Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
File: 326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa (raw, json)
Hash identifier: BAb7hWNMhXpZp+0vnVyRiFl/HrUl9SGTSyV5G7W5GT4=
Subject key identifier: DC:D9:63:5F:A8:FF:D7:CF:60:C2:50:28:1A:E4:77:62:F2:19:97:62
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 60D945A2AEA3BE17119F792A4E4C198D93620F47
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
Signing time: Tue 02 Jul 2024 14:26:56 +0000
ROA not before: Tue 02 Jul 2024 14:21:56 +0000
ROA not after: Tue 01 Jul 2025 14:26:56 +0000
asID: 197730
IP address blocks: 2a0b:2542:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:d9:45:a2:ae:a3:be:17:11:9f:79:2a:4e:4c:19:8d:93:62:0f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Jul 2 14:21:56 2024 GMT
Not After : Jul 1 14:26:56 2025 GMT
Subject: CN=DCD9635FA8FFD7CF60C250281AE47762F2199762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5c:a8:fe:f5:d1:1e:e0:94:6e:9a:f7:c3:18:
0c:b4:b7:85:11:25:a4:a7:7f:4d:88:a8:c8:cb:28:
d3:55:9d:41:2f:37:66:c7:e6:e1:93:b6:2f:dd:dc:
b5:31:14:6b:59:4d:ca:9b:ec:16:4b:e3:d3:5e:1e:
11:d2:79:89:f1:ce:4a:63:0e:aa:15:09:d1:42:fe:
e4:d7:0b:01:0e:ee:55:e5:d4:53:ba:63:30:2c:e1:
03:d3:5c:33:fd:bf:dd:5c:06:a1:63:6c:42:8a:82:
9a:eb:33:e4:03:87:b7:2b:28:e0:6f:6a:cf:ba:e4:
b9:67:6a:5f:43:15:f5:8b:07:ef:c0:f2:d5:95:51:
2c:b2:aa:ea:fc:66:09:bb:77:6c:d3:cb:c8:9a:90:
5c:af:59:ea:aa:b4:08:b4:38:b6:8b:bd:df:6c:b2:
40:c2:05:27:24:77:1e:06:be:a0:77:8e:29:47:58:
e8:70:7d:9b:35:a5:f4:4d:f9:68:a6:6a:2c:33:fd:
5d:d6:7a:5f:f5:3a:36:a4:ab:02:ca:44:4e:c9:61:
1f:e5:ce:0d:64:67:e2:72:d9:73:8f:02:76:6c:cb:
f7:cd:23:58:9a:14:55:4b:f4:97:2a:b9:9b:db:f6:
40:d2:26:4b:0c:6c:f3:2c:cf:0c:07:27:ff:b1:09:
db:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D9:63:5F:A8:FF:D7:CF:60:C2:50:28:1A:E4:77:62:F2:19:97:62
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:500::/40
Signature Algorithm: sha256WithRSAEncryption
ba:3f:9f:f4:ba:e0:6a:8d:47:3b:91:6e:01:c4:f0:5a:58:68:
05:77:d4:d1:c2:b1:cf:f8:2c:25:32:df:c7:71:37:36:5d:d1:
7c:73:27:da:a1:25:12:40:a2:13:82:a2:39:4c:1d:1f:3b:62:
c3:fb:dc:ff:29:6c:3e:ba:e6:f9:b8:a9:81:a0:8e:d9:ed:62:
07:ec:c5:d4:60:44:47:af:69:a0:83:32:ae:49:06:3a:9d:59:
a8:70:03:d1:84:99:ea:7a:07:17:bf:ee:ee:c9:10:e5:16:8a:
57:98:76:31:7e:8e:ca:78:bf:3b:e0:ca:f8:cf:54:e5:fe:8c:
07:75:68:fe:48:a1:57:4f:a8:e0:85:b4:17:ea:9f:1d:07:f8:
94:ca:2a:0b:a0:ce:f2:07:46:6c:0c:37:38:13:37:61:c1:24:
6e:d9:c9:c6:45:b4:61:ff:b7:68:03:26:7d:e3:44:75:a9:bc:
a8:7e:69:55:fb:ad:61:e3:cc:8d:c9:fd:65:a9:d4:ff:f7:d4:
df:a6:60:c9:71:69:e5:89:8f:3a:4f:2b:49:bd:ca:96:21:ac:
b8:85:39:5b:e7:81:62:3c:68:ae:cf:17:2e:ad:2b:df:4c:f6:
25:25:57:cc:75:5a:1b:21:26:c7:88:9e:51:d4:84:96:0e:bb:
60:5d:04:63
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUYNlFoq6jvhcRn3kqTkwZjZNiD0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA3MDIxNDIxNTZaFw0yNTA3MDExNDI2NTZaMDMxMTAvBgNV
BAMTKERDRDk2MzVGQThGRkQ3Q0Y2MEMyNTAyODFBRTQ3NzYyRjIxOTk3NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSXKj+9dEe4JRumvfDGAy0t4UR
JaSnf02IqMjLKNNVnUEvN2bH5uGTti/d3LUxFGtZTcqb7BZL49NeHhHSeYnxzkpj
DqoVCdFC/uTXCwEO7lXl1FO6YzAs4QPTXDP9v91cBqFjbEKKgprrM+QDh7crKOBv
as+65Llnal9DFfWLB+/A8tWVUSyyqur8Zgm7d2zTy8iakFyvWeqqtAi0OLaLvd9s
skDCBSckdx4GvqB3jilHWOhwfZs1pfRN+Wimaiwz/V3Wel/1OjakqwLKRE7JYR/l
zg1kZ+Jy2XOPAnZsy/fNI1iaFFVL9JcquZvb9kDSJksMbPMszwwHJ/+xCdv7AgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQU3NljX6j/189gwlAoGuR3YvIZl2IwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzNTMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM5MzczNzMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
BTANBgkqhkiG9w0BAQsFAAOCAQEAuj+f9Lrgao1HO5FuAcTwWlhoBXfU0cKxz/gs
JTLfx3E3Nl3RfHMn2qElEkCiE4KiOUwdHztiw/vc/ylsPrrm+bipgaCO2e1iB+zF
1GBER69poIMyrkkGOp1ZqHAD0YSZ6noHF7/u7skQ5RaKV5h2MX6Oyni/O+DK+M9U
5f6MB3Vo/kihV0+o4IW0F+qfHQf4lMoqC6DO8gdGbAw3OBM3YcEkbtnJxkW0Yf+3
aAMmfeNEdam8qH5pVfutYePMjcn9ZanU//fU36ZgyXFp5YmPOk8rSb3KliGsuIU5
W+eBYjxors8XLq0r30z2JSVXzHVaGyEmx4ieUdSElg67YF0EYw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org