Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
File: 326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa (raw, json)
Hash identifier: SCq27MG9RGSIUs9pFwUD8DJ+z99XPXXyy+EOwWQmw8w=
Subject key identifier: 82:B2:39:18:DA:6B:CC:40:C0:B4:A6:0F:CB:B9:4D:8C:38:32:16:9C
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 30E7A50E114A487F62E6CAA88E97688F26D8482D
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
Signing time: Thu 29 Aug 2024 09:50:10 +0000
ROA not before: Thu 29 Aug 2024 09:45:10 +0000
ROA not after: Thu 28 Aug 2025 09:50:10 +0000
asID: 134666
IP address blocks: 2a0b:2542:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e7:a5:0e:11:4a:48:7f:62:e6:ca:a8:8e:97:68:8f:26:d8:48:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 29 09:45:10 2024 GMT
Not After : Aug 28 09:50:10 2025 GMT
Subject: CN=82B23918DA6BCC40C0B4A60FCBB94D8C3832169C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7f:62:06:c5:f8:1e:c6:ff:1e:87:bc:ad:9b:
b6:56:2d:e4:8b:42:cb:59:b2:e4:f4:8a:0d:e1:de:
18:5e:33:72:13:4f:6d:dc:c1:cf:66:05:ab:30:bc:
bb:fb:f8:b8:e2:b1:26:9c:d5:e9:d8:32:92:ff:3e:
ac:9b:39:24:e1:bb:7d:f9:76:ce:a1:f3:7a:d3:c4:
98:e3:81:56:33:c6:24:21:4d:a1:d3:0f:ed:2f:6b:
36:5b:3a:b5:de:9d:e2:b1:eb:1b:ae:05:85:8f:0e:
9f:40:0d:7e:4e:18:e6:b1:e1:a7:5f:88:d5:99:1d:
9d:bd:ca:c9:40:72:9b:43:2b:69:6b:09:93:77:e8:
ba:c8:ef:9c:e0:9a:8b:92:27:37:99:ef:c5:50:db:
24:af:6d:70:74:23:80:53:02:4d:65:bd:d0:f9:34:
7e:0e:63:f4:ce:b5:f9:0c:54:cd:d3:1e:c6:84:eb:
f4:bd:ca:26:3a:78:cf:27:0b:05:42:b0:62:b0:08:
8d:da:17:20:99:4a:f2:3e:7f:b9:ab:65:f0:dd:e8:
e9:0f:70:ac:54:4b:92:c0:d6:a6:39:d9:a7:e4:db:
da:78:09:c7:94:30:2d:8d:df:88:0f:68:f6:0e:62:
9c:03:6b:34:7a:26:b9:be:9f:40:25:83:ff:7c:71:
96:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B2:39:18:DA:6B:CC:40:C0:B4:A6:0F:CB:B9:4D:8C:38:32:16:9C
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:100::/40
Signature Algorithm: sha256WithRSAEncryption
74:bb:5f:60:bb:92:8e:f8:8c:97:81:8d:ac:6e:7c:52:cd:02:
5d:25:31:90:a8:28:64:02:52:ef:d0:50:d1:0f:f8:44:8c:88:
74:33:f5:b4:c8:a0:68:ad:08:c4:c3:5a:a3:f2:50:15:dc:25:
1a:8b:9b:8b:b1:0a:1d:16:42:b5:51:95:3b:3f:b8:93:fe:12:
29:3b:25:70:80:4f:7c:cc:5e:a6:15:4a:b5:f5:6a:d1:75:d7:
29:91:5d:f7:3d:e2:02:a7:82:28:ad:42:9b:ba:5e:a9:39:f3:
04:0b:c5:c0:77:b0:29:5b:a2:8e:7d:b6:97:9d:b9:1e:6e:2c:
15:c7:a2:62:cc:4d:27:8a:c3:4b:a4:3f:6a:30:b5:d6:57:66:
a1:fa:e3:8e:5d:19:50:67:d2:b5:50:3c:cb:46:c7:fd:49:ec:
b2:0e:22:e0:98:b8:7d:54:c7:fe:c9:7b:ca:0f:ab:3d:24:3f:
8e:74:7e:42:08:53:83:94:76:17:cc:7b:23:d8:6b:f1:32:63:
9d:b6:1e:58:12:a3:ab:c6:21:30:a5:e4:7e:85:4e:fa:60:b9:
fa:74:46:a7:f8:14:80:19:8a:ed:53:19:fe:09:c5:53:20:e4:
83:c8:c6:10:25:a4:fe:6f:43:c5:ac:aa:ee:1e:33:a2:c1:9d:
b2:cd:cb:b7
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUMOelDhFKSH9i5sqojpdojybYSC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA4MjkwOTQ1MTBaFw0yNTA4MjgwOTUwMTBaMDMxMTAvBgNV
BAMTKDgyQjIzOTE4REE2QkNDNDBDMEI0QTYwRkNCQjk0RDhDMzgzMjE2OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBf2IGxfgexv8eh7ytm7ZWLeSL
QstZsuT0ig3h3hheM3ITT23cwc9mBaswvLv7+LjisSac1enYMpL/PqybOSThu335
ds6h83rTxJjjgVYzxiQhTaHTD+0vazZbOrXeneKx6xuuBYWPDp9ADX5OGOax4adf
iNWZHZ29yslAcptDK2lrCZN36LrI75zgmouSJzeZ78VQ2ySvbXB0I4BTAk1lvdD5
NH4OY/TOtfkMVM3THsaE6/S9yiY6eM8nCwVCsGKwCI3aFyCZSvI+f7mrZfDd6OkP
cKxUS5LA1qY52afk29p4CceUMC2N34gPaPYOYpwDazR6Jrm+n0Alg/98cZZtAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUgrI5GNprzEDAtKYPy7lNjDgyFpwwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzMTMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTMzMzQzNjM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
ATANBgkqhkiG9w0BAQsFAAOCAQEAdLtfYLuSjviMl4GNrG58Us0CXSUxkKgoZAJS
79BQ0Q/4RIyIdDP1tMigaK0IxMNao/JQFdwlGoubi7EKHRZCtVGVOz+4k/4SKTsl
cIBPfMxephVKtfVq0XXXKZFd9z3iAqeCKK1Cm7peqTnzBAvFwHewKVuijn22l525
Hm4sFceiYsxNJ4rDS6Q/ajC11ldmofrjjl0ZUGfStVA8y0bH/Unssg4i4Ji4fVTH
/sl7yg+rPSQ/jnR+QghTg5R2F8x7I9hr8TJjnbYeWBKjq8YhMKXkfoVO+mC5+nRG
p/gUgBmK7VMZ/gnFUyDkg8jGECWk/m9Dxayq7h4zosGdss3Ltw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org