Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130343a366630343a3a2f33322d3438203d3e2033323134.roa
File: 326130343a366630343a3a2f33322d3438203d3e2033323134.roa (raw, json)
Hash identifier: SuOMHvUHLfGQ83E+Cf0aWiWT5I1L1Fv+EJ8iEtLqOiI=
Subject key identifier: 95:4B:3C:81:FE:7C:28:83:07:47:96:2D:7E:21:1F:5C:C4:51:16:A1
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 1D4409C5FF2719F0A5BC10B8D890C2F734DC23F9
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630343a3a2f33322d3438203d3e2033323134.roa
Signing time: Sat 14 Sep 2024 01:22:29 +0000
ROA not before: Sat 14 Sep 2024 01:17:29 +0000
ROA not after: Sat 13 Sep 2025 01:22:29 +0000
asID: 3214
IP address blocks: 2a04:6f04::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:44:09:c5:ff:27:19:f0:a5:bc:10:b8:d8:90:c2:f7:34:dc:23:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:29 2024 GMT
Not After : Sep 13 01:22:29 2025 GMT
Subject: CN=954B3C81FE7C28830747962D7E211F5CC45116A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:79:8d:88:08:0e:d0:f5:46:e9:1b:67:af:0e:
32:cc:89:db:4a:f4:aa:45:ff:7c:bc:c3:a1:97:20:
57:24:5c:e3:20:49:50:1f:bf:3a:e9:4f:10:2b:89:
fc:41:6a:5c:8e:8c:82:c3:a1:b0:4f:8d:f7:4d:d9:
b2:05:b0:d7:d3:ac:50:b7:bf:c6:74:02:ed:18:82:
94:9c:6d:e9:88:47:22:e9:2a:10:57:fc:83:e3:7d:
29:1f:b0:f7:d0:f7:60:64:30:03:46:4f:13:aa:eb:
7c:69:02:13:d4:15:64:42:63:5c:63:d2:60:74:70:
79:64:08:3c:70:40:e3:ff:48:0d:ff:ce:33:90:c5:
f1:1b:21:cb:a6:c6:2e:fc:69:44:39:cb:24:e7:17:
46:0d:88:1e:0e:74:83:4b:2f:dd:05:1f:c9:bf:bf:
7b:0a:0c:9b:55:d1:b5:30:70:43:f6:4f:f5:3e:11:
de:c2:5c:61:be:1b:21:f2:6e:32:a0:fa:b8:7d:a1:
2c:02:8d:cb:e7:4a:47:2f:98:27:fa:34:51:5c:3d:
a7:b4:53:f4:36:35:9a:c1:aa:37:a2:96:a1:e2:d2:
05:de:cd:8b:7d:d6:ab:b1:7f:e8:89:48:2c:3f:dd:
2a:39:fa:ac:44:50:4b:98:a7:bc:25:6c:4e:31:80:
6e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4B:3C:81:FE:7C:28:83:07:47:96:2D:7E:21:1F:5C:C4:51:16:A1
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630343a3a2f33322d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6f04::/32
Signature Algorithm: sha256WithRSAEncryption
84:b9:d2:5e:6b:9b:d3:c9:43:dc:be:51:7d:20:1b:01:d3:02:
87:c9:c6:30:80:28:a6:12:92:be:40:07:17:27:6c:63:b6:d7:
91:4a:d5:f1:10:7d:ca:2d:b5:91:05:33:5f:38:51:09:62:8f:
6b:dc:14:10:49:d5:9b:ee:23:8c:92:49:17:fc:3d:97:20:77:
9f:b1:f8:8b:66:cb:59:9e:95:41:ec:bc:ce:a9:10:2c:8f:4f:
9e:ac:e3:ec:2e:24:17:63:24:96:73:93:0b:2e:4f:d8:c8:40:
cd:ae:4c:89:77:e0:94:32:62:74:6c:eb:f0:4a:75:ee:1e:ad:
7b:67:8f:c1:3e:fd:33:c0:09:6d:e8:89:7e:77:21:9b:b6:a7:
bb:4a:12:ab:e1:48:13:35:aa:e2:04:57:71:64:31:87:76:38:
d7:00:c1:24:8e:0c:cc:0b:fd:73:9e:c1:5c:5e:20:9c:f0:b3:
9b:bc:c8:2d:bc:26:44:90:78:ba:34:3e:37:0e:22:8c:56:f2:
d0:50:9e:4b:c1:8a:16:55:33:e3:30:27:16:5b:21:5b:cc:58:
de:12:71:6f:e2:4e:14:c4:a3:8e:f1:12:5a:66:9e:18:31:75:
ca:f5:15:b2:f6:9e:68:89:9e:bd:33:45:7d:0a:64:e3:66:d1:
92:82:5d:35
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUHUQJxf8nGfClvBC42JDC9zTcI/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjlaFw0yNTA5MTMwMTIyMjlaMDMxMTAvBgNV
BAMTKDk1NEIzQzgxRkU3QzI4ODMwNzQ3OTYyRDdFMjExRjVDQzQ1MTE2QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJeY2ICA7Q9UbpG2evDjLMidtK
9KpF/3y8w6GXIFckXOMgSVAfvzrpTxArifxBalyOjILDobBPjfdN2bIFsNfTrFC3
v8Z0Au0YgpScbemIRyLpKhBX/IPjfSkfsPfQ92BkMANGTxOq63xpAhPUFWRCY1xj
0mB0cHlkCDxwQOP/SA3/zjOQxfEbIcumxi78aUQ5yyTnF0YNiB4OdINLL90FH8m/
v3sKDJtV0bUwcEP2T/U+Ed7CXGG+GyHybjKg+rh9oSwCjcvnSkcvmCf6NFFcPae0
U/Q2NZrBqjeilqHi0gXezYt91quxf+iJSCw/3So5+qxEUEuYp7wlbE4xgG7pAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUlUs8gf58KIMHR5YtfiEfXMRRFqEwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzAzNDNhMzY2NjMwMzQzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoEbwQwDQYJKoZIhvcNAQEL
BQADggEBAIS50l5rm9PJQ9y+UX0gGwHTAofJxjCAKKYSkr5ABxcnbGO215FK1fEQ
fcottZEFM184UQlij2vcFBBJ1ZvuI4ySSRf8PZcgd5+x+Itmy1melUHsvM6pECyP
T56s4+wuJBdjJJZzkwsuT9jIQM2uTIl34JQyYnRs6/BKde4erXtnj8E+/TPACW3o
iX53IZu2p7tKEqvhSBM1quIEV3FkMYd2ONcAwSSODMwL/XOewVxeIJzws5u8yC28
JkSQeLo0PjcOIoxW8tBQnkvBihZVM+MwJxZbIVvMWN4ScW/iThTEo47xElpmnhgx
dcr1FbL2nmiJnr0zRX0KZONm0ZKCXTU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 16:17:29 2024 by rpki-client on console-fra.rpki-client.org