Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e20393439.roa
File: 3138352e33372e3235322e302f32322d3234203d3e20393439.roa (raw, json)
Hash identifier: 5ww1tmf1b8mW/owcEDef8iPMdMRHp6Y3gH2eIq4NXhc=
Subject key identifier: B3:2B:5B:1F:60:07:62:0E:D3:ED:1E:1E:36:22:F0:CC:2D:BE:AE:73
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 264237D33D9014401570CB2E5221C4BDCC4B5B1D
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e20393439.roa
Signing time: Sat 14 Sep 2024 01:22:28 +0000
ROA not before: Sat 14 Sep 2024 01:17:28 +0000
ROA not after: Sat 13 Sep 2025 01:22:28 +0000
asID: 949
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:42:37:d3:3d:90:14:40:15:70:cb:2e:52:21:c4:bd:cc:4b:5b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:28 2024 GMT
Not After : Sep 13 01:22:28 2025 GMT
Subject: CN=B32B5B1F6007620ED3ED1E1E3622F0CC2DBEAE73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:29:3a:0a:d7:51:7d:9e:15:b0:1c:07:cd:
68:1a:b8:59:b2:f4:1c:c3:ed:d3:8e:ff:89:4e:ec:
48:ed:69:06:cb:b4:04:14:5a:45:cb:0a:1d:fd:f3:
1e:7d:74:56:a1:4f:9a:5f:85:64:f9:80:72:be:cc:
f2:1a:77:8d:74:31:98:df:39:28:4a:7e:11:ec:4e:
09:ae:01:a1:94:25:49:43:29:01:0d:68:5d:42:77:
16:58:6f:e5:e3:15:62:bb:98:11:f5:88:8c:69:84:
49:c2:7d:96:c3:cf:04:7d:ac:f3:cc:4a:b6:9f:dd:
15:be:02:a8:95:61:fa:e5:3c:51:b1:f7:3e:91:f4:
3c:81:4d:86:84:28:51:08:53:5e:41:4e:e2:71:84:
f6:1b:ed:be:de:61:c6:d6:c1:2e:40:45:be:40:0d:
70:3a:68:d3:73:f9:a8:77:d7:02:4e:0a:a3:7a:e4:
3c:78:56:d2:ae:2a:f3:48:61:70:09:29:6d:98:bc:
c5:e0:7c:ef:5e:10:35:e5:11:dd:77:c6:93:bd:3a:
02:c2:a2:43:dd:0f:75:9f:01:41:bb:c8:5c:3a:28:
19:76:17:69:17:08:21:c6:01:ed:36:f4:c4:35:ce:
e5:d6:f2:75:3a:b4:7f:66:13:43:f6:49:14:cc:a9:
24:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2B:5B:1F:60:07:62:0E:D3:ED:1E:1E:36:22:F0:CC:2D:BE:AE:73
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e20393439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:11:ea:26:0d:4b:2d:30:ce:c3:3d:36:f2:9c:0e:19:33:c4:
3b:18:33:80:1d:6c:19:e8:bf:3f:3e:e8:14:e4:bd:9f:15:d9:
94:5e:95:bd:18:bc:f8:66:e8:bc:cd:86:29:43:d6:51:6a:29:
97:11:5b:4c:10:f0:d7:fd:33:00:64:4a:35:65:1e:3b:0c:ca:
39:41:42:63:e2:2a:a4:ca:c8:a2:19:35:66:9a:d5:c6:87:99:
67:9d:4d:a0:93:79:c3:c9:3f:ab:5d:fe:0e:e5:71:ea:f0:74:
11:b4:5d:b6:19:47:82:39:01:4d:f6:67:3d:8c:03:0e:2a:f6:
e2:69:ff:ee:eb:2e:0d:38:13:f5:e9:a7:e3:73:4b:41:ba:d8:
9b:8a:1d:be:0a:c6:93:8b:97:b9:64:8f:9e:81:89:5e:f5:eb:
7d:ab:19:ce:c8:f1:bc:4a:ca:41:28:83:5d:f6:95:df:03:09:
02:ba:27:fd:2a:69:9e:f5:ef:be:48:3c:89:e8:ae:63:9e:93:
ba:05:34:84:98:64:50:eb:f9:37:8f:4a:22:a1:9b:84:5a:30:
2f:69:a3:27:e9:b3:96:93:36:7d:34:bf:e2:29:df:0e:05:37:
6b:a3:b9:25:da:eb:7a:23:a9:c1:70:0a:e7:83:6d:3e:d8:9a:
98:25:e9:7e
-----BEGIN CERTIFICATE-----
MIIEwjCCA6qgAwIBAgIUJkI30z2QFEAVcMsuUiHEvcxLWx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjhaFw0yNTA5MTMwMTIyMjhaMDMxMTAvBgNV
BAMTKEIzMkI1QjFGNjAwNzYyMEVEM0VEMUUxRTM2MjJGMENDMkRCRUFFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKcCk6CtdRfZ4VsBwHzWgauFmy
9BzD7dOO/4lO7EjtaQbLtAQUWkXLCh398x59dFahT5pfhWT5gHK+zPIad410MZjf
OShKfhHsTgmuAaGUJUlDKQENaF1CdxZYb+XjFWK7mBH1iIxphEnCfZbDzwR9rPPM
Sraf3RW+AqiVYfrlPFGx9z6R9DyBTYaEKFEIU15BTuJxhPYb7b7eYcbWwS5ARb5A
DXA6aNNz+ah31wJOCqN65Dx4VtKuKvNIYXAJKW2YvMXgfO9eEDXlEd13xpO9OgLC
okPdD3WfAUG7yFw6KBl2F2kXCCHGAe029MQ1zuXW8nU6tH9mE0P2SRTMqSTdAgMB
AAGjggHMMIIByDAdBgNVHQ4EFgQUsytbH2AHYg7T7R4eNiLwzC2+rnMwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM5MzQzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkl/DANBgkqhkiG9w0BAQsF
AAOCAQEAbxHqJg1LLTDOwz028pwOGTPEOxgzgB1sGei/Pz7oFOS9nxXZlF6VvRi8
+GbovM2GKUPWUWoplxFbTBDw1/0zAGRKNWUeOwzKOUFCY+IqpMrIohk1ZprVxoeZ
Z51NoJN5w8k/q13+DuVx6vB0EbRdthlHgjkBTfZnPYwDDir24mn/7usuDTgT9emn
43NLQbrYm4odvgrGk4uXuWSPnoGJXvXrfasZzsjxvErKQSiDXfaV3wMJAron/Spp
nvXvvkg8ieiuY56TugU0hJhkUOv5N49KIqGbhFowL2mjJ+mzlpM2fTS/4infDgU3
a6O5JdrreiOpwXAK54NtPtiamCXpfg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org