Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f33322d3438203d3e2033323134.roa
File: 326130343a366630303a3a2f33322d3438203d3e2033323134.roa (raw, json)
Hash identifier: lza3nPkj8SCKG8eAvBV5dByEl4Di+o6phLpaa4Ix6jU=
Subject key identifier: 2E:1C:9A:39:58:BF:38:D9:2E:DC:FB:50:55:5C:80:B5:5E:8C:98:7E
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 517D38DD6F936E896E21E6C19736A2AD1AFB9A20
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f33322d3438203d3e2033323134.roa
Signing time: Sat 16 Aug 2025 01:48:24 +0000
ROA not before: Sat 16 Aug 2025 01:43:24 +0000
ROA not after: Sat 15 Aug 2026 01:48:24 +0000
asID: 3214
IP address blocks: 2a04:6f00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:7d:38:dd:6f:93:6e:89:6e:21:e6:c1:97:36:a2:ad:1a:fb:9a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 16 01:43:24 2025 GMT
Not After : Aug 15 01:48:24 2026 GMT
Subject: CN=2E1C9A3958BF38D92EDCFB50555C80B55E8C987E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:c1:33:f6:f2:8c:06:e4:7f:a8:44:86:ae:
08:38:48:64:34:58:ab:d7:e6:09:95:17:28:54:ff:
e0:0e:39:ee:7e:46:e7:fc:e7:a9:7c:b1:de:38:2d:
e4:4b:10:0a:60:a1:e4:7f:a6:55:1a:1e:85:8e:e7:
b7:36:51:c6:ff:d1:71:be:7a:69:b4:9b:37:fb:b9:
64:fc:02:1a:66:2a:61:26:6f:69:e8:76:8c:dd:d0:
be:53:90:ac:1e:d0:cc:cc:f4:95:3f:e8:53:a3:8f:
93:70:a0:cc:62:73:1a:a1:ec:17:6c:6b:21:16:17:
17:8d:a8:ed:92:f7:69:f2:20:ed:ea:98:e8:8f:2d:
8a:55:85:ab:bf:8e:4a:6e:0e:d3:83:41:7c:e4:6b:
54:fa:84:a3:3d:f5:a2:56:a6:8d:d4:4f:b4:e6:b8:
68:4a:32:d9:fb:13:91:41:64:ea:f5:16:75:ea:04:
3f:77:ed:79:3b:15:37:2d:d9:1a:43:7d:49:52:db:
27:d4:ad:5e:a6:b6:b9:6b:df:92:42:98:ad:66:d3:
d5:a8:a3:7b:ef:79:ba:ce:65:e7:7c:31:c3:79:d1:
d1:d1:38:95:2b:69:b4:7f:93:23:75:75:d9:6f:51:
84:e0:ee:0a:c1:bd:06:4d:28:04:cb:87:12:d9:43:
84:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1C:9A:39:58:BF:38:D9:2E:DC:FB:50:55:5C:80:B5:5E:8C:98:7E
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630303a3a2f33322d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6f00::/32
Signature Algorithm: sha256WithRSAEncryption
90:74:e1:62:d0:27:52:f4:3b:6c:70:e1:96:09:cf:cb:66:68:
b1:f0:a8:21:d6:70:af:b1:34:89:96:82:21:cf:dd:19:ba:33:
81:46:f2:df:81:e3:7f:4d:c6:67:fd:5a:58:51:a4:a1:04:dc:
a1:87:00:aa:d3:53:63:6c:88:a0:6a:45:d4:be:38:a7:3e:2e:
10:97:15:cc:12:14:7b:ad:1d:d2:b8:36:79:c4:b9:4d:87:42:
ff:39:21:dd:a1:e3:3a:42:26:2f:75:4e:54:16:79:49:d2:cf:
46:50:1b:99:22:7e:f1:46:4a:72:c9:a0:dd:c2:47:44:81:9a:
09:7a:86:e5:ae:16:ca:96:d4:37:19:01:d8:58:9b:7e:ff:e2:
42:95:c4:cd:19:fb:83:6d:41:f3:61:74:ef:ca:7c:51:9b:d8:
d9:02:63:d9:08:2a:59:ad:df:20:1d:74:55:eb:e4:b1:fa:d2:
d8:83:c8:17:1f:57:eb:7a:21:ac:87:84:19:cb:07:12:ca:b1:
ac:f3:a0:53:67:f9:fc:bc:86:07:20:62:d6:6a:c1:eb:cf:1d:
e4:92:9e:8e:57:07:ba:08:46:24:27:2a:d9:97:7b:45:f4:23:
ea:4a:94:74:3d:b5:fa:93:4a:03:0c:4d:4b:ae:3c:27:d4:d1:
ca:b6:89:e9
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUUX043W+TboluIebBlzairRr7miAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA4MTYwMTQzMjRaFw0yNjA4MTUwMTQ4MjRaMDMxMTAvBgNV
BAMTKDJFMUM5QTM5NThCRjM4RDkyRURDRkI1MDU1NUM4MEI1NUU4Qzk4N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1bsEz9vKMBuR/qESGrgg4SGQ0
WKvX5gmVFyhU/+AOOe5+Ruf856l8sd44LeRLEApgoeR/plUaHoWO57c2Ucb/0XG+
emm0mzf7uWT8AhpmKmEmb2nodozd0L5TkKwe0MzM9JU/6FOjj5NwoMxicxqh7Bds
ayEWFxeNqO2S92nyIO3qmOiPLYpVhau/jkpuDtODQXzka1T6hKM99aJWpo3UT7Tm
uGhKMtn7E5FBZOr1FnXqBD937Xk7FTct2RpDfUlS2yfUrV6mtrlr35JCmK1m09Wo
o3vvebrOZed8McN50dHROJUrabR/kyN1ddlvUYTg7grBvQZNKATLhxLZQ4SFAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQULhyaOVi/ONku3PtQVVyAtV6MmH4wHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzAzNDNhMzY2NjMwMzAzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoEbwAwDQYJKoZIhvcNAQEL
BQADggEBAJB04WLQJ1L0O2xw4ZYJz8tmaLHwqCHWcK+xNImWgiHP3Rm6M4FG8t+B
439Nxmf9WlhRpKEE3KGHAKrTU2NsiKBqRdS+OKc+LhCXFcwSFHutHdK4NnnEuU2H
Qv85Id2h4zpCJi91TlQWeUnSz0ZQG5kifvFGSnLJoN3CR0SBmgl6huWuFsqW1DcZ
AdhYm37/4kKVxM0Z+4NtQfNhdO/KfFGb2NkCY9kIKlmt3yAddFXr5LH60tiDyBcf
V+t6IayHhBnLBxLKsazzoFNn+fy8hgcgYtZqwevPHeSSno5XB7oIRiQnKtmXe0X0
I+pKlHQ9tfqTSgMMTUuuPCfU0cq2iek=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:36:22 2025 by rpki-client