Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
File: 326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa (raw, json)
Hash identifier: 8NPkck9mOPVLLl5F7GAgX3FxzVXZYPqFLTI17jRSfC0=
Subject key identifier: 79:AB:71:19:FD:B9:D2:74:44:74:13:7F:49:69:05:FC:24:7A:19:5C
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 4C4B5523C5A499A959B9FABB18F66B0F6DE82F3E
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
Signing time: Thu 31 Jul 2025 09:52:51 +0000
ROA not before: Thu 31 Jul 2025 09:47:51 +0000
ROA not after: Thu 30 Jul 2026 09:52:51 +0000
asID: 134666
IP address blocks: 2a0b:2542:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 23:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:4b:55:23:c5:a4:99:a9:59:b9:fa:bb:18:f6:6b:0f:6d:e8:2f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Jul 31 09:47:51 2025 GMT
Not After : Jul 30 09:52:51 2026 GMT
Subject: CN=79AB7119FDB9D2744474137F496905FC247A195C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0c:80:b9:36:d6:c0:05:95:ae:56:c4:2a:3c:
ab:c1:72:20:d2:43:6f:5c:dc:29:1b:b1:e6:57:ea:
68:15:ba:3f:8e:45:be:dc:1b:34:a1:2d:9c:a1:64:
6a:e4:90:99:85:8e:da:c7:7d:97:82:3d:5f:7e:0e:
fa:a2:7a:21:14:5c:39:79:d8:03:24:62:13:d6:13:
64:29:01:6a:46:aa:6c:e9:dd:11:a0:48:a0:96:83:
6a:9d:23:f2:ba:1f:89:74:f8:f6:1f:18:7b:61:c1:
18:d5:16:45:0a:55:c0:59:42:5f:3a:cf:c2:29:6c:
2c:29:7a:64:1f:7e:ad:8f:9e:e4:3e:61:b2:55:98:
32:4a:86:71:02:9d:eb:4a:36:0e:4c:f0:0e:2a:2c:
1a:49:19:6a:d2:66:75:e5:1d:34:48:e5:c6:26:6c:
3c:fe:c8:ed:87:06:44:71:21:8e:f4:6a:35:93:1a:
e3:40:e8:25:31:96:9e:44:49:85:8e:7c:4f:e7:b4:
f5:1e:13:b0:a4:f6:4f:d1:c7:85:2d:6a:17:0e:fc:
c2:8e:44:b5:04:b1:58:2a:3f:00:be:99:99:ec:54:
b6:ff:be:35:61:3a:53:b4:e4:e8:28:ed:aa:71:ea:
61:f0:76:71:15:48:8f:ef:ee:35:48:6f:f7:6c:b1:
1f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:AB:71:19:FD:B9:D2:74:44:74:13:7F:49:69:05:FC:24:7A:19:5C
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3130303a3a2f34302d3438203d3e20313334363636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:100::/40
Signature Algorithm: sha256WithRSAEncryption
d6:0b:4a:26:7a:90:0d:85:8e:db:57:d6:cc:a7:b1:d8:ba:9b:
cf:1e:89:37:04:57:90:13:f1:af:e4:89:40:5e:6b:83:80:bb:
95:5a:50:c6:ee:87:09:11:52:5f:f9:70:b6:ae:6c:c2:5d:0f:
42:5d:ab:14:8a:7f:ae:dc:d6:8d:37:b3:ad:8c:ea:67:de:9e:
44:0e:26:c2:ff:77:e4:a2:65:cf:a7:10:17:ad:7d:e9:a5:08:
8f:6f:20:07:58:e7:2f:d3:9b:df:18:bd:71:ca:f8:e7:66:e7:
24:11:b5:ed:03:35:b2:19:c2:01:f0:f5:60:92:9b:ef:d5:82:
a5:ca:d5:69:d5:66:b0:f0:94:03:0c:77:88:33:13:b8:e7:fc:
c6:fc:02:55:6e:ba:9a:37:d9:ab:18:b4:20:9b:19:51:44:b5:
36:2f:f2:64:d1:86:b6:39:78:26:ac:f7:2e:26:ba:bb:98:06:
c3:df:d6:ff:5c:be:22:74:a9:de:eb:d9:a9:41:11:9a:a2:f7:
8b:03:4b:aa:c8:4a:d4:a9:ee:21:b9:ac:4a:0b:b1:be:2f:70:
06:e4:65:c9:cb:a3:0a:a6:35:ce:54:bc:b7:67:92:29:44:de:
a1:0f:2c:7d:5f:e2:0e:65:58:94:5c:4f:44:6e:a0:1d:cb:2c:
c7:01:3d:1a
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUTEtVI8WkmalZufq7GPZrD23oLz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA3MzEwOTQ3NTFaFw0yNjA3MzAwOTUyNTFaMDMxMTAvBgNV
BAMTKDc5QUI3MTE5RkRCOUQyNzQ0NDc0MTM3RjQ5NjkwNUZDMjQ3QTE5NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSDIC5NtbABZWuVsQqPKvBciDS
Q29c3CkbseZX6mgVuj+ORb7cGzShLZyhZGrkkJmFjtrHfZeCPV9+DvqieiEUXDl5
2AMkYhPWE2QpAWpGqmzp3RGgSKCWg2qdI/K6H4l0+PYfGHthwRjVFkUKVcBZQl86
z8IpbCwpemQffq2PnuQ+YbJVmDJKhnECnetKNg5M8A4qLBpJGWrSZnXlHTRI5cYm
bDz+yO2HBkRxIY70ajWTGuNA6CUxlp5ESYWOfE/ntPUeE7Ck9k/Rx4UtahcO/MKO
RLUEsVgqPwC+mZnsVLb/vjVhOlO05Ogo7apx6mHwdnEVSI/v7jVIb/dssR9fAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUeatxGf250nREdBN/SWkF/CR6GVwwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzMTMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTMzMzQzNjM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
ATANBgkqhkiG9w0BAQsFAAOCAQEA1gtKJnqQDYWO21fWzKex2Lqbzx6JNwRXkBPx
r+SJQF5rg4C7lVpQxu6HCRFSX/lwtq5swl0PQl2rFIp/rtzWjTezrYzqZ96eRA4m
wv935KJlz6cQF6196aUIj28gB1jnL9Ob3xi9ccr452bnJBG17QM1shnCAfD1YJKb
79WCpcrVadVmsPCUAwx3iDMTuOf8xvwCVW66mjfZqxi0IJsZUUS1Ni/yZNGGtjl4
Jqz3Lia6u5gGw9/W/1y+InSp3uvZqUERmqL3iwNLqshK1KnuIbmsSguxvi9wBuRl
ycujCqY1zlS8t2eSKUTeoQ8sfV/iDmVYlFxPRG6gHcssxwE9Gg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 05:41:59 2025 by rpki-client