Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
File: 326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa (raw, json)
Hash identifier: 3ae24uPKULWDSlJHUrRVkRNVHdbHenU3RXxrGDU+eUU=
Subject key identifier: A1:8C:46:B5:47:5B:C6:2D:FE:E8:1E:7E:BB:F5:BA:A7:7C:82:E8:A3
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 2A78EB733A571FE13129C29EFBF82319ABEFD620
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
Signing time: Thu 28 Sep 2023 09:12:50 +0000
ROA not before: Thu 28 Sep 2023 09:07:50 +0000
ROA not after: Thu 26 Sep 2024 09:12:50 +0000
asID: 134666
IP address blocks: 2a0b:2542:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:78:eb:73:3a:57:1f:e1:31:29:c2:9e:fb:f8:23:19:ab:ef:d6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 28 09:07:50 2023 GMT
Not After : Sep 26 09:12:50 2024 GMT
Subject: CN=A18C46B5475BC62DFEE81E7EBBF5BAA77C82E8A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:33:50:fd:74:5b:45:80:69:50:64:c6:1f:57:
eb:ab:a7:2a:c3:2b:46:1a:40:10:76:7c:a5:0a:ea:
4c:42:9b:ed:f6:d6:46:1f:34:12:0e:45:58:e9:5d:
91:17:ba:71:01:b1:bb:53:b4:0c:e9:43:2d:58:24:
f8:08:85:ea:00:c8:9d:43:a8:4d:93:4f:a1:4d:f4:
ff:63:40:d3:a3:e3:6c:cb:4d:c3:33:f1:c1:e1:27:
13:18:05:a2:22:31:9b:60:24:7e:14:9a:6e:d9:c5:
66:9b:bb:dc:10:51:85:fc:4c:19:b0:f9:72:a7:83:
d5:01:84:8f:84:d2:ad:cd:d1:93:e2:b4:f5:92:4a:
9c:2b:69:95:10:30:72:16:b4:09:1e:1e:64:d3:17:
7f:25:b0:f5:77:15:e1:db:d4:8d:79:3b:72:f3:11:
bd:87:65:8b:17:93:8b:2c:30:90:d5:dd:c8:f1:c8:
09:26:91:9a:02:62:b8:a0:d7:37:31:eb:7c:74:3f:
10:0d:0c:e0:a5:09:0a:b2:e8:cf:20:11:ca:25:02:
24:fe:dd:3d:f9:b7:0f:51:dc:54:d6:64:c4:12:81:
3d:ca:10:6a:ae:4a:4d:8b:25:9d:1f:97:39:bd:84:
1a:35:8e:73:6b:32:8b:96:17:63:6f:26:a5:33:e7:
35:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8C:46:B5:47:5B:C6:2D:FE:E8:1E:7E:BB:F5:BA:A7:7C:82:E8:A3
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:100::/40
Signature Algorithm: sha256WithRSAEncryption
17:7e:9c:fb:f5:96:26:70:d3:c0:cb:54:22:92:2c:6a:09:67:
c2:da:ee:fb:bc:a7:6f:51:23:81:10:94:47:50:26:f3:f5:e9:
ac:cb:16:b2:fe:af:68:74:fd:93:7c:72:85:d8:be:4e:26:63:
cb:13:a7:c4:5f:f9:66:bf:8a:5c:c8:26:f3:91:39:47:5e:b4:
49:c2:aa:6f:33:65:4c:3d:88:67:b2:2e:7e:cf:b4:2a:2a:43:
6c:65:2d:24:b4:02:83:9d:30:73:58:a8:9c:88:c8:ec:98:10:
45:04:80:bc:8f:f0:45:4e:e7:6a:40:7a:c0:9f:d9:59:6c:b1:
77:0c:2a:3e:3a:be:26:ca:d4:f4:a6:63:4a:3f:b5:5c:23:97:
54:0a:85:6c:8e:1c:4b:e7:d6:9a:5e:71:69:4a:33:53:0b:1e:
27:9b:5b:ce:f8:39:c4:a6:fa:31:95:8f:b7:2c:70:08:51:df:
2b:ca:72:d2:e6:b2:26:e5:a5:8c:3c:b9:4c:cd:7a:03:80:d7:
3e:bb:73:ea:e9:43:5a:34:1a:8f:a3:d9:40:dc:76:e6:63:1c:
90:1c:e4:ab:4c:4b:08:29:e4:33:32:79:07:8b:f2:d6:47:42:
fc:85:ae:4c:fb:71:90:fd:85:96:46:af:d1:14:4e:1b:34:e2:
ad:bd:83:3a
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUKnjrczpXH+ExKcKe+/gjGavv1iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yMzA5MjgwOTA3NTBaFw0yNDA5MjYwOTEyNTBaMDMxMTAvBgNV
BAMTKEExOEM0NkI1NDc1QkM2MkRGRUU4MUU3RUJCRjVCQUE3N0M4MkU4QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiM1D9dFtFgGlQZMYfV+urpyrD
K0YaQBB2fKUK6kxCm+321kYfNBIORVjpXZEXunEBsbtTtAzpQy1YJPgIheoAyJ1D
qE2TT6FN9P9jQNOj42zLTcMz8cHhJxMYBaIiMZtgJH4Umm7ZxWabu9wQUYX8TBmw
+XKng9UBhI+E0q3N0ZPitPWSSpwraZUQMHIWtAkeHmTTF38lsPV3FeHb1I15O3Lz
Eb2HZYsXk4ssMJDV3cjxyAkmkZoCYrig1zcx63x0PxANDOClCQqy6M8gEcolAiT+
3T35tw9R3FTWZMQSgT3KEGquSk2LJZ0flzm9hBo1jnNrMouWF2NvJqUz5zUXAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUoYxGtUdbxi3+6B5+u/W6p3yC6KMwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzMTMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTMzMzQzNjM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
ATANBgkqhkiG9w0BAQsFAAOCAQEAF36c+/WWJnDTwMtUIpIsaglnwtru+7ynb1Ej
gRCUR1Am8/XprMsWsv6vaHT9k3xyhdi+TiZjyxOnxF/5Zr+KXMgm85E5R160ScKq
bzNlTD2IZ7Iufs+0KipDbGUtJLQCg50wc1ionIjI7JgQRQSAvI/wRU7nakB6wJ/Z
WWyxdwwqPjq+JsrU9KZjSj+1XCOXVAqFbI4cS+fWml5xaUozUwseJ5tbzvg5xKb6
MZWPtyxwCFHfK8py0uayJuWljDy5TM16A4DXPrtz6ulDWjQaj6PZQNx25mMckBzk
q0xLCCnkMzJ5B4vy1kdC/IWuTPtxkP2Flkav0RROGzTirb2DOg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:10:43 2024 by rpki-client on console-ams.rpki-client.org