Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3a2f34382d3438203d3e20313337323536.roa
File: 326130623a323534323a3a2f34382d3438203d3e20313337323536.roa (raw, json)
Hash identifier: jo9/TfqHe8coP6CLQoJAgiV9pkwdZ4Aen9L4GMibhSE=
Subject key identifier: CB:7A:A3:E1:08:BB:D5:BF:EA:16:FC:4A:24:BF:54:9D:83:7E:6F:96
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 733DEADB93232A15B81BA5E1182E46186DB4E3D3
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3a2f34382d3438203d3e20313337323536.roa
Signing time: Sat 14 Sep 2024 01:22:29 +0000
ROA not before: Sat 14 Sep 2024 01:17:29 +0000
ROA not after: Sat 13 Sep 2025 01:22:29 +0000
asID: 137256
IP address blocks: 2a0b:2542::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:3d:ea:db:93:23:2a:15:b8:1b:a5:e1:18:2e:46:18:6d:b4:e3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Sep 14 01:17:29 2024 GMT
Not After : Sep 13 01:22:29 2025 GMT
Subject: CN=CB7AA3E108BBD5BFEA16FC4A24BF549D837E6F96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6f:b2:78:56:bf:47:fe:b5:ad:fd:b8:a9:a1:
0c:77:b9:4f:18:24:f1:96:54:d1:a8:31:3d:1f:40:
61:ab:9c:09:15:c0:cb:fd:2c:b9:94:2b:75:ac:88:
3b:be:53:87:a9:51:18:2a:92:da:75:c3:35:03:82:
62:33:37:9b:5e:b0:51:f6:d9:20:ac:ff:33:c4:eb:
dc:57:44:a7:8a:f2:ac:25:27:08:77:95:1d:46:11:
86:bd:d5:44:77:b6:0f:74:44:7d:5f:e2:49:17:af:
f4:0b:a6:9a:c7:19:e4:cf:f7:aa:a2:db:a4:9f:43:
6c:6a:fe:a3:4d:1e:36:66:ca:f6:83:02:5f:75:51:
6d:bf:d1:38:3e:d2:84:e0:78:9e:5c:90:02:b2:ca:
ab:bc:bb:c9:2d:57:b0:ea:57:49:ef:3c:66:7d:b7:
33:39:ec:02:8f:e6:36:67:42:1e:f0:d9:80:e3:19:
ff:ad:fc:b4:b8:49:ab:88:a9:19:0e:e0:9b:b5:35:
65:0e:2a:6b:49:88:ae:80:a8:10:0d:f4:a7:42:3a:
84:27:70:a2:ee:c9:c0:a8:be:76:78:c3:37:6b:12:
63:89:58:50:3f:ed:79:99:f2:12:0a:49:90:95:58:
97:99:64:c3:09:21:60:82:18:d8:02:4f:46:84:bc:
29:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7A:A3:E1:08:BB:D5:BF:EA:16:FC:4A:24:BF:54:9D:83:7E:6F:96
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3a2f34382d3438203d3e20313337323536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542::/48
Signature Algorithm: sha256WithRSAEncryption
94:fd:81:b3:a7:6a:c8:57:fd:fc:a1:87:79:03:26:1a:b0:98:
19:3a:1f:a1:9f:25:19:be:b3:a5:96:e8:83:19:6f:ca:e3:c4:
14:42:db:74:d5:5f:e4:d3:90:ee:c0:dc:df:b0:5f:b0:92:e0:
ac:fd:c7:e6:6c:55:0e:cd:c0:48:10:48:f5:cd:ab:13:a7:2f:
11:03:99:96:27:55:ad:44:71:45:fe:a9:83:a5:cd:1b:32:f7:
d0:1a:88:63:78:bb:ac:fe:a6:52:42:5d:51:db:c8:98:23:02:
83:e5:ab:22:ad:69:37:d3:b7:94:4b:4c:e3:1e:99:04:f3:8e:
8a:18:ca:05:9d:f5:f7:71:70:4c:c3:36:09:c9:86:f9:33:d3:
ac:e5:29:5e:a0:d2:14:47:c9:1d:5e:99:1a:57:7c:64:c8:7f:
27:62:eb:fe:98:51:0f:f1:0c:1d:c1:3e:03:7e:54:45:35:51:
35:9d:a0:cf:f6:72:13:d3:e4:9f:2b:47:13:d5:5c:0d:4f:9f:
e6:0a:1d:e2:d7:7b:65:a1:07:e4:3b:90:b8:e5:61:9b:34:b4:
91:64:33:fd:c2:31:c8:84:75:16:f1:1c:ce:ec:be:f7:09:7b:
5a:b2:e6:4a:bb:67:f6:96:4d:43:6d:b8:05:6a:72:fa:5c:93:
0d:9b:32:87
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUcz3q25MjKhW4G6XhGC5GGG2049MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNDA5MTQwMTE3MjlaFw0yNTA5MTMwMTIyMjlaMDMxMTAvBgNV
BAMTKENCN0FBM0UxMDhCQkQ1QkZFQTE2RkM0QTI0QkY1NDlEODM3RTZGOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDab7J4Vr9H/rWt/bipoQx3uU8Y
JPGWVNGoMT0fQGGrnAkVwMv9LLmUK3WsiDu+U4epURgqktp1wzUDgmIzN5tesFH2
2SCs/zPE69xXRKeK8qwlJwh3lR1GEYa91UR3tg90RH1f4kkXr/QLpprHGeTP96qi
26SfQ2xq/qNNHjZmyvaDAl91UW2/0Tg+0oTgeJ5ckAKyyqu8u8ktV7DqV0nvPGZ9
tzM57AKP5jZnQh7w2YDjGf+t/LS4SauIqRkO4Ju1NWUOKmtJiK6AqBAN9KdCOoQn
cKLuycCovnZ4wzdrEmOJWFA/7XmZ8hIKSZCVWJeZZMMJIWCCGNgCT0aEvCnxAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUy3qj4Qi71b/qFvxKJL9UnYN+b5YwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB4BggrBgEFBQcBCwRsMGowaAYIKwYBBQUHMAuGXHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzA2MjNhMzIzNTM0MzIzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTMzMzczMjM1MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCyVCAAAwDQYJKoZI
hvcNAQELBQADggEBAJT9gbOnashX/fyhh3kDJhqwmBk6H6GfJRm+s6WW6IMZb8rj
xBRC23TVX+TTkO7A3N+wX7CS4Kz9x+ZsVQ7NwEgQSPXNqxOnLxEDmZYnVa1EcUX+
qYOlzRsy99AaiGN4u6z+plJCXVHbyJgjAoPlqyKtaTfTt5RLTOMemQTzjooYygWd
9fdxcEzDNgnJhvkz06zlKV6g0hRHyR1emRpXfGTIfydi6/6YUQ/xDB3BPgN+VEU1
UTWdoM/2chPT5J8rRxPVXA1Pn+YKHeLXe2WhB+Q7kLjlYZs0tJFkM/3CMciEdRbx
HM7svvcJe1qy5kq7Z/aWTUNtuAVqcvpckw2bMoc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org