Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130613a616363313a3a2f33322d3438203d3e2033323538.roa
File: 326130613a616363313a3a2f33322d3438203d3e2033323538.roa (raw, json)
Hash identifier: wyjofl+FoiWAK8U6GH50K1UqPviIS66WsfrE0TRAhuw=
Subject key identifier: D4:97:85:26:32:8C:5F:85:7B:8A:D8:E7:60:B5:41:86:36:30:D8:B3
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 7B1F8E192977324B8B018613C5A9C50390E2C1C2
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363313a3a2f33322d3438203d3e2033323538.roa
Signing time: Sat 14 Sep 2024 01:22:28 +0000
ROA not before: Sat 14 Sep 2024 01:17:28 +0000
ROA not after: Sat 13 Sep 2025 01:22:28 +0000
asID: 3258
IP address blocks: 2a0a:acc1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:1f:8e:19:29:77:32:4b:8b:01:86:13:c5:a9:c5:03:90:e2:c1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:28 2024 GMT
Not After : Sep 13 01:22:28 2025 GMT
Subject: CN=D4978526328C5F857B8AD8E760B541863630D8B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5e:15:22:af:f0:dc:b9:df:f2:98:b1:e5:8c:
fb:23:ae:80:a1:f3:f8:11:47:25:54:45:ed:0b:3e:
af:4d:2c:4c:2d:21:fc:3d:a4:a4:74:b9:94:e4:f0:
7a:33:b8:da:06:8e:39:00:cf:37:b4:56:b8:c7:4b:
a2:f5:53:3a:57:0c:55:c1:ea:dc:a4:e1:31:95:8b:
d5:3c:b2:c6:e3:ee:b7:28:44:44:eb:21:7c:f1:71:
66:ac:fa:9c:1c:e7:3c:1a:db:fa:32:78:73:50:6c:
f7:8d:e5:35:48:de:6e:b0:8f:95:48:b1:ae:d0:d2:
78:7a:8a:1c:46:11:84:f0:4d:49:84:e6:08:93:64:
63:ae:79:0b:2e:bd:e2:e3:16:8d:6c:d5:58:18:60:
64:8f:5e:2a:1a:b9:04:57:55:10:dc:9a:9f:07:50:
e3:a6:c1:1f:86:29:33:af:b0:f5:67:67:7d:9a:66:
da:b0:7f:d9:29:55:25:e1:b5:23:1f:53:04:51:0d:
35:c3:7c:05:75:fe:48:63:ac:ee:e3:45:2a:bd:85:
73:a1:cc:21:2f:e9:69:70:20:0a:ce:d1:13:38:e5:
84:b5:ce:2c:1c:1e:ee:a5:53:9f:04:43:55:8c:bc:
59:31:76:8e:79:78:05:83:80:ee:fb:0c:8a:c0:04:
5c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:97:85:26:32:8C:5F:85:7B:8A:D8:E7:60:B5:41:86:36:30:D8:B3
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363313a3a2f33322d3438203d3e2033323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:acc1::/32
Signature Algorithm: sha256WithRSAEncryption
90:ea:e1:4e:4a:a5:b9:52:99:e8:02:83:ee:92:c1:61:43:3b:
61:d2:53:56:ff:c1:74:d9:19:25:74:4b:47:e5:29:b4:20:71:
ee:a9:ec:ed:49:d7:f0:2d:6c:41:05:8a:4e:24:46:e6:75:13:
dc:2a:de:61:5a:5c:8b:37:d8:8e:80:8d:38:02:9f:81:31:a7:
69:ab:82:eb:4a:40:a0:e2:c1:19:c5:ab:f5:7a:6e:06:45:db:
86:88:57:c0:bb:85:11:98:87:14:e0:03:18:74:af:f8:eb:2b:
4b:4a:e0:89:9e:de:6b:7b:fe:ff:1f:ac:73:e4:d5:17:39:ef:
35:75:27:27:ff:ef:39:ed:2a:ca:db:02:5c:1f:8b:88:0a:81:
d5:6b:f4:5c:74:fe:ca:9f:7c:13:97:f3:40:b0:7a:2d:b0:d5:
16:c6:3c:00:ed:4c:f1:43:11:7a:dd:05:fc:66:6c:bd:77:47:
4f:88:a2:79:df:27:7e:42:36:67:59:b4:94:44:0e:ab:14:11:
3a:d2:98:c6:11:e9:56:31:96:9e:3b:1d:cd:a4:5b:be:c7:3b:
88:a1:89:4b:49:b2:ab:03:b7:23:ee:ae:e2:3a:91:13:4d:f3:
c6:de:c2:61:e5:90:d6:b4:6b:a9:42:65:58:a7:f0:54:a1:c1:
28:b7:26:a7
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUex+OGSl3MkuLAYYTxanFA5DiwcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjhaFw0yNTA5MTMwMTIyMjhaMDMxMTAvBgNV
BAMTKEQ0OTc4NTI2MzI4QzVGODU3QjhBRDhFNzYwQjU0MTg2MzYzMEQ4QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXhUir/Dcud/ymLHljPsjroCh
8/gRRyVURe0LPq9NLEwtIfw9pKR0uZTk8HozuNoGjjkAzze0VrjHS6L1UzpXDFXB
6tyk4TGVi9U8ssbj7rcoRETrIXzxcWas+pwc5zwa2/oyeHNQbPeN5TVI3m6wj5VI
sa7Q0nh6ihxGEYTwTUmE5giTZGOueQsuveLjFo1s1VgYYGSPXioauQRXVRDcmp8H
UOOmwR+GKTOvsPVnZ32aZtqwf9kpVSXhtSMfUwRRDTXDfAV1/khjrO7jRSq9hXOh
zCEv6WlwIArO0RM45YS1ziwcHu6lU58EQ1WMvFkxdo55eAWDgO77DIrABFzxAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQU1JeFJjKMX4V7itjnYLVBhjYw2LMwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzA2MTNhNjE2MzYzMzEzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzMzMyMzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKrMEwDQYJKoZIhvcNAQEL
BQADggEBAJDq4U5KpblSmegCg+6SwWFDO2HSU1b/wXTZGSV0S0flKbQgce6p7O1J
1/AtbEEFik4kRuZ1E9wq3mFaXIs32I6AjTgCn4Exp2mrgutKQKDiwRnFq/V6bgZF
24aIV8C7hRGYhxTgAxh0r/jrK0tK4Ime3mt7/v8frHPk1Rc57zV1Jyf/7zntKsrb
Alwfi4gKgdVr9Fx0/sqffBOX80Cwei2w1RbGPADtTPFDEXrdBfxmbL13R0+Ionnf
J35CNmdZtJREDqsUETrSmMYR6VYxlp47Hc2kW77HO4ihiUtJsqsDtyPuruI6kRNN
88bewmHlkNa0a6lCZVin8FShwSi3Jqc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 16:17:29 2024 by rpki-client on console-fra.rpki-client.org