Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa
File: 326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa (raw, json)
Hash identifier: HOFAAGtTRbMuWWbAWrzmI3hRwSi9Bn6GOPIwDKufE5w=
Subject key identifier: EE:C8:28:EC:0E:98:CE:9D:96:32:D0:B1:58:FB:92:DE:25:D0:FD:76
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 5530D57CFBFCC664FC0BF26B30E01B0CF1BCDE1F
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa
Signing time: Wed 23 Apr 2025 12:01:47 +0000
ROA not before: Wed 23 Apr 2025 11:56:47 +0000
ROA not after: Wed 22 Apr 2026 12:01:47 +0000
asID: 212512
IP address blocks: 2a0b:2542:1300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Apr 2025 22:54:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:30:d5:7c:fb:fc:c6:64:fc:0b:f2:6b:30:e0:1b:0c:f1:bc:de:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Apr 23 11:56:47 2025 GMT
Not After : Apr 22 12:01:47 2026 GMT
Subject: CN=EEC828EC0E98CE9D9632D0B158FB92DE25D0FD76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a8:7d:3b:e7:5f:c7:14:fe:d0:a4:c7:cc:e6:
50:13:39:a9:3f:6a:e7:d6:b9:88:2a:3e:7e:fd:47:
db:86:ce:bb:d0:cf:70:1c:7a:5d:8d:6e:d6:6f:83:
d0:ea:b8:de:c6:5a:ac:24:ed:0c:38:35:4f:66:fd:
0f:88:d1:d5:4d:ce:3f:8c:a5:c2:9c:0d:dd:96:a9:
7a:22:22:2a:9a:58:7f:c5:45:80:49:b5:c2:49:eb:
31:16:84:d7:8b:df:7a:83:7b:bb:10:62:fa:85:78:
cf:cd:38:e9:c7:0c:2f:0b:1a:e8:bb:b5:2d:15:9e:
cf:cf:98:79:99:d3:0b:4e:8d:70:af:92:e5:96:1e:
a7:10:27:f4:60:de:92:04:62:40:04:57:7f:15:36:
25:63:75:de:34:0d:c9:93:40:01:19:b3:11:b5:2e:
15:8b:57:24:7a:1c:4f:99:9b:db:ce:f1:ee:04:47:
b6:a7:3a:81:d6:1b:96:b2:e6:43:37:d5:1d:e8:ac:
3e:be:d5:00:6a:37:43:de:e5:04:0b:30:63:7d:71:
59:bd:89:d9:00:db:12:29:2d:9a:ea:f9:04:e4:4c:
1d:84:12:59:73:4e:25:58:c3:a3:73:7d:78:46:a0:
91:52:a4:2e:d1:e9:33:aa:04:91:85:7d:5e:9e:8f:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C8:28:EC:0E:98:CE:9D:96:32:D0:B1:58:FB:92:DE:25:D0:FD:76
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:1300::/40
Signature Algorithm: sha256WithRSAEncryption
52:42:01:4e:92:56:c2:72:88:70:af:82:55:a2:0b:65:d3:39:
c3:04:c4:07:6f:72:a9:34:b1:3f:57:c9:1c:c4:c4:ad:9d:7a:
a2:3e:fd:01:2a:bf:cd:99:31:31:f9:85:0e:e2:9b:d5:dc:92:
a1:5d:ef:b8:7d:cd:a6:cd:f0:e5:cd:85:d1:5b:83:a7:4d:2f:
ce:b9:59:a5:be:6b:f0:73:c6:a5:a8:e1:87:cd:99:92:e2:3e:
e1:58:79:cf:62:5f:56:a4:7e:b9:66:66:94:a7:e4:4e:9d:4b:
2f:47:06:97:2e:bc:39:dd:a4:2b:fb:c1:27:f5:aa:b5:3b:8a:
8d:b9:89:b1:fa:1c:0a:6e:f0:dd:c5:06:95:ea:d2:7e:c7:b5:
c0:29:66:f2:6b:df:5f:25:14:08:43:0e:4d:0c:e5:71:ed:83:
31:04:c8:c7:12:70:bd:36:bf:da:a8:c5:a1:d9:86:2c:cb:1b:
d4:cc:60:d4:8f:4e:f0:a1:23:17:49:c7:0b:38:b5:fd:cd:1e:
2c:67:d1:d7:67:af:1d:7a:26:de:4f:9b:f1:a4:28:8b:ff:69:
60:63:24:47:d7:13:cc:c6:12:e5:28:3d:a8:f7:a6:ba:96:07:
58:a6:f9:70:6a:de:3e:27:d4:9f:9c:65:61:53:10:c5:ca:07:
a8:54:2c:16
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIUVTDVfPv8xmT8C/JrMOAbDPG83h8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA0MjMxMTU2NDdaFw0yNjA0MjIxMjAxNDdaMDMxMTAvBgNV
BAMTKEVFQzgyOEVDMEU5OENFOUQ5NjMyRDBCMTU4RkI5MkRFMjVEMEZENzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6qH0751/HFP7QpMfM5lATOak/
aufWuYgqPn79R9uGzrvQz3Acel2NbtZvg9DquN7GWqwk7Qw4NU9m/Q+I0dVNzj+M
pcKcDd2WqXoiIiqaWH/FRYBJtcJJ6zEWhNeL33qDe7sQYvqFeM/NOOnHDC8LGui7
tS0Vns/PmHmZ0wtOjXCvkuWWHqcQJ/Rg3pIEYkAEV38VNiVjdd40DcmTQAEZsxG1
LhWLVyR6HE+Zm9vO8e4ER7anOoHWG5ay5kM31R3orD6+1QBqN0Pe5QQLMGN9cVm9
idkA2xIpLZrq+QTkTB2EEllzTiVYw6NzfXhGoJFSpC7R6TOqBJGFfV6ej1GPAgMB
AAGjggHdMIIB2TAdBgNVHQ4EFgQU7sgo7A6Yzp2WMtCxWPuS3iXQ/XYwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBggYIKwYBBQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzMTMzMzAzMDNh
M2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMjM1MzEzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoL
JUITMA0GCSqGSIb3DQEBCwUAA4IBAQBSQgFOklbCcohwr4JVogtl0znDBMQHb3Kp
NLE/V8kcxMStnXqiPv0BKr/NmTEx+YUO4pvV3JKhXe+4fc2mzfDlzYXRW4OnTS/O
uVmlvmvwc8alqOGHzZmS4j7hWHnPYl9WpH65ZmaUp+ROnUsvRwaXLrw53aQr+8En
9aq1O4qNuYmx+hwKbvDdxQaV6tJ+x7XAKWbya99fJRQIQw5NDOVx7YMxBMjHEnC9
Nr/aqMWh2YYsyxvUzGDUj07woSMXSccLOLX9zR4sZ9HXZ68deibeT5vxpCiL/2lg
YyRH1xPMxhLlKD2o96a6lgdYpvlwat4+J9SfnGVhUxDFygeoVCwW
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:46:35 2025 by rpki-client