Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130613a616363303a3a2f33322d3438203d3e2036333639.roa
File: 326130613a616363303a3a2f33322d3438203d3e2036333639.roa (raw, json)
Hash identifier: RscqkfAqKol9Mb7kH1rk6TlCkY+RbxXqXidKOH9Y1CA=
Subject key identifier: 2B:C6:9C:10:28:42:52:6B:9A:13:05:30:DE:2A:F6:41:1B:78:D4:9D
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 42E99501E8BA45C598477676F208E40468DB03AE
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363303a3a2f33322d3438203d3e2036333639.roa
Signing time: Sat 14 Sep 2024 01:22:29 +0000
ROA not before: Sat 14 Sep 2024 01:17:29 +0000
ROA not after: Sat 13 Sep 2025 01:22:29 +0000
asID: 6369
IP address blocks: 2a0a:acc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:e9:95:01:e8:ba:45:c5:98:47:76:76:f2:08:e4:04:68:db:03:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:29 2024 GMT
Not After : Sep 13 01:22:29 2025 GMT
Subject: CN=2BC69C102842526B9A130530DE2AF6411B78D49D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:27:05:3f:19:05:15:bb:08:7d:08:e2:42:
c5:88:65:b0:30:5b:43:f0:d3:77:9a:df:93:66:2f:
60:95:cc:d7:62:b5:90:ba:79:e3:90:b5:7d:53:70:
b7:0d:f1:92:b1:89:30:39:0e:eb:8d:99:f7:20:86:
34:72:79:9b:9b:d7:59:82:5f:44:14:a7:6d:cb:b3:
01:3c:04:70:d4:f5:6d:80:51:e3:1d:f7:85:08:cf:
d1:92:be:b0:b6:c0:94:03:23:3d:00:a8:80:bc:cc:
45:b6:90:2f:63:44:3f:cc:be:cc:bb:bb:09:27:3a:
44:7b:d4:02:b1:a5:06:56:e6:d2:ed:58:5e:48:41:
51:fa:8a:b1:f7:b1:fd:e2:9a:ca:c1:ee:a4:0a:7f:
7c:d9:54:8b:ff:42:12:97:9b:46:43:b1:a9:33:40:
ea:9d:94:33:d3:39:e5:28:04:d9:66:b9:80:78:33:
26:a1:96:e2:42:e5:34:e8:e7:5e:fa:15:9a:ef:49:
27:47:a9:a5:c5:7d:4f:59:1a:2d:36:0e:29:95:56:
18:fe:18:db:76:6d:34:99:e2:fd:c6:8d:6b:f4:c2:
8b:18:02:b5:80:fe:00:9d:c4:ac:16:24:9c:4c:0a:
00:03:cc:56:45:b0:2b:0a:f5:c7:18:c1:84:04:1e:
97:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C6:9C:10:28:42:52:6B:9A:13:05:30:DE:2A:F6:41:1B:78:D4:9D
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363303a3a2f33322d3438203d3e2036333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
78:b5:c3:ea:e6:bc:8e:49:63:03:74:b5:3a:4a:4d:1d:a2:80:
3f:cd:de:f3:9a:c3:c3:49:c2:01:0f:c7:bf:84:1f:2a:03:f4:
ef:04:6d:17:80:ba:14:83:8c:ea:d5:b8:bc:5f:52:27:ff:6c:
39:12:5c:fa:de:7d:da:8d:90:64:4c:5b:d9:8f:c7:ce:78:4b:
37:e1:bb:fe:b1:47:c4:bb:40:71:06:9d:dd:bb:c1:db:ce:59:
e6:c3:da:d4:cb:78:e6:5d:ff:06:51:23:ad:15:89:1d:9f:4c:
c5:4d:3e:0a:79:68:8c:29:23:a9:2e:80:7e:54:25:14:10:de:
d3:62:b4:b6:6a:c9:8d:8a:d0:ad:12:af:90:e0:80:5a:4a:9f:
ae:9f:13:5b:5c:f8:24:48:90:2d:08:02:2e:81:1c:bb:53:9f:
85:a3:4c:7a:08:d3:a9:45:3a:8c:b2:0a:b9:b7:8a:7c:2e:bf:
bb:a2:ef:28:76:bf:2e:85:fc:c2:dc:92:00:34:69:f9:24:ff:
b2:77:c8:4f:9d:95:8d:58:91:b0:1c:37:36:f0:16:cd:73:81:
72:6c:72:72:87:c4:f3:20:d0:68:b2:2d:9d:1a:94:03:8e:e4:
27:de:05:dd:fe:37:15:66:d8:6b:2f:93:ff:41:6b:ff:e7:7f:
dd:d1:ba:0b
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUQumVAei6RcWYR3Z28gjkBGjbA64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjlaFw0yNTA5MTMwMTIyMjlaMDMxMTAvBgNV
BAMTKDJCQzY5QzEwMjg0MjUyNkI5QTEzMDUzMERFMkFGNjQxMUI3OEQ0OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGwycFPxkFFbsIfQjiQsWIZbAw
W0Pw03ea35NmL2CVzNditZC6eeOQtX1TcLcN8ZKxiTA5DuuNmfcghjRyeZub11mC
X0QUp23LswE8BHDU9W2AUeMd94UIz9GSvrC2wJQDIz0AqIC8zEW2kC9jRD/Mvsy7
uwknOkR71AKxpQZW5tLtWF5IQVH6irH3sf3imsrB7qQKf3zZVIv/QhKXm0ZDsakz
QOqdlDPTOeUoBNlmuYB4MyahluJC5TTo5176FZrvSSdHqaXFfU9ZGi02DimVVhj+
GNt2bTSZ4v3GjWv0wosYArWA/gCdxKwWJJxMCgADzFZFsCsK9ccYwYQEHpepAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUK8acEChCUmuaEwUw3ir2QRt41J0wHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzA2MTNhNjE2MzYzMzAzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzNjMzMzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKrMAwDQYJKoZIhvcNAQEL
BQADggEBAHi1w+rmvI5JYwN0tTpKTR2igD/N3vOaw8NJwgEPx7+EHyoD9O8EbReA
uhSDjOrVuLxfUif/bDkSXPrefdqNkGRMW9mPx854Szfhu/6xR8S7QHEGnd27wdvO
WebD2tTLeOZd/wZRI60ViR2fTMVNPgp5aIwpI6kugH5UJRQQ3tNitLZqyY2K0K0S
r5DggFpKn66fE1tc+CRIkC0IAi6BHLtTn4WjTHoI06lFOoyyCrm3inwuv7ui7yh2
vy6F/MLckgA0afkk/7J3yE+dlY1YkbAcNzbwFs1zgXJscnKHxPMg0GiyLZ0alAOO
5CfeBd3+NxVm2Gsvk/9Ba//nf93Rugs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:04 2024 by rpki-client on console-fra.rpki-client.org