Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
File: 3138352e33372e3235322e302f32322d3234203d3e2036323333.roa (raw, json)
Hash identifier: UYVa8bgF6Yn2Az929trS6NtXdXvO1IAUooYwTkp4LjA=
Subject key identifier: 24:31:5D:86:41:8D:10:21:A5:D4:CC:05:18:0F:71:1F:2C:8F:7E:FB
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 44B1BB4B01C085916451789CAE06F3E225D895C6
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
Signing time: Sat 14 Sep 2024 01:22:29 +0000
ROA not before: Sat 14 Sep 2024 01:17:29 +0000
ROA not after: Sat 13 Sep 2025 01:22:29 +0000
asID: 6233
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:b1:bb:4b:01:c0:85:91:64:51:78:9c:ae:06:f3:e2:25:d8:95:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:29 2024 GMT
Not After : Sep 13 01:22:29 2025 GMT
Subject: CN=24315D86418D1021A5D4CC05180F711F2C8F7EFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:7f:1c:45:4e:70:77:88:40:c6:2f:f6:df:
0c:ab:4a:64:16:27:ec:a6:cc:4d:ad:1e:d7:58:c9:
ca:31:bf:a0:40:4e:27:69:27:ad:4f:47:80:76:64:
34:81:42:6a:d9:08:6d:1f:39:99:b8:27:16:8b:f5:
75:91:89:57:c0:a4:1c:a8:43:ef:bb:ce:b4:0f:e2:
f7:90:2d:40:62:60:3a:8b:fd:50:03:0c:a7:0f:93:
76:a9:0c:6f:11:3c:ee:cb:53:eb:fb:b9:a2:38:5f:
0f:61:63:ad:e0:f1:78:40:ab:45:fc:df:6e:e8:59:
cd:cd:01:d5:69:57:32:f6:74:56:8c:4d:81:d2:0c:
10:4e:53:92:13:bd:61:20:70:a2:14:25:b4:2c:3e:
4d:02:2b:07:03:65:b8:d1:c4:46:d9:53:81:c8:8a:
9e:3b:84:4b:46:3f:54:8e:f1:a1:c2:e2:57:a1:6e:
ac:e3:26:2b:af:5d:cf:30:fa:5e:ce:f0:67:f3:b8:
a6:c9:44:42:71:25:d9:fa:a4:b0:25:6c:10:f8:70:
50:db:67:bf:2e:f6:65:45:32:11:22:62:8d:d7:d5:
27:cf:78:91:dc:b0:34:81:1f:a5:92:0d:da:7f:0d:
ae:44:83:c8:b1:98:67:67:d4:d4:e1:77:20:2d:b5:
00:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:31:5D:86:41:8D:10:21:A5:D4:CC:05:18:0F:71:1F:2C:8F:7E:FB
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:b5:c2:6b:b3:96:9f:fe:d3:fe:fb:c3:d3:74:40:2e:44:79:
79:28:1e:2d:89:09:29:14:fb:4e:1f:61:32:af:ac:ec:01:b9:
78:11:83:5a:50:12:fc:9d:d8:6b:ac:51:8c:93:6a:3a:81:9a:
20:16:23:a2:bd:87:84:80:45:c6:d6:0e:42:c0:af:80:18:41:
82:70:28:61:6d:6d:68:22:bf:70:a9:1b:bb:62:3a:4d:f4:60:
e0:05:14:c1:45:5f:40:de:bc:ba:0e:fd:6e:96:42:15:85:58:
b0:78:a4:68:b4:c4:2d:fb:e1:42:46:60:a0:ef:6c:55:d1:26:
ee:b4:94:c3:7b:ed:d8:57:3a:d0:1c:48:ff:00:f1:74:55:6b:
e5:da:58:1d:7f:71:c9:67:ac:78:72:68:a9:26:09:c9:31:b2:
a2:51:25:b5:6e:dd:00:c2:85:cd:f2:dc:88:19:94:b4:30:4c:
2c:0f:b9:ba:ed:78:e0:83:dd:08:bf:9b:db:af:4d:83:c0:d4:
a6:33:c3:12:63:dd:bc:91:30:eb:bb:9a:90:6a:d5:85:08:ba:
04:75:a8:ef:6b:f2:0b:05:bb:b2:3c:42:85:3d:73:15:39:5c:
ec:9f:90:1c:16:73:0b:76:58:3c:2f:fe:2b:0d:ea:11:89:bf:
51:77:67:c1
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIURLG7SwHAhZFkUXicrgbz4iXYlcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjlaFw0yNTA5MTMwMTIyMjlaMDMxMTAvBgNV
BAMTKDI0MzE1RDg2NDE4RDEwMjFBNUQ0Q0MwNTE4MEY3MTFGMkM4RjdFRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLFX8cRU5wd4hAxi/23wyrSmQW
J+ymzE2tHtdYycoxv6BATidpJ61PR4B2ZDSBQmrZCG0fOZm4JxaL9XWRiVfApByo
Q++7zrQP4veQLUBiYDqL/VADDKcPk3apDG8RPO7LU+v7uaI4Xw9hY63g8XhAq0X8
327oWc3NAdVpVzL2dFaMTYHSDBBOU5ITvWEgcKIUJbQsPk0CKwcDZbjRxEbZU4HI
ip47hEtGP1SO8aHC4lehbqzjJiuvXc8w+l7O8GfzuKbJREJxJdn6pLAlbBD4cFDb
Z78u9mVFMhEiYo3X1SfPeJHcsDSBH6WSDdp/Da5Eg8ixmGdn1NThdyAttQBjAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQUJDFdhkGNECGl1MwFGA9xHyyPfvswHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM2MzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSX8MA0GCSqGSIb3DQEB
CwUAA4IBAQCftcJrs5af/tP++8PTdEAuRHl5KB4tiQkpFPtOH2Eyr6zsAbl4EYNa
UBL8ndhrrFGMk2o6gZogFiOivYeEgEXG1g5CwK+AGEGCcChhbW1oIr9wqRu7YjpN
9GDgBRTBRV9A3ry6Dv1ulkIVhViweKRotMQt++FCRmCg72xV0SbutJTDe+3YVzrQ
HEj/APF0VWvl2lgdf3HJZ6x4cmipJgnJMbKiUSW1bt0AwoXN8tyIGZS0MEwsD7m6
7Xjgg90Iv5vbr02DwNSmM8MSY928kTDru5qQatWFCLoEdajva/ILBbuyPEKFPXMV
OVzsn5AcFnMLdlg8L/4rDeoRib9Rd2fB
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org