Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
File: 3138352e33372e3235322e302f32322d3234203d3e2036323333.roa (raw, json)
Hash identifier: NQ8pxT6KvvjRNyQokVIrEnGmAOiDApTs0f7Qxh1y+W0=
Subject key identifier: 06:35:39:B5:36:F8:33:1D:17:C0:DC:AA:3E:CB:53:2C:D6:D7:47:2A
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 496277A68A33561D4BDA539E15FE2C5EA3972E37
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
Signing time: Sat 16 Aug 2025 01:48:23 +0000
ROA not before: Sat 16 Aug 2025 01:43:23 +0000
ROA not after: Sat 15 Aug 2026 01:48:23 +0000
asID: 6233
IP address blocks: 185.37.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:62:77:a6:8a:33:56:1d:4b:da:53:9e:15:fe:2c:5e:a3:97:2e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 16 01:43:23 2025 GMT
Not After : Aug 15 01:48:23 2026 GMT
Subject: CN=063539B536F8331D17C0DCAA3ECB532CD6D7472A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8d:f1:b2:6f:1a:83:8a:d1:6a:b3:59:84:33:
f8:c6:8e:8d:93:53:67:eb:d9:be:45:3e:b3:a7:7d:
df:34:7f:40:b2:bb:69:bb:90:18:d6:d8:3e:6b:36:
ab:38:6b:b2:83:cb:db:ca:18:2f:a3:a8:e4:fb:14:
07:4a:60:62:72:da:d5:3f:dd:04:37:58:f8:b6:d5:
1c:c8:b2:93:55:26:13:17:40:5f:45:c5:ed:de:b4:
9f:27:c5:52:b0:df:b0:08:a0:47:a3:d0:58:bb:2c:
64:58:66:3a:a2:d9:3b:b1:f8:76:ea:5c:6d:1f:41:
c7:da:17:65:dd:ae:98:11:ab:ea:77:f6:dc:6c:71:
3c:28:3f:8b:5d:ad:a6:b8:00:09:81:e0:c0:fb:f0:
c5:22:7e:02:fc:eb:7c:63:5f:cd:0b:de:e5:9d:d7:
98:be:f8:1b:9b:1c:c5:a8:b0:92:42:aa:7b:a7:6f:
eb:eb:70:e1:83:36:c2:f0:28:7c:c2:5d:e7:e1:bd:
fa:1b:c3:5f:db:15:80:1c:2a:60:42:70:d6:22:83:
95:2c:2d:aa:bd:f6:0e:da:42:b2:18:4b:d8:b0:87:
fe:c6:bc:a2:52:ea:b5:2d:e7:52:9d:13:ff:e0:71:
f1:bb:29:62:78:6e:2f:79:75:21:e7:43:4d:9a:88:
34:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:35:39:B5:36:F8:33:1D:17:C0:DC:AA:3E:CB:53:2C:D6:D7:47:2A
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/3138352e33372e3235322e302f32322d3234203d3e2036323333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.252.0/22
Signature Algorithm: sha256WithRSAEncryption
22:31:5c:3e:33:ba:15:d8:41:fc:d3:ba:99:5e:4a:c3:db:73:
a0:6c:e9:dc:a5:df:7d:1b:21:db:7d:93:1f:27:44:40:60:54:
ca:47:23:0f:dd:e9:36:d3:36:44:b7:52:4a:f0:e9:a2:95:c4:
51:05:50:29:e2:1c:7f:2e:8e:a8:82:e1:ad:7c:2a:70:6e:32:
b0:e8:50:33:f9:b3:ea:b0:a4:44:88:2f:7b:d0:e4:b7:5d:91:
f1:94:bb:64:3e:a6:33:60:7a:e6:e7:b9:ae:1e:ed:47:3b:8f:
4f:fa:19:c6:a3:b5:b7:2e:b6:7c:87:ec:c5:95:14:e3:d6:c3:
7f:57:9a:61:f0:0c:ef:81:a7:c5:48:79:04:0c:b8:24:e4:69:
f6:d4:32:47:19:be:76:eb:1a:a5:99:54:22:55:b7:13:ad:0c:
a0:5d:ab:85:c6:d4:27:f8:d7:ee:d9:30:5d:f3:02:ed:96:eb:
25:9d:af:62:79:c1:34:a0:4e:37:33:52:32:bd:87:fd:31:f9:
f4:dd:d6:d2:5f:01:21:e6:0d:1c:f6:70:a5:b5:24:12:7e:7d:
c2:7b:c0:3a:51:55:a3:af:8b:e4:45:de:7b:83:7a:3d:45:76:
41:de:f5:43:37:27:48:16:a6:85:b1:a4:9e:3d:83:91:4c:1d:
45:f4:5b:2c
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUSWJ3poozVh1L2lOeFf4sXqOXLjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA4MTYwMTQzMjNaFw0yNjA4MTUwMTQ4MjNaMDMxMTAvBgNV
BAMTKDA2MzUzOUI1MzZGODMzMUQxN0MwRENBQTNFQ0I1MzJDRDZENzQ3MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDljfGybxqDitFqs1mEM/jGjo2T
U2fr2b5FPrOnfd80f0Cyu2m7kBjW2D5rNqs4a7KDy9vKGC+jqOT7FAdKYGJy2tU/
3QQ3WPi21RzIspNVJhMXQF9Fxe3etJ8nxVKw37AIoEej0Fi7LGRYZjqi2Tux+Hbq
XG0fQcfaF2XdrpgRq+p39txscTwoP4tdraa4AAmB4MD78MUifgL863xjX80L3uWd
15i++BubHMWosJJCqnunb+vrcOGDNsLwKHzCXefhvfobw1/bFYAcKmBCcNYig5Us
Laq99g7aQrIYS9iwh/7GvKJS6rUt51KdE//gcfG7KWJ4bi95dSHnQ02aiDTjAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQUBjU5tTb4Mx0XwNyqPstTLNbXRyowHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMTM4MzUyZTMzMzcyZTMyMzUzMjJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM2MzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSX8MA0GCSqGSIb3DQEB
CwUAA4IBAQAiMVw+M7oV2EH807qZXkrD23OgbOncpd99GyHbfZMfJ0RAYFTKRyMP
3ek20zZEt1JK8OmilcRRBVAp4hx/Lo6oguGtfCpwbjKw6FAz+bPqsKREiC970OS3
XZHxlLtkPqYzYHrm57muHu1HO49P+hnGo7W3LrZ8h+zFlRTj1sN/V5ph8AzvgafF
SHkEDLgk5Gn21DJHGb526xqlmVQiVbcTrQygXauFxtQn+Nfu2TBd8wLtluslna9i
ecE0oE43M1IyvYf9Mfn03dbSXwEh5g0c9nCltSQSfn3Ce8A6UVWjr4vkRd57g3o9
RXZB3vVDNydIFqaFsaSePYORTB1F9Fss
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:35:52 2025 by rpki-client