Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130343a366630363a3a2f33322d3438203d3e2033323134.roa
File: 326130343a366630363a3a2f33322d3438203d3e2033323134.roa (raw, json)
Hash identifier: AuNHJ4Er5rWaDoF9/UJ9XblyUup1/1iXCBaRrrZlm1I=
Subject key identifier: 37:2F:03:03:05:51:71:4A:CA:EE:12:17:9A:F9:AA:A0:B5:63:F3:CC
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 66E5C804CFF37C919E1F405F8EE84540740DAE74
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630363a3a2f33322d3438203d3e2033323134.roa
Signing time: Sat 14 Sep 2024 01:22:28 +0000
ROA not before: Sat 14 Sep 2024 01:17:28 +0000
ROA not after: Sat 13 Sep 2025 01:22:28 +0000
asID: 3214
IP address blocks: 2a04:6f06::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:e5:c8:04:cf:f3:7c:91:9e:1f:40:5f:8e:e8:45:40:74:0d:ae:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:28 2024 GMT
Not After : Sep 13 01:22:28 2025 GMT
Subject: CN=372F03030551714ACAEE12179AF9AAA0B563F3CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f9:dd:e1:25:59:34:ae:f3:8f:a3:d0:72:cc:
d0:b0:14:54:49:33:62:26:15:71:e9:cb:22:b5:75:
0c:0e:58:a6:94:b3:a6:9a:6a:ed:1f:04:9b:3c:03:
4f:87:e5:0e:86:60:0b:d8:2c:4c:95:d7:e2:13:91:
76:a6:fc:e2:4d:e0:ab:3a:5d:31:db:2f:a6:4e:c5:
00:d3:cd:1a:c7:64:60:a4:d5:fd:8a:31:ed:a2:23:
85:3c:d8:3d:aa:b4:df:16:cf:f0:33:a7:b8:12:13:
fb:61:17:f0:ae:12:63:71:83:10:3a:58:44:c5:10:
34:5a:a8:e9:1c:63:0b:78:91:37:65:80:a4:38:b7:
57:02:89:95:db:40:f8:54:2b:4a:97:97:ed:59:28:
18:e9:00:c2:e2:69:30:b2:93:89:5e:ec:18:2b:8a:
d4:40:dd:cc:61:5e:b2:40:24:c5:aa:5a:77:a0:04:
04:e1:d9:79:81:69:e3:be:d1:98:f7:4e:25:c7:d5:
2f:12:16:b9:28:9a:1a:26:3a:b3:d0:34:a6:61:60:
16:dc:8e:38:69:7c:fc:b3:52:4d:40:74:ee:7e:ef:
a9:70:1c:83:69:5c:40:a4:e5:59:6d:fb:37:cf:83:
79:96:5d:f1:ff:43:74:e7:d3:45:f9:60:6d:28:64:
b3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2F:03:03:05:51:71:4A:CA:EE:12:17:9A:F9:AA:A0:B5:63:F3:CC
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630363a3a2f33322d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6f06::/32
Signature Algorithm: sha256WithRSAEncryption
34:df:51:34:4c:c3:42:58:a8:97:fd:f6:a8:50:1d:0d:79:10:
9d:52:a2:8c:e1:c7:60:cf:8e:4c:0a:a1:da:0e:48:15:64:b6:
f8:c5:98:ad:b8:1a:4c:be:06:b7:b5:c9:74:8a:4f:d0:87:c2:
c7:b4:e9:07:7f:b9:7f:e8:a0:5a:e3:c4:ad:e5:89:e7:6c:c8:
c3:78:dd:25:85:84:b6:f9:0e:e5:ed:63:e9:24:33:60:43:16:
16:13:32:7d:13:e6:8d:75:bb:4c:3f:6a:3d:39:d4:6c:9a:a5:
89:24:a7:22:4e:19:7e:08:a8:81:65:90:96:c1:0c:fd:fa:3a:
97:a4:5e:81:c4:3a:1f:f9:48:5c:4b:43:bb:c7:bd:46:b6:8c:
23:06:66:b9:15:39:0c:72:77:5e:4a:fe:ad:6e:c3:90:18:f4:
b8:ff:8b:00:5c:a8:e9:01:4f:15:93:f0:b2:6a:e8:06:47:76:
b9:e2:af:b3:be:a5:24:2f:4b:61:d2:dc:16:06:45:a4:f1:38:
67:15:0c:2b:29:4c:81:7e:32:37:b5:0f:67:ee:27:4e:fd:3b:
fb:dc:0a:f2:2c:71:79:28:e6:ad:28:d0:47:45:c6:21:29:3e:
58:e1:ba:2c:7c:a4:18:43:34:3d:14:c2:08:4a:ce:1a:05:50:
5b:d2:11:30
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUZuXIBM/zfJGeH0BfjuhFQHQNrnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjhaFw0yNTA5MTMwMTIyMjhaMDMxMTAvBgNV
BAMTKDM3MkYwMzAzMDU1MTcxNEFDQUVFMTIxNzlBRjlBQUEwQjU2M0YzQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr+d3hJVk0rvOPo9ByzNCwFFRJ
M2ImFXHpyyK1dQwOWKaUs6aaau0fBJs8A0+H5Q6GYAvYLEyV1+ITkXam/OJN4Ks6
XTHbL6ZOxQDTzRrHZGCk1f2KMe2iI4U82D2qtN8Wz/Azp7gSE/thF/CuEmNxgxA6
WETFEDRaqOkcYwt4kTdlgKQ4t1cCiZXbQPhUK0qXl+1ZKBjpAMLiaTCyk4le7Bgr
itRA3cxhXrJAJMWqWnegBATh2XmBaeO+0Zj3TiXH1S8SFrkomhomOrPQNKZhYBbc
jjhpfPyzUk1AdO5+76lwHINpXECk5Vlt+zfPg3mWXfH/Q3Tn00X5YG0oZLNDAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUNy8DAwVRcUrK7hIXmvmqoLVj88wwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzAzNDNhMzY2NjMwMzYzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoEbwYwDQYJKoZIhvcNAQEL
BQADggEBADTfUTRMw0JYqJf99qhQHQ15EJ1Soozhx2DPjkwKodoOSBVktvjFmK24
Gky+Bre1yXSKT9CHwse06Qd/uX/ooFrjxK3liedsyMN43SWFhLb5DuXtY+kkM2BD
FhYTMn0T5o11u0w/aj051GyapYkkpyJOGX4IqIFlkJbBDP36OpekXoHEOh/5SFxL
Q7vHvUa2jCMGZrkVOQxyd15K/q1uw5AY9Lj/iwBcqOkBTxWT8LJq6AZHdrnir7O+
pSQvS2HS3BYGRaTxOGcVDCspTIF+Mje1D2fuJ079O/vcCvIscXko5q0o0EdFxiEp
Pljhuix8pBhDND0UwghKzhoFUFvSETA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 16:17:29 2024 by rpki-client on console-fra.rpki-client.org