Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130613a616363313a3a2f33322d3438203d3e2033323538.roa
File: 326130613a616363313a3a2f33322d3438203d3e2033323538.roa (raw, json)
Hash identifier: k3WhvlOw33fbL/Ek9DrslMmOnw7yG0zjYzxS5Y1LXoU=
Subject key identifier: B9:4F:78:A8:BF:2F:93:3E:D1:42:FE:EB:F7:4F:55:C2:6E:C7:06:EC
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 63D1803C148042514610D90C8A79E4B3855BCEBA
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363313a3a2f33322d3438203d3e2033323538.roa
Signing time: Sat 16 Aug 2025 01:48:24 +0000
ROA not before: Sat 16 Aug 2025 01:43:24 +0000
ROA not after: Sat 15 Aug 2026 01:48:24 +0000
asID: 3258
IP address blocks: 2a0a:acc1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:46:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d1:80:3c:14:80:42:51:46:10:d9:0c:8a:79:e4:b3:85:5b:ce:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 16 01:43:24 2025 GMT
Not After : Aug 15 01:48:24 2026 GMT
Subject: CN=B94F78A8BF2F933ED142FEEBF74F55C26EC706EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:1c:a5:ba:c9:82:77:7d:06:ef:15:be:79:
fb:d2:3a:fc:86:4c:2c:6a:1c:79:d0:5c:fc:54:06:
4c:cc:04:c4:22:27:ac:2c:81:40:e4:b5:eb:42:31:
de:94:af:9a:56:a8:a8:ca:2c:b4:e3:8b:44:45:40:
ef:04:40:fa:9f:76:24:1d:95:7d:cc:d8:d4:56:d7:
02:30:fe:97:d0:46:a5:4e:8c:f2:0b:a9:e1:d3:d4:
42:22:dc:c9:46:44:4d:c5:1b:5a:cc:c5:11:6a:70:
35:cd:1e:4e:f9:ab:e4:33:26:ee:c6:4b:74:f7:84:
f9:64:84:65:7f:fe:fa:95:15:7d:77:a6:a4:71:16:
3c:0b:80:1e:35:42:dc:a6:c4:74:1e:36:f9:99:19:
12:2e:d9:b4:b3:59:ea:06:7f:0c:39:bf:1a:78:78:
4c:7a:5a:4c:fe:79:ec:0c:9c:d1:04:4c:a5:a5:d3:
aa:f4:aa:f9:10:88:b3:ed:00:bd:e1:00:6e:c3:d6:
c7:ea:40:20:5e:8f:98:da:29:7b:25:a6:a0:0b:78:
6e:7c:59:59:06:7d:6c:5d:04:6d:4c:9e:52:20:a8:
71:74:fc:fc:60:97:c1:f7:b4:93:0e:f4:3d:78:6a:
ce:fb:4c:f4:43:f0:fa:8d:cb:3c:38:35:21:6a:17:
2e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4F:78:A8:BF:2F:93:3E:D1:42:FE:EB:F7:4F:55:C2:6E:C7:06:EC
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363313a3a2f33322d3438203d3e2033323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:acc1::/32
Signature Algorithm: sha256WithRSAEncryption
44:5d:a4:08:a1:9e:54:94:31:ab:43:67:a0:12:2d:af:9d:c8:
85:64:fd:9b:f3:9b:53:ba:d6:27:85:e9:ec:6e:c1:3f:1c:3a:
f4:91:c7:74:f9:a2:3c:9f:71:01:fa:21:d0:f3:d9:76:93:f5:
18:39:b3:2a:6a:70:78:cd:5d:2f:c3:fb:fa:de:a3:a5:80:2c:
c1:04:cb:da:4b:e4:35:c3:52:a1:54:ad:4e:c9:88:06:eb:7d:
36:88:c7:a1:9b:0e:99:ea:8d:14:e3:ec:91:76:00:33:c4:32:
d4:60:90:d6:a1:c3:5f:60:55:0b:8b:1d:a5:94:b1:62:0c:31:
8f:5f:32:d9:d3:e9:32:b4:18:c7:56:73:b0:75:8c:0f:dd:5d:
91:51:fa:af:2e:a1:55:7d:0f:73:bc:bc:96:2c:f5:e1:83:c4:
90:95:68:c6:33:84:6c:4d:af:fd:9f:0d:1f:79:58:9e:69:57:
f3:07:6c:f1:a3:7a:f5:9d:7a:aa:6c:51:c5:89:da:bc:63:68:
44:4f:fc:2d:f2:1c:d9:1d:07:bd:4e:a5:10:a7:69:a5:d3:5d:
98:de:e1:91:ce:1b:5e:b0:42:a0:63:39:65:98:eb:1f:56:58:
ec:73:0b:b6:43:dd:b2:5f:e4:3d:40:c4:90:ba:d7:98:6f:3c:
24:19:f6:c8
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUY9GAPBSAQlFGENkMinnks4VbzrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA4MTYwMTQzMjRaFw0yNjA4MTUwMTQ4MjRaMDMxMTAvBgNV
BAMTKEI5NEY3OEE4QkYyRjkzM0VEMTQyRkVFQkY3NEY1NUMyNkVDNzA2RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvUxylusmCd30G7xW+efvSOvyG
TCxqHHnQXPxUBkzMBMQiJ6wsgUDktetCMd6Ur5pWqKjKLLTji0RFQO8EQPqfdiQd
lX3M2NRW1wIw/pfQRqVOjPILqeHT1EIi3MlGRE3FG1rMxRFqcDXNHk75q+QzJu7G
S3T3hPlkhGV//vqVFX13pqRxFjwLgB41QtymxHQeNvmZGRIu2bSzWeoGfww5vxp4
eEx6Wkz+eewMnNEETKWl06r0qvkQiLPtAL3hAG7D1sfqQCBej5jaKXslpqALeG58
WVkGfWxdBG1MnlIgqHF0/Pxgl8H3tJMO9D14as77TPRD8PqNyzw4NSFqFy61AgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUuU94qL8vkz7RQv7r909Vwm7HBuwwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzA2MTNhNjE2MzYzMzEzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzMzMyMzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKrMEwDQYJKoZIhvcNAQEL
BQADggEBAERdpAihnlSUMatDZ6ASLa+dyIVk/Zvzm1O61ieF6exuwT8cOvSRx3T5
ojyfcQH6IdDz2XaT9Rg5sypqcHjNXS/D+/reo6WALMEEy9pL5DXDUqFUrU7JiAbr
fTaIx6GbDpnqjRTj7JF2ADPEMtRgkNahw19gVQuLHaWUsWIMMY9fMtnT6TK0GMdW
c7B1jA/dXZFR+q8uoVV9D3O8vJYs9eGDxJCVaMYzhGxNr/2fDR95WJ5pV/MHbPGj
evWdeqpsUcWJ2rxjaERP/C3yHNkdB71OpRCnaaXTXZje4ZHOG16wQqBjOWWY6x9W
WOxzC7ZD3bJf5D1AxJC615hvPCQZ9sg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:08:27 2025 by rpki-client