Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534303a3a2f33322d3438203d3e203537383438.roa
File: 326130623a323534303a3a2f33322d3438203d3e203537383438.roa (raw, json)
Hash identifier: Pb2F4w7HUlB+8KC1ApcS7XeGOzx10fAyifHBz2nieIA=
Subject key identifier: 6C:3C:7B:95:BF:4B:2F:18:D5:A4:03:4A:F3:0C:98:B9:41:44:01:34
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 23E93669861DA79BCBB5FDD703EBFF03AFD66334
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534303a3a2f33322d3438203d3e203537383438.roa
Signing time: Sat 14 Sep 2024 01:22:27 +0000
ROA not before: Sat 14 Sep 2024 01:17:27 +0000
ROA not after: Sat 13 Sep 2025 01:22:27 +0000
asID: 57848
IP address blocks: 2a0b:2540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e9:36:69:86:1d:a7:9b:cb:b5:fd:d7:03:eb:ff:03:af:d6:63:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:27 2024 GMT
Not After : Sep 13 01:22:27 2025 GMT
Subject: CN=6C3C7B95BF4B2F18D5A4034AF30C98B941440134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f9:13:4b:ac:c7:b3:48:e0:05:d4:13:63:a5:
36:ba:d9:4d:14:bb:0b:58:6e:85:b1:6a:eb:21:96:
73:03:d8:8f:13:14:a9:52:47:a2:98:2c:80:52:8f:
d4:a2:92:15:42:85:67:c5:1e:90:da:01:86:39:6c:
1b:b6:08:66:f3:8c:e2:da:5d:b9:95:1f:5c:ea:42:
1c:30:9f:fa:f6:d6:9a:88:c8:24:0a:ad:08:9c:c8:
72:f1:15:4c:4d:8f:f5:06:dc:5a:04:35:47:a9:dc:
2b:d5:a5:08:fc:39:0f:b7:0d:26:c2:75:ce:e4:a0:
87:11:59:06:77:c3:02:54:f5:66:27:28:aa:55:c7:
82:3a:99:4f:cf:04:69:32:bb:73:7e:6b:84:3c:ff:
19:73:49:a1:3d:51:05:49:cf:56:09:b9:32:36:9f:
21:20:ae:de:78:80:2a:51:71:d8:6a:26:f2:cf:21:
0f:c0:46:8f:9c:c8:7e:1e:04:dd:ef:b4:04:c8:d8:
bb:f0:31:05:3d:a0:c9:c5:b1:f1:18:b5:24:12:f0:
77:da:cb:bd:f5:5b:5b:78:7f:d4:70:5a:2a:8b:64:
08:23:b0:23:8b:33:7b:cc:d2:c3:0d:e2:9c:19:e0:
fd:c3:2f:bf:9e:b3:88:45:3c:d8:25:29:ed:fa:65:
1d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3C:7B:95:BF:4B:2F:18:D5:A4:03:4A:F3:0C:98:B9:41:44:01:34
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534303a3a2f33322d3438203d3e203537383438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2540::/32
Signature Algorithm: sha256WithRSAEncryption
5e:ec:a1:28:42:ac:06:d2:4d:e3:6c:a0:28:3d:1e:64:c2:f8:
85:ef:d3:e0:ab:29:87:db:a5:06:4c:a4:36:99:c5:a6:5b:44:
7c:1a:71:c8:9f:f9:30:0b:c3:c3:6c:a8:3f:8d:da:c3:6b:b3:
0e:df:d9:8c:fd:40:6b:1b:73:bd:bd:46:14:46:56:d5:29:fd:
d1:1a:c9:08:10:61:72:75:df:00:5c:7b:7b:48:8f:91:a7:4f:
dc:f5:72:48:2e:50:48:c0:4b:93:9b:4f:98:47:09:8f:4c:f7:
8c:50:b5:ff:e6:91:f0:5e:07:0f:fe:f9:4b:2a:bb:6b:3f:53:
1c:2e:d5:40:ce:5c:3a:cc:9b:05:c7:28:fa:7c:79:80:d1:e1:
1d:31:c8:2d:cc:96:28:41:79:a9:67:b0:78:25:02:b9:0c:72:
16:f3:e2:39:5f:60:e7:fc:94:34:e0:e0:3e:8c:4d:b2:8e:e8:
73:da:90:2f:43:18:70:3a:07:bc:a0:42:63:e8:45:fd:9c:ee:
de:ad:65:0a:44:38:ec:82:ac:a4:91:24:31:0d:43:29:4a:b2:
d0:95:9b:45:71:37:ec:ee:ae:ab:e1:be:26:e9:fa:a5:fe:97:
19:3f:c6:5b:88:5c:9c:8a:ab:03:58:24:68:a7:88:a7:4d:ec:
12:b9:12:9c
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUI+k2aYYdp5vLtf3XA+v/A6/WYzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjdaFw0yNTA5MTMwMTIyMjdaMDMxMTAvBgNV
BAMTKDZDM0M3Qjk1QkY0QjJGMThENUE0MDM0QUYzMEM5OEI5NDE0NDAxMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg+RNLrMezSOAF1BNjpTa62U0U
uwtYboWxaushlnMD2I8TFKlSR6KYLIBSj9SikhVChWfFHpDaAYY5bBu2CGbzjOLa
XbmVH1zqQhwwn/r21pqIyCQKrQicyHLxFUxNj/UG3FoENUep3CvVpQj8OQ+3DSbC
dc7koIcRWQZ3wwJU9WYnKKpVx4I6mU/PBGkyu3N+a4Q8/xlzSaE9UQVJz1YJuTI2
nyEgrt54gCpRcdhqJvLPIQ/ARo+cyH4eBN3vtATI2LvwMQU9oMnFsfEYtSQS8Hfa
y731W1t4f9RwWiqLZAgjsCOLM3vM0sMN4pwZ4P3DL7+es4hFPNglKe36ZR0RAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUbDx7lb9LLxjVpANK8wyYuUFEATQwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzA2MjNhMzIzNTM0MzAzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzNTM3MzgzNDM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgslQDANBgkqhkiG9w0B
AQsFAAOCAQEAXuyhKEKsBtJN42ygKD0eZML4he/T4Ksph9ulBkykNpnFpltEfBpx
yJ/5MAvDw2yoP43aw2uzDt/ZjP1Aaxtzvb1GFEZW1Sn90RrJCBBhcnXfAFx7e0iP
kadP3PVySC5QSMBLk5tPmEcJj0z3jFC1/+aR8F4HD/75Syq7az9THC7VQM5cOsyb
Bcco+nx5gNHhHTHILcyWKEF5qWeweCUCuQxyFvPiOV9g5/yUNODgPoxNso7oc9qQ
L0MYcDoHvKBCY+hF/Zzu3q1lCkQ47IKspJEkMQ1DKUqy0JWbRXE37O6uq+G+Jun6
pf6XGT/GW4hcnIqrA1gkaKeIp03sErkSnA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:04 2024 by rpki-client on console-fra.rpki-client.org