Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2038383838.roa
File: 3138352e33372e3235322e302f32322d3234203d3e2038383838.roa (raw, json)
Hash identifier: 0N67suNkEg1cwJdciU0lkIVbrva+AsfHunxSej5ABWw=
Subject key identifier: 28:AD:46:C8:80:D4:7E:B9:2C:3E:C4:5C:E4:70:39:57:6C:73:0D:91
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 103A6A8E038ABFC521DE71BBE307AD2F529E0E16
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2038383838.roa
Signing time: Sat 14 Sep 2024 01:22:28 +0000
ROA not before: Sat 14 Sep 2024 01:17:28 +0000
ROA not after: Sat 13 Sep 2025 01:22:28 +0000
asID: 8888
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:3a:6a:8e:03:8a:bf:c5:21:de:71:bb:e3:07:ad:2f:52:9e:0e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:28 2024 GMT
Not After : Sep 13 01:22:28 2025 GMT
Subject: CN=28AD46C880D47EB92C3EC45CE47039576C730D91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a5:e4:f9:8c:86:7b:84:64:8e:8d:78:f1:35:
d9:34:fa:13:59:98:29:6e:90:b1:fa:36:5a:ce:01:
cd:de:02:05:da:a3:7f:7a:ee:64:b2:d1:6a:52:24:
c2:94:a8:ae:d1:15:35:b8:77:4c:5e:d0:2e:59:c3:
2c:48:64:74:af:57:91:25:65:71:99:5b:8c:45:38:
eb:65:78:56:b5:7a:de:c7:c0:25:49:ff:5c:b2:6e:
3c:e6:3a:d4:c8:ea:9a:5a:eb:7b:46:cc:37:e3:27:
d3:d3:0d:00:08:bf:2c:36:71:78:5d:28:2b:8f:c8:
bd:d6:9e:64:30:f5:89:0b:a2:b5:b7:02:77:fa:3e:
5a:c1:12:3f:52:32:99:c9:0f:96:8a:ac:48:1e:8d:
80:c4:2c:0c:01:e9:88:65:41:ff:13:c8:28:16:9d:
da:3c:63:da:b4:9a:21:8e:2c:de:00:cd:8a:5f:d6:
c3:bd:d5:2c:7e:4c:0d:2b:2f:d5:7a:42:66:65:fc:
bd:46:57:c8:6d:59:e6:a9:9f:a9:b1:8d:27:04:f7:
e8:f0:2c:f0:58:16:2b:22:27:f0:6e:59:3d:49:41:
03:eb:ec:bb:b7:fb:db:db:85:33:b8:54:28:77:5c:
7a:4b:c5:a2:0c:d9:fd:a9:70:04:e7:78:cc:21:d1:
d5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AD:46:C8:80:D4:7E:B9:2C:3E:C4:5C:E4:70:39:57:6C:73:0D:91
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2038383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
34:a3:c8:78:41:7a:e6:bb:fc:df:5b:cc:8d:db:04:89:89:a7:
94:ba:d0:19:98:17:cd:49:07:7d:dd:61:06:06:2b:1e:cb:ba:
e4:27:13:42:2b:0a:bc:57:de:04:22:08:2c:0f:a0:26:0d:23:
ff:43:6b:ca:fb:af:02:81:83:f5:ea:98:48:92:8a:7a:4b:ba:
a9:c3:e6:4f:42:f9:56:71:e5:33:5e:cd:66:ab:66:78:bd:78:
01:49:2f:b2:9f:25:1b:54:04:af:ae:69:87:ab:28:d8:1e:8f:
43:cb:b3:03:9d:19:93:81:ad:cd:c9:89:69:92:04:68:e5:21:
45:19:ea:ad:3e:3f:8f:0c:80:77:5e:09:d7:82:fc:f4:f6:18:
5d:63:87:e1:b6:b4:c1:0c:b0:6f:04:7b:7f:22:84:ae:93:b5:
10:14:b8:d8:69:27:f5:dd:3c:35:ed:83:e6:4f:f7:3a:61:e2:
e4:8a:58:71:5a:a0:bf:d8:06:00:a2:68:34:37:96:77:16:43:
c3:54:50:80:37:a8:4d:1c:42:7e:c2:f6:a5:fa:1a:c5:3b:7f:
38:c2:4c:1b:0f:a2:3e:9a:4b:70:29:6f:e4:9d:34:70:9c:27:
9a:31:9a:9a:a7:b1:2d:3f:e0:0e:1e:21:48:f7:a5:fd:ae:4c:
40:4f:6a:a0
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUEDpqjgOKv8Uh3nG74wetL1KeDhYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjhaFw0yNTA5MTMwMTIyMjhaMDMxMTAvBgNV
BAMTKDI4QUQ0NkM4ODBENDdFQjkyQzNFQzQ1Q0U0NzAzOTU3NkM3MzBEOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbpeT5jIZ7hGSOjXjxNdk0+hNZ
mClukLH6NlrOAc3eAgXao3967mSy0WpSJMKUqK7RFTW4d0xe0C5ZwyxIZHSvV5El
ZXGZW4xFOOtleFa1et7HwCVJ/1yybjzmOtTI6ppa63tGzDfjJ9PTDQAIvyw2cXhd
KCuPyL3WnmQw9YkLorW3Anf6PlrBEj9SMpnJD5aKrEgejYDELAwB6YhlQf8TyCgW
ndo8Y9q0miGOLN4AzYpf1sO91Sx+TA0rL9V6QmZl/L1GV8htWeapn6mxjScE9+jw
LPBYFisiJ/BuWT1JQQPr7Lu3+9vbhTO4VCh3XHpLxaIM2f2pcATneMwh0dXhAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQUKK1GyIDUfrksPsRc5HA5V2xzDZEwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM4MzgzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSX8MA0GCSqGSIb3DQEB
CwUAA4IBAQA0o8h4QXrmu/zfW8yN2wSJiaeUutAZmBfNSQd93WEGBisey7rkJxNC
Kwq8V94EIggsD6AmDSP/Q2vK+68CgYP16phIkop6S7qpw+ZPQvlWceUzXs1mq2Z4
vXgBSS+ynyUbVASvrmmHqyjYHo9Dy7MDnRmTga3NyYlpkgRo5SFFGeqtPj+PDIB3
XgnXgvz09hhdY4fhtrTBDLBvBHt/IoSuk7UQFLjYaSf13Tw17YPmT/c6YeLkilhx
WqC/2AYAomg0N5Z3FkPDVFCAN6hNHEJ+wval+hrFO384wkwbD6I+mktwKW/knTRw
nCeaMZqap7EtP+AOHiFI96X9rkxAT2qg
-----END CERTIFICATE-----
Generated at Thu Nov 21 16:17:29 2024 by rpki-client on console-fra.rpki-client.org