Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f32392d3438203d3e2033323134.roa
File: 326130343a366630303a3a2f32392d3438203d3e2033323134.roa (raw, json)
Hash identifier: zQoNHBw2v46fv+8bbctRlWM3ZvmZgYMxrVZ1YKEe1NU=
Subject key identifier: A0:80:8A:FC:2F:97:DA:F9:25:28:39:6E:0E:D2:98:B0:81:17:3B:BD
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 04F57394F88E35C087F83586B8C6A4EB5C8E171E
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f32392d3438203d3e2033323134.roa
Signing time: Thu 12 Oct 2023 16:10:35 +0000
ROA not before: Thu 12 Oct 2023 16:05:35 +0000
ROA not after: Thu 10 Oct 2024 16:10:35 +0000
asID: 3214
IP address blocks: 2a04:6f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f5:73:94:f8:8e:35:c0:87:f8:35:86:b8:c6:a4:eb:5c:8e:17:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Oct 12 16:05:35 2023 GMT
Not After : Oct 10 16:10:35 2024 GMT
Subject: CN=A0808AFC2F97DAF92528396E0ED298B081173BBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:95:10:08:b3:ef:79:86:97:9c:37:fe:dc:90:
90:e8:fa:52:08:db:3f:ef:3c:5b:81:92:1b:69:dc:
4c:7e:5c:97:bb:ab:f0:ef:1d:36:58:92:08:ac:4a:
e3:5b:c2:9d:6e:7f:65:dc:48:9d:94:47:3a:c2:1f:
c8:9e:b1:8b:18:60:a1:c5:d8:f9:7e:8b:bb:f8:56:
a1:37:52:c5:53:90:cf:a0:38:be:55:a7:f1:7c:6a:
35:4a:84:32:18:6f:ea:7a:5c:21:a5:32:7a:0c:72:
11:0d:9d:a3:dc:7f:2c:01:17:ff:c3:a9:70:5f:0c:
5a:cd:c2:f8:d2:cb:38:16:53:07:e3:59:89:6a:ce:
ee:79:16:cf:a9:7f:0b:27:23:b9:f3:fe:cc:c4:5c:
1f:be:4a:6d:a2:79:30:04:df:e9:51:6d:69:d5:00:
8e:1d:73:c5:0c:10:bd:db:25:d9:33:50:63:5e:ed:
ff:d4:6d:b9:af:a2:84:61:b6:ef:61:b6:bc:92:ac:
01:b3:e3:80:af:73:03:82:27:5f:52:b6:6a:3e:de:
e2:c8:aa:c7:ce:5c:a0:a7:69:e9:ef:c8:ed:ac:23:
f4:2f:97:b8:85:a4:35:68:ba:ce:22:9e:71:78:6a:
b1:49:f3:17:7e:06:bb:d0:55:84:f9:f3:ee:1c:dc:
a7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:80:8A:FC:2F:97:DA:F9:25:28:39:6E:0E:D2:98:B0:81:17:3B:BD
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f32392d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
81:9d:7a:cc:66:42:44:2e:da:40:ac:21:e3:1f:08:d2:7d:8c:
1a:88:ab:b7:b8:a3:f9:29:6d:6c:63:66:ae:a6:c5:85:63:01:
3f:f1:c7:36:2b:47:74:8e:65:50:fb:90:67:6f:36:fc:ef:65:
7c:3f:05:8f:2e:0e:b2:9f:48:4a:39:9d:98:88:f2:9d:e9:61:
c5:44:16:bf:62:0d:49:ba:d2:2e:06:c1:94:0d:de:81:02:fc:
42:32:9c:76:7a:88:4c:28:07:94:fa:3f:1a:de:40:ad:2a:42:
b3:cb:4d:ab:03:29:7f:94:0b:72:7f:be:79:84:fc:78:4c:06:
21:65:6d:3f:3b:ba:74:0e:14:a7:7f:04:d0:c2:8b:21:f7:57:
90:3f:02:44:58:f8:c4:c2:d6:63:99:a2:b6:38:10:5f:f8:19:
8f:e5:03:c3:b5:7e:41:e2:92:a7:03:6f:68:0c:5d:7b:07:63:
ec:ba:48:c0:89:2a:f5:2c:a0:eb:29:10:3f:63:8b:9a:fc:5b:
65:f8:3e:42:02:ad:6e:c4:70:0f:e0:21:d2:ad:3f:00:21:ae:
32:f8:61:64:bb:8c:8a:e1:e5:df:63:2b:8c:6a:ac:d4:d6:54:
ad:c9:5a:05:80:80:0b:2a:36:40:c4:90:34:7b:ff:e3:e5:7a:
e7:84:72:bf
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUBPVzlPiONcCH+DWGuMak61yOFx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yMzEwMTIxNjA1MzVaFw0yNDEwMTAxNjEwMzVaMDMxMTAvBgNV
BAMTKEEwODA4QUZDMkY5N0RBRjkyNTI4Mzk2RTBFRDI5OEIwODExNzNCQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwlRAIs+95hpecN/7ckJDo+lII
2z/vPFuBkhtp3Ex+XJe7q/DvHTZYkgisSuNbwp1uf2XcSJ2URzrCH8iesYsYYKHF
2Pl+i7v4VqE3UsVTkM+gOL5Vp/F8ajVKhDIYb+p6XCGlMnoMchENnaPcfywBF//D
qXBfDFrNwvjSyzgWUwfjWYlqzu55Fs+pfwsnI7nz/szEXB++Sm2ieTAE3+lRbWnV
AI4dc8UMEL3bJdkzUGNe7f/UbbmvooRhtu9htrySrAGz44CvcwOCJ19Stmo+3uLI
qsfOXKCnaenvyO2sI/Qvl7iFpDVous4innF4arFJ8xd+BrvQVYT58+4c3Ke5AgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUoICK/C+X2vklKDluDtKYsIEXO70wHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzAzNDNhMzY2NjMwMzAzYTNhMmYzMjM5MmQz
NDM4MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoEbwAwDQYJKoZIhvcNAQEL
BQADggEBAIGdesxmQkQu2kCsIeMfCNJ9jBqIq7e4o/kpbWxjZq6mxYVjAT/xxzYr
R3SOZVD7kGdvNvzvZXw/BY8uDrKfSEo5nZiI8p3pYcVEFr9iDUm60i4GwZQN3oEC
/EIynHZ6iEwoB5T6PxreQK0qQrPLTasDKX+UC3J/vnmE/HhMBiFlbT87unQOFKd/
BNDCiyH3V5A/AkRY+MTC1mOZorY4EF/4GY/lA8O1fkHikqcDb2gMXXsHY+y6SMCJ
KvUsoOspED9ji5r8W2X4PkICrW7EcA/gIdKtPwAhrjL4YWS7jIrh5d9jK4xqrNTW
VK3JWgWAgAsqNkDEkDR7/+PleueEcr8=
-----END CERTIFICATE-----
Generated at Mon May 20 05:47:59 2024 by rpki-client on console-fra.rpki-client.org