Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130343a366630333a3a2f33322d3438203d3e2033323134.roa
File: 326130343a366630333a3a2f33322d3438203d3e2033323134.roa (raw, json)
Hash identifier: VZJ9xS1sUtMSa++9W7Z8a5auxT4c5bOMXWTaS4Ut5ME=
Subject key identifier: B8:C9:26:A6:27:32:CA:6C:39:6D:2C:7C:2A:F0:E2:15:38:F1:D1:30
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 69A7C3DDA12F8732612F9AE6369FD1A3523AFCAC
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630333a3a2f33322d3438203d3e2033323134.roa
Signing time: Sat 16 Aug 2025 01:48:24 +0000
ROA not before: Sat 16 Aug 2025 01:43:24 +0000
ROA not after: Sat 15 Aug 2026 01:48:24 +0000
asID: 3214
IP address blocks: 2a04:6f03::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:a7:c3:dd:a1:2f:87:32:61:2f:9a:e6:36:9f:d1:a3:52:3a:fc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 16 01:43:24 2025 GMT
Not After : Aug 15 01:48:24 2026 GMT
Subject: CN=B8C926A62732CA6C396D2C7C2AF0E21538F1D130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:4a:04:b9:ab:61:25:5c:cd:d4:5b:9f:b1:
30:ea:74:f0:e8:ec:11:a8:96:7e:8a:5a:91:f2:b5:
a8:e8:22:32:b3:f2:ce:60:8a:6e:1b:a9:1a:4a:84:
68:20:74:f4:33:41:51:e0:e3:9d:34:50:0a:93:c1:
67:bf:73:81:49:e8:a8:a5:b9:83:29:c5:ce:68:a9:
27:b0:6d:48:84:18:e2:14:00:57:ff:d6:45:06:2e:
7f:3e:e5:8b:63:cd:46:ef:54:0d:62:f9:c4:ba:cf:
2e:60:ba:f6:cb:b6:05:22:4f:bd:3f:76:fe:67:e8:
91:a5:23:d5:81:4b:64:b4:4d:b5:67:82:08:e7:40:
73:da:66:28:be:d3:77:a6:a4:f1:7f:09:2e:db:08:
07:b8:20:f1:0e:5d:d5:a1:98:0b:cf:6c:70:c2:f2:
52:a3:76:40:74:58:7f:6f:c8:af:06:eb:af:7a:b1:
d1:8e:c3:1c:76:56:ce:2e:f5:7a:95:8b:77:ba:43:
45:5f:c2:2f:1a:ce:7b:3f:09:c6:89:f1:2b:9f:ff:
e1:98:c0:1a:8e:c7:7a:57:d6:a0:b2:16:13:9d:63:
5e:db:13:a8:de:f5:ab:56:06:87:a8:9c:cc:27:4a:
e3:3f:6e:37:d7:5e:29:cd:d8:73:77:a6:a6:6c:b0:
79:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C9:26:A6:27:32:CA:6C:39:6D:2C:7C:2A:F0:E2:15:38:F1:D1:30
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130343a366630333a3a2f33322d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6f03::/32
Signature Algorithm: sha256WithRSAEncryption
d1:e8:f1:ce:ae:aa:8e:c1:b7:1f:fc:e9:57:2e:a4:ab:9a:e6:
85:c0:7a:8b:dc:ab:6b:7a:ad:d2:f6:8e:44:e0:14:9f:d1:56:
54:69:f3:06:21:ef:26:a2:5e:16:c8:92:fa:1d:a4:5c:75:37:
92:38:98:fc:a5:a7:c7:d4:76:d9:cb:09:28:af:b2:73:c5:c4:
7f:f0:ca:33:d6:b6:24:23:02:9a:d1:f1:39:84:9f:f2:58:82:
28:6c:36:1e:29:e8:f8:7d:8f:6e:b5:b2:61:0c:aa:6a:46:b2:
5f:fd:7f:87:81:a2:03:93:70:52:38:5a:4f:2a:61:9a:68:be:
4a:e6:cd:ae:09:e4:8c:cb:3f:cf:1f:21:50:a1:67:76:38:b7:
34:e0:06:50:d7:96:79:e0:59:ff:57:a6:1f:c0:42:70:b6:dc:
06:00:96:be:98:63:06:65:03:e5:7b:c5:e2:92:7e:b8:28:f5:
92:a3:65:3c:8c:c4:67:43:69:99:3a:71:d5:a5:e6:33:eb:37:
69:7a:e4:e9:41:41:9d:a4:c1:10:e1:16:51:d7:f0:f4:c5:74:
de:d2:a2:bc:34:98:fc:d5:89:e4:58:ee:ee:63:9f:d8:e7:a3:
9f:a6:cd:bb:a3:74:f0:ee:48:cd:0e:9a:05:2a:b0:d3:7c:1e:
c6:8d:1c:d8
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUaafD3aEvhzJhL5rmNp/Ro1I6/KwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA4MTYwMTQzMjRaFw0yNjA4MTUwMTQ4MjRaMDMxMTAvBgNV
BAMTKEI4QzkyNkE2MjczMkNBNkMzOTZEMkM3QzJBRjBFMjE1MzhGMUQxMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfZUoEuathJVzN1FufsTDqdPDo
7BGoln6KWpHytajoIjKz8s5gim4bqRpKhGggdPQzQVHg4500UAqTwWe/c4FJ6Kil
uYMpxc5oqSewbUiEGOIUAFf/1kUGLn8+5YtjzUbvVA1i+cS6zy5guvbLtgUiT70/
dv5n6JGlI9WBS2S0TbVnggjnQHPaZii+03empPF/CS7bCAe4IPEOXdWhmAvPbHDC
8lKjdkB0WH9vyK8G6696sdGOwxx2Vs4u9XqVi3e6Q0Vfwi8azns/CcaJ8Suf/+GY
wBqOx3pX1qCyFhOdY17bE6je9atWBoeonMwnSuM/bjfXXinN2HN3pqZssHkBAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUuMkmpicyymw5bSx8KvDiFTjx0TAwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzAzNDNhMzY2NjMwMzMzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoEbwMwDQYJKoZIhvcNAQEL
BQADggEBANHo8c6uqo7Btx/86VcupKua5oXAeovcq2t6rdL2jkTgFJ/RVlRp8wYh
7yaiXhbIkvodpFx1N5I4mPylp8fUdtnLCSivsnPFxH/wyjPWtiQjAprR8TmEn/JY
gihsNh4p6Ph9j261smEMqmpGsl/9f4eBogOTcFI4Wk8qYZpovkrmza4J5IzLP88f
IVChZ3Y4tzTgBlDXlnngWf9Xph/AQnC23AYAlr6YYwZlA+V7xeKSfrgo9ZKjZTyM
xGdDaZk6cdWl5jPrN2l65OlBQZ2kwRDhFlHX8PTFdN7Sorw0mPzVieRY7u5jn9jn
o5+mzbujdPDuSM0OmgUqsNN8HsaNHNg=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:34:34 2025 by rpki-client