Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130613a616363323a3a2f33322d3438203d3e2036323333.roa
File: 326130613a616363323a3a2f33322d3438203d3e2036323333.roa (raw, json)
Hash identifier: hZE+vEGDZx2Bg6RDX3aP8EnjCJJ1jlWFpbcnYOy9mYQ=
Subject key identifier: D5:3C:58:3E:1B:D3:8E:7E:59:AB:57:18:56:13:C7:9B:8A:22:1B:74
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 12A3F9B2FF14B0C1272F3805ECF91418D84FD9F9
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363323a3a2f33322d3438203d3e2036323333.roa
Signing time: Sat 16 Aug 2025 01:48:23 +0000
ROA not before: Sat 16 Aug 2025 01:43:23 +0000
ROA not after: Sat 15 Aug 2026 01:48:23 +0000
asID: 6233
IP address blocks: 2a0a:acc2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:46:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a3:f9:b2:ff:14:b0:c1:27:2f:38:05:ec:f9:14:18:d8:4f:d9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Aug 16 01:43:23 2025 GMT
Not After : Aug 15 01:48:23 2026 GMT
Subject: CN=D53C583E1BD38E7E59AB57185613C79B8A221B74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:5d:42:58:cf:df:a6:76:54:88:6b:94:e7:
57:75:95:22:ec:13:fb:3a:aa:36:54:7b:63:47:17:
c4:31:05:f8:ba:da:b6:8e:d0:13:1e:f4:2e:6f:2e:
96:5d:8d:05:ab:02:eb:36:66:fc:f1:a6:e5:b9:65:
1f:4a:11:4f:0d:16:c5:ae:ed:eb:8c:29:ed:d8:c7:
b4:cd:fe:cb:bf:e7:09:5c:73:03:aa:e8:31:60:fb:
83:70:b2:7f:2f:19:1e:76:6f:30:d6:38:6c:56:ba:
1d:2e:33:e5:c1:ab:2d:8b:eb:97:41:d9:9a:aa:d7:
3c:46:df:d5:7d:cf:20:aa:7f:24:a3:66:c4:e5:27:
c0:50:13:f8:d4:86:86:a1:78:7a:df:ca:d0:ce:9c:
5b:b9:a8:40:28:8a:27:dc:b4:8e:15:96:af:ba:06:
c3:bb:ee:81:f4:f0:a4:28:b5:f2:17:2d:9e:cc:ff:
6c:c0:f3:33:a5:14:87:c0:30:f1:71:ca:ed:74:62:
33:1f:4c:26:30:25:89:12:79:5e:62:31:c0:2e:c7:
19:27:ff:33:a5:2f:52:94:51:22:eb:a7:f9:64:71:
03:0f:19:23:45:cf:68:ef:e5:b3:57:fe:6b:9c:59:
e6:d0:35:51:30:50:a7:38:77:42:03:dc:ec:f9:2c:
7c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3C:58:3E:1B:D3:8E:7E:59:AB:57:18:56:13:C7:9B:8A:22:1B:74
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130613a616363323a3a2f33322d3438203d3e2036323333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:acc2::/32
Signature Algorithm: sha256WithRSAEncryption
8f:81:08:7e:9f:83:47:d7:79:a3:02:6b:24:17:82:d0:e8:3c:
b8:f1:34:44:0a:40:d8:7f:d5:c2:fb:8e:ef:12:61:75:a4:c9:
3e:bc:ee:2c:80:b4:23:01:3e:3c:7b:76:bc:2e:89:7c:73:89:
7d:5b:06:25:d2:4e:c5:7a:fa:d6:a9:e6:5d:ba:8a:85:ef:76:
20:35:d8:cd:4c:6e:a6:81:e9:8e:27:a1:8b:6a:1b:f0:1b:58:
f8:d2:4e:ea:b0:f6:ef:72:88:8a:60:5d:0f:3d:12:58:2c:62:
c2:71:e7:de:69:15:ba:91:7c:21:d2:a2:b9:ed:ea:fb:32:61:
b6:9b:c5:3e:18:5d:fd:21:c5:9e:07:a4:28:8f:e1:8e:10:38:
b3:18:37:7e:8a:1d:d0:47:8f:8e:2d:82:d0:95:ad:aa:d9:3b:
50:2d:ea:ae:24:a9:d6:83:10:73:71:98:65:52:65:11:82:d1:
1a:b1:0b:90:01:3e:87:ee:ae:e0:40:87:ff:e2:34:ca:34:53:
04:2f:73:2c:3c:fe:02:30:3a:b2:e3:87:3b:d6:21:6c:c3:2a:
a1:f3:c7:88:a0:49:18:ea:63:83:2b:e1:e2:ca:ae:c0:d3:4a:
14:95:5d:c9:10:61:28:e2:f2:fc:5b:f8:f5:6b:2c:c0:19:59:
1b:88:2c:d3
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUEqP5sv8UsMEnLzgF7PkUGNhP2fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNTA4MTYwMTQzMjNaFw0yNjA4MTUwMTQ4MjNaMDMxMTAvBgNV
BAMTKEQ1M0M1ODNFMUJEMzhFN0U1OUFCNTcxODU2MTNDNzlCOEEyMjFCNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbv11CWM/fpnZUiGuU51d1lSLs
E/s6qjZUe2NHF8QxBfi62raO0BMe9C5vLpZdjQWrAus2ZvzxpuW5ZR9KEU8NFsWu
7euMKe3Yx7TN/su/5wlccwOq6DFg+4Nwsn8vGR52bzDWOGxWuh0uM+XBqy2L65dB
2Zqq1zxG39V9zyCqfySjZsTlJ8BQE/jUhoaheHrfytDOnFu5qEAoiifctI4Vlq+6
BsO77oH08KQotfIXLZ7M/2zA8zOlFIfAMPFxyu10YjMfTCYwJYkSeV5iMcAuxxkn
/zOlL1KUUSLrp/lkcQMPGSNFz2jv5bNX/mucWebQNVEwUKc4d0ID3Oz5LHxzAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQU1TxYPhvTjn5Zq1cYVhPHm4oiG3QwHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjB0BggrBgEFBQcBCwRoMGYwZAYIKwYBBQUHMAuGWHJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80MS8zMjYxMzA2MTNhNjE2MzYzMzIzYTNhMmYzMzMyMmQz
NDM4MjAzZDNlMjAzNjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKrMIwDQYJKoZIhvcNAQEL
BQADggEBAI+BCH6fg0fXeaMCayQXgtDoPLjxNEQKQNh/1cL7ju8SYXWkyT687iyA
tCMBPjx7drwuiXxziX1bBiXSTsV6+tap5l26ioXvdiA12M1MbqaB6Y4noYtqG/Ab
WPjSTuqw9u9yiIpgXQ89ElgsYsJx595pFbqRfCHSornt6vsyYbabxT4YXf0hxZ4H
pCiP4Y4QOLMYN36KHdBHj44tgtCVrarZO1At6q4kqdaDEHNxmGVSZRGC0RqxC5AB
PofuruBAh//iNMo0UwQvcyw8/gIwOrLjhzvWIWzDKqHzx4igSRjqY4Mr4eLKrsDT
ShSVXckQYSji8vxb+PVrLMAZWRuILNM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:10:35 2025 by rpki-client