Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
File: 326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa (raw, json)
Hash identifier: GpRavTvGYs7uKFvkWN3pBB5tsJ8nHQ9NvPvPNgMyH1Q=
Subject key identifier: E3:2E:1C:03:DF:1D:F9:DD:7C:5C:B8:17:20:28:E7:20:4E:80:6D:7E
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: F88C340E932A769075A513CC17D839F9C1CDAC
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
Signing time: Tue 03 Jun 2025 15:12:45 +0000
ROA not before: Tue 03 Jun 2025 15:07:45 +0000
ROA not after: Tue 02 Jun 2026 15:12:45 +0000
asID: 197730
IP address blocks: 2a0b:2542:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 00:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f8:8c:34:0e:93:2a:76:90:75:a5:13:cc:17:d8:39:f9:c1:cd:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Jun 3 15:07:45 2025 GMT
Not After : Jun 2 15:12:45 2026 GMT
Subject: CN=E32E1C03DF1DF9DD7C5CB8172028E7204E806D7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:8a:fe:3f:ec:81:2e:7d:8a:8a:7d:45:29:
cf:17:bd:5c:59:d7:0f:f4:48:a7:9d:52:95:09:fd:
fe:18:e7:52:82:6d:c8:57:d9:05:ba:a0:4d:98:15:
be:e3:b6:bd:49:2d:55:39:b9:59:60:96:bb:85:4b:
be:14:7e:70:6d:9d:39:9d:c2:df:bb:ec:98:5b:10:
fd:b6:c0:7e:14:d7:e2:5b:9e:01:59:f9:6c:0f:38:
a1:87:c4:e7:db:62:73:ec:ca:39:15:1c:bc:5e:8e:
86:57:d9:66:fe:f5:66:b5:bd:d0:0e:9c:77:f2:51:
e2:9a:21:36:e7:03:0f:4c:c9:80:1c:18:03:e7:ce:
55:99:fb:5a:57:a7:a1:35:a8:25:81:29:99:e2:ed:
e4:00:4d:e4:45:2b:eb:dd:eb:1f:7f:47:f2:40:71:
41:95:2c:1d:3d:3c:35:68:ff:2f:51:fb:08:19:01:
d8:fe:28:41:d3:d9:c6:3a:4f:ee:b5:3b:15:a8:9b:
97:a7:95:2c:a0:b5:86:a8:c6:63:31:fb:5d:49:c5:
bc:6b:d9:1f:92:7b:a8:eb:e9:c9:4e:6d:81:5e:66:
e9:74:93:8c:d4:93:9a:2d:6a:d3:fc:7d:7a:a3:e3:
3f:14:cf:a4:5c:87:01:ef:b5:b3:70:47:ea:ec:84:
04:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2E:1C:03:DF:1D:F9:DD:7C:5C:B8:17:20:28:E7:20:4E:80:6D:7E
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:500::/40
Signature Algorithm: sha256WithRSAEncryption
13:12:bc:75:71:f3:bb:ff:bb:e6:24:fa:c6:00:8e:c0:5a:25:
db:41:e8:f2:2e:b6:e8:df:e8:b3:6d:06:2a:30:fe:7b:b4:59:
6b:d0:ef:28:92:0c:eb:2d:e6:1c:5a:5b:17:76:05:37:1b:22:
99:8e:2d:c4:d7:8a:5e:ea:f7:a8:45:1e:f7:a7:fc:80:7e:07:
c3:f6:f0:38:e5:b4:08:f3:46:a9:1e:bf:f4:3f:16:45:16:73:
36:48:37:e9:3a:83:86:26:9f:07:0f:e9:ed:39:64:6a:be:36:
9e:18:00:17:85:97:e2:af:d7:cf:95:ee:fc:e2:e3:1c:06:ed:
bc:46:5c:3d:a6:92:0b:b3:88:1f:fe:21:87:bf:50:9d:30:20:
5a:c7:ff:86:e2:a2:6b:e7:ee:ee:b5:21:c5:27:f7:5a:56:05:
ef:1e:a7:3e:db:6f:d3:54:ab:22:48:15:4e:01:de:ab:64:33:
26:a6:5f:63:42:72:4a:71:cf:cd:19:ba:89:9f:f9:f6:21:4b:
06:5f:f0:cb:2f:aa:47:01:dd:2b:60:68:ac:63:df:f0:74:72:
63:f8:8d:f0:10:66:29:29:cf:7f:b0:38:c0:7a:e0:9c:64:f4:
b9:5e:ad:06:52:94:b9:84:01:dc:d2:65:6d:74:c6:87:31:73:
f3:b3:a1:29
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUAPiMNA6TKnaQdaUTzBfYOfnBzawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA2MDMxNTA3NDVaFw0yNjA2MDIxNTEyNDVaMDMxMTAvBgNV
BAMTKEUzMkUxQzAzREYxREY5REQ3QzVDQjgxNzIwMjhFNzIwNEU4MDZEN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3I4r+P+yBLn2Kin1FKc8XvVxZ
1w/0SKedUpUJ/f4Y51KCbchX2QW6oE2YFb7jtr1JLVU5uVlglruFS74UfnBtnTmd
wt+77JhbEP22wH4U1+JbngFZ+WwPOKGHxOfbYnPsyjkVHLxejoZX2Wb+9Wa1vdAO
nHfyUeKaITbnAw9MyYAcGAPnzlWZ+1pXp6E1qCWBKZni7eQATeRFK+vd6x9/R/JA
cUGVLB09PDVo/y9R+wgZAdj+KEHT2cY6T+61OxWom5enlSygtYaoxmMx+11Jxbxr
2R+Se6jr6clObYFeZul0k4zUk5otatP8fXqj4z8Uz6RchwHvtbNwR+rshATxAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQU4y4cA98d+d18XLgXICjnIE6AbX4wHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzNTMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM5MzczNzMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
BTANBgkqhkiG9w0BAQsFAAOCAQEAExK8dXHzu/+75iT6xgCOwFol20Ho8i626N/o
s20GKjD+e7RZa9DvKJIM6y3mHFpbF3YFNxsimY4txNeKXur3qEUe96f8gH4Hw/bw
OOW0CPNGqR6/9D8WRRZzNkg36TqDhiafBw/p7Tlkar42nhgAF4WX4q/Xz5Xu/OLj
HAbtvEZcPaaSC7OIH/4hh79QnTAgWsf/huKia+fu7rUhxSf3WlYF7x6nPttv01Sr
IkgVTgHeq2QzJqZfY0JySnHPzRm6iZ/59iFLBl/wyy+qRwHdK2BorGPf8HRyY/iN
8BBmKSnPf7A4wHrgnGT0uV6tBlKUuYQB3NJlbXTGhzFz87OhKQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:47:51 2025 by rpki-client