:5E:9F:50:94:28:5B:95:5E:45:DE:5A:68:A2:0D:D6:2A:38
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 17D38F3C37BB700D44B513A90FCA8E941514A991
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
Signing time: Thu 12 Oct 2023 16:10:35 +0000
ROA not before: Thu 12 Oct 2023 16:05:35 +0000
ROA not after: Thu 10 Oct 2024 16:10:35 +0000
asID: 6233
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d3:8f:3c:37:bb:70:0d:44:b5:13:a9:0f:ca:8e:94:15:14:a9:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Oct 12 16:05:35 2023 GMT
Not After : Oct 10 16:10:35 2024 GMT
Subject: CN=20AB395E9F5094285B955E45DE5A68A20DD62A38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9b:00:8a:74:82:d8:8a:83:c5:29:17:fd:4d:
95:ea:29:9a:7f:3b:c9:86:5d:07:2b:76:cf:58:81:
3d:1b:cd:02:8a:c2:d8:fa:41:f8:a6:fd:84:ec:c4:
41:f4:5f:0f:d9:d5:87:0b:60:67:94:9a:e0:36:eb:
f1:1b:25:c1:0e:68:26:dd:46:3a:ab:0f:a9:eb:2c:
58:70:e7:35:ef:88:43:a8:3a:19:32:82:91:80:fc:
e1:26:f2:a0:69:3e:ea:02:c1:a4:78:53:75:5f:88:
1d:7a:5e:67:a6:21:1b:a8:4f:59:87:ce:4d:77:b8:
55:69:a2:58:31:65:44:97:b5:81:16:9e:91:28:81:
35:97:5e:73:57:0f:d5:48:ba:f7:46:5f:82:85:f4:
8f:e7:c3:8d:6e:88:a6:8e:8b:b8:08:8b:f2:63:79:
01:19:70:0a:cb:26:55:72:a5:7b:56:d0:0d:95:71:
89:da:4c:01:fc:6c:07:69:f3:d5:33:31:6a:97:0e:
9e:9f:50:9b:ce:80:3b:da:1c:91:ac:fb:81:9e:32:
e3:bf:43:85:34:6e:12:cd:e6:fd:86:d3:44:e1:3f:
3f:44:ee:b8:17:ef:67:3f:a6:38:bf:4f:40:91:91:
fd:d9:33:cb:0a:10:a1:14:20:ad:01:c1:e2:2d:eb:
f1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AB:39:5E:9F:50:94:28:5B:95:5E:45:DE:5A:68:A2:0D:D6:2A:38
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
65:72:79:17:91:56:ee:18:d9:64:58:05:3b:f6:c0:e7:d0:d9:
dd:8e:0d:9c:60:62:87:03:c9:de:65:b1:76:9a:c7:38:a1:65:
93:40:d9:4d:53:1f:9d:d1:d5:35:4c:3e:40:f9:fa:8a:2c:66:
51:ac:24:5e:68:0d:2d:01:39:bd:7f:ee:7d:f0:ed:78:2e:69:
d6:91:21:d8:fb:e7:09:d6:c6:f7:35:41:e8:8c:fa:da:7c:b4:
90:18:e4:5c:44:e6:65:22:c9:f7:51:a4:aa:87:62:aa:9a:8f:
a0:c1:dc:97:3c:68:dd:bc:ff:fe:af:9e:ed:63:fd:2e:91:3e:
57:eb:19:85:10:8d:ac:6a:ce:8b:34:6c:f7:8f:86:74:9e:c6:
01:6e:75:57:0b:8c:7f:ad:6a:b4:d2:1e:f0:eb:76:00:3b:f3:
70:a7:52:45:f6:fa:0d:24:e8:ac:42:96:99:ba:12:ac:1a:b8:
d6:50:79:cf:58:65:19:60:94:95:83:cd:39:87:8b:99:4f:5f:
ef:02:c1:fb:54:02:2d:6d:00:f4:32:a1:39:8a:ad:31:bf:46:
db:cc:ef:1d:33:2a:ad:38:f5:79:11:78:a8:84:71:11:e2:3b:
20:d4:1b:9c:aa:89:a5:9c:b9:dc:75:70:3e:55:0d:46:7f:77:
a2:4d:5a:6b
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUF9OPPDe7cA1EtROpD8qOlBUUqZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yMzEwMTIxNjA1MzVaFw0yNDEwMTAxNjEwMzVaMDMxMTAvBgNV
BAMTKDIwQUIzOTVFOUY1MDk0Mjg1Qjk1NUU0NURFNUE2OEEyMERENjJBMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHmwCKdILYioPFKRf9TZXqKZp/
O8mGXQcrds9YgT0bzQKKwtj6Qfim/YTsxEH0Xw/Z1YcLYGeUmuA26/EbJcEOaCbd
RjqrD6nrLFhw5zXviEOoOhkygpGA/OEm8qBpPuoCwaR4U3VfiB16XmemIRuoT1mH
zk13uFVpolgxZUSXtYEWnpEogTWXXnNXD9VIuvdGX4KF9I/nw41uiKaOi7gIi/Jj
eQEZcArLJlVypXtW0A2VcYnaTAH8bAdp89UzMWqXDp6fUJvOgDvaHJGs+4GeMuO/
Q4U0bhLN5v2G00ThPz9E7rgX72c/pji/T0CRkf3ZM8sKEKEUIK0BweIt6/G7AgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQUIKs5Xp9QlChblV5F3lpoog3WKjgwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM2MzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSX8MA0GCSqGSIb3DQEB
CwUAA4IBAQBlcnkXkVbuGNlkWAU79sDn0Nndjg2cYGKHA8neZbF2msc4oWWTQNlN
Ux+d0dU1TD5A+fqKLGZRrCReaA0tATm9f+598O14LmnWkSHY++cJ1sb3NUHojPra
fLSQGORcROZlIsn3UaSqh2Kqmo+gwdyXPGjdvP/+r57tY/0ukT5X6xmFEI2sas6L
NGz3j4Z0nsYBbnVXC4x/rWq00h7w63YAO/Nwp1JF9voNJOisQpaZuhKsGrjWUHnP
WGUZYJSVg805h4uZT1/vAsH7VAItbQD0MqE5iq0xv0bbzO8dMyqtOPV5EXiohHER
4jsg1BucqomlnLncdXA+VQ1Gf3eiTVpr
-----END CERTIFICATE-----
Generated at Tue Jun 4 05:01:09 2024 by rpki-client on console-fra.rpki-client.org