Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f32392d3438203d3e2033323134.roa
File: 326130343a366630303a3a2f32392d3438203d3e2033323134.roa (raw, json)
Hash identifier: rI+uuAcr6OYO8coDJAIPzCjRsmauRve/IBaqqKXdQuU=
Subject key identifier: 67:BE:F5:0C:99:0F:AF:1D:DA:20:79:B4:EA:37:4B:F5:F5:27:22:FA
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 743850CA02EFC1D386923FD3C288E1BE8652A180
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f32392d3438203d3e2033323134.roa
Signing time: Sat 16 Aug 2025 01:48:25 +0000
ROA not before: Sat 16 Aug 2025 01:43:25 +0000
ROA not after: Sat 15 Aug 2026 01:48:25 +0000
asID: 3214
IP address blocks: 2a04:6f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:38:50:ca:02:ef:c1:d3:86:92:3f:d3:c2:88:e1:be:86:52:a1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 16 01:43:25 2025 GMT
Not After : Aug 15 01:48:25 2026 GMT
Subject: CN=67BEF50C990FAF1DDA2079B4EA374BF5F52722FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:03:30:8c:e6:fa:26:9c:cb:83:e0:ba:c3:4b:
0e:7c:0c:10:be:64:6e:4d:aa:fd:6a:33:84:25:db:
2c:4c:13:41:df:1f:a5:ca:bc:1f:7b:9f:91:ca:31:
48:6b:e0:67:0a:44:67:a6:cf:4a:3c:3f:f8:27:b6:
c5:38:4a:92:c7:42:84:1c:60:51:33:41:53:dc:ef:
f0:ec:9f:d6:d1:c4:b3:5b:e1:a9:bd:11:57:cb:0f:
52:f9:7a:4b:ca:61:02:59:db:20:8c:a7:12:45:bb:
4d:71:97:8f:05:6d:8c:48:59:c5:88:49:e5:c7:bd:
e6:b0:7d:9a:40:78:30:ca:db:00:ac:7a:fd:06:82:
72:98:2d:b2:7d:75:d5:f7:e1:93:70:8b:a4:bb:2c:
99:62:7f:ee:fa:11:12:13:8b:2e:cf:f4:68:28:65:
fa:a4:24:55:6c:51:63:ad:00:dd:ca:1a:f0:ce:4a:
47:5c:7b:a6:e1:ea:e6:90:35:07:2d:25:71:96:75:
50:2a:0d:d0:b9:66:74:52:97:70:a9:56:76:0e:b6:
94:28:dc:32:4e:22:31:41:92:ae:3f:42:da:b5:b9:
18:97:e9:1b:d6:ad:7c:b9:4e:6a:9e:3d:00:d5:64:
5e:d0:2e:0c:d1:e8:44:ec:f4:00:ff:25:6a:3e:a7:
8e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BE:F5:0C:99:0F:AF:1D:DA:20:79:B4:EA:37:4B:F5:F5:27:22:FA
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f32392d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
8d:5f:54:37:99:cb:ab:07:88:c5:29:81:b2:af:1e:cc:1b:00:
31:15:78:36:bc:59:e9:35:fa:c7:6c:af:2f:79:40:b7:ed:0c:
98:7a:d2:b9:2b:57:0a:d8:ea:40:1f:26:e1:32:8d:6d:74:35:
2b:1c:52:87:38:93:06:57:48:15:7e:59:c3:17:0c:35:35:d9:
b1:ce:8d:22:91:96:5c:22:f9:ba:08:62:6d:d6:fa:6d:a5:50:
68:8d:b5:8b:c5:9a:5c:53:d5:2d:7e:2e:e1:42:2b:43:ed:50:
4b:f5:d1:b5:6d:b3:a9:55:d7:fd:56:1e:87:50:4b:4c:61:be:
58:15:95:00:a2:81:e2:d1:3a:cf:99:0c:d6:76:ba:17:d0:45:
e1:f7:a5:ee:30:0d:70:b4:a1:f5:72:a4:18:5e:1c:2b:15:01:
f8:ca:bb:fc:a2:7a:fc:b0:1f:5b:89:94:78:8c:74:76:d3:b6:
7a:d4:05:bc:77:b0:f6:63:6e:75:7c:88:d3:5e:43:cd:55:e6:
26:b8:59:53:2e:d0:d8:7e:0e:56:ec:dd:dd:95:e4:ac:2a:15:
cb:12:6f:05:a7:3d:e4:7b:e1:7e:d8:b0:e7:f3:4b:44:53:b1:
2b:8f:17:1d:e3:c7:32:db:39:e9:32:5b:5f:3b:15:b6:54:74:
7e:be:9b:75
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUdDhQygLvwdOGkj/TwojhvoZSoYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA4MTYwMTQzMjVaFw0yNjA4MTUwMTQ4MjVaMDMxMTAvBgNV
BAMTKDY3QkVGNTBDOTkwRkFGMUREQTIwNzlCNEVBMzc0QkY1RjUyNzIyRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaAzCM5vomnMuD4LrDSw58DBC+
ZG5Nqv1qM4Ql2yxME0HfH6XKvB97n5HKMUhr4GcKRGemz0o8P/gntsU4SpLHQoQc
YFEzQVPc7/Dsn9bRxLNb4am9EVfLD1L5ekvKYQJZ2yCMpxJFu01xl48FbYxIWcWI
SeXHveawfZpAeDDK2wCsev0GgnKYLbJ9ddX34ZNwi6S7LJlif+76ERITiy7P9Ggo
ZfqkJFVsUWOtAN3KGvDOSkdce6bh6uaQNQctJXGWdVAqDdC5ZnRSl3CpVnYOtpQo
3DJOIjFBkq4/Qtq1uRiX6RvWrXy5TmqePQDVZF7QLgzR6ETs9AD/JWo+p45bAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUZ771DJkPrx3aIHm06jdL9fUnIvowHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzAzNDNhMzY2NjMwMzAzYTNhMmYzMjM5MmQz
NDM4MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoEbwAwDQYJKoZIhvcNAQEL
BQADggEBAI1fVDeZy6sHiMUpgbKvHswbADEVeDa8Wek1+sdsry95QLftDJh60rkr
VwrY6kAfJuEyjW10NSscUoc4kwZXSBV+WcMXDDU12bHOjSKRllwi+boIYm3W+m2l
UGiNtYvFmlxT1S1+LuFCK0PtUEv10bVts6lV1/1WHodQS0xhvlgVlQCigeLROs+Z
DNZ2uhfQReH3pe4wDXC0ofVypBheHCsVAfjKu/yievywH1uJlHiMdHbTtnrUBbx3
sPZjbnV8iNNeQ81V5ia4WVMu0Nh+Dlbs3d2V5KwqFcsSbwWnPeR74X7YsOfzS0RT
sSuPFx3jxzLbOekyW187FbZUdH6+m3U=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:36:51 2025 by rpki-client