Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa
File: 326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa (raw, json)
Hash identifier: 3RR/tChAl9rQ65lZoN0xuG5Qnqe19yLrwMMMNK0VPrQ=
Subject key identifier: F1:AC:02:0D:83:2C:63:66:F2:0D:B0:FC:83:7F:C1:67:4E:A9:C5:BB
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 2232E527B7B1B703A611EEDA8A308EDC6905C1E6
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa
Signing time: Wed 25 Mar 2026 12:56:13 +0000
ROA not before: Wed 25 Mar 2026 12:51:13 +0000
ROA not after: Wed 24 Mar 2027 12:56:13 +0000
asID: 212512
IP address blocks: 2a0b:2542:1300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:32:e5:27:b7:b1:b7:03:a6:11:ee:da:8a:30:8e:dc:69:05:c1:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: Mar 25 12:51:13 2026 GMT
Not After : Mar 24 12:56:13 2027 GMT
Subject: CN=F1AC020D832C6366F20DB0FC837FC1674EA9C5BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7b:fa:12:26:bf:7c:9f:fe:85:05:e8:7c:26:
fb:02:f4:eb:6c:57:ce:79:82:a9:4b:3d:7b:2b:d6:
42:9b:2d:f7:4b:7e:3d:58:1b:4f:ab:16:17:49:f1:
98:37:c5:2d:b9:5e:5a:95:bb:2f:20:26:ae:f2:df:
b2:7f:c2:ba:fa:96:8b:5c:67:86:15:ac:5f:9c:ac:
87:50:c5:8c:2e:87:94:c2:0a:47:f5:62:76:05:1c:
27:cd:5c:ae:ba:20:29:4a:fd:84:74:4a:43:0f:5d:
d8:18:d5:7b:74:8a:a2:67:1f:41:dc:14:e4:2b:87:
18:b4:3c:f3:f7:6d:ce:db:8b:a1:72:bb:d4:a0:71:
f1:6d:06:6b:19:73:fb:ec:e5:8b:04:a4:2e:39:3a:
2c:0e:96:62:97:53:86:f5:3f:e3:fc:65:50:c9:72:
37:c0:1e:c6:63:a8:58:d9:41:71:a6:ae:9c:dc:7b:
05:66:ff:62:56:5e:aa:a9:a4:88:10:8b:17:64:45:
ec:eb:c3:10:dd:ca:0d:4a:b0:3a:41:d4:66:97:b5:
14:38:c2:7f:6b:4f:79:91:05:02:8e:db:2e:42:43:
6a:a6:02:1c:11:54:23:8a:2d:bc:14:5d:6f:41:0b:
0c:12:84:18:04:ad:a1:81:82:17:f6:63:2e:b6:d6:
66:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AC:02:0D:83:2C:63:66:F2:0D:B0:FC:83:7F:C1:67:4E:A9:C5:BB
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a313330303a3a2f34302d3438203d3e20323132353132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:1300::/40
Signature Algorithm: sha256WithRSAEncryption
85:9c:fd:db:8f:0c:a9:70:c4:1b:c5:3c:39:80:69:29:14:04:
85:5f:e0:44:de:3e:70:90:96:c3:a8:ce:aa:17:0a:f0:78:c1:
fe:3c:19:c7:85:06:b5:c5:ed:d6:6b:58:cd:28:da:4b:8e:86:
63:14:c6:38:ef:67:31:b2:fa:51:8e:e2:ce:2b:50:91:f3:9c:
40:72:02:5d:9b:c9:a0:92:3a:55:55:52:5c:10:a4:84:bf:2b:
cf:97:c7:b6:16:6e:de:6e:3d:44:3d:de:d1:03:06:de:a2:23:
d5:a3:c3:b3:96:d2:b7:24:78:c2:44:31:4f:83:a5:5b:7e:05:
9f:b6:bf:8f:8b:b5:cd:11:0c:8a:90:4e:9f:15:31:06:94:5f:
f3:87:5d:21:b0:fe:46:e1:df:2a:79:84:16:57:77:ac:a9:fd:
d1:ab:3c:c6:77:e1:9f:2c:60:ce:42:52:f6:9b:91:0a:e2:72:
bd:90:96:dc:75:e3:d7:c0:9e:f6:59:8a:ec:ad:f4:5c:ce:43:
a8:12:50:25:21:7d:0a:7d:a2:b9:c2:3d:22:a9:ef:73:0f:83:
5d:19:9e:63:b4:53:78:df:ee:4e:95:59:6a:69:91:4e:82:6c:
05:48:90:bf:cf:93:b1:27:e5:96:0d:19:4b:ba:d7:e5:c5:7e:
94:70:f6:f3
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIUIjLlJ7extwOmEe7aijCO3GkFweYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNjAzMjUxMjUxMTNaFw0yNzAzMjQxMjU2MTNaMDMxMTAvBgNV
BAMTKEYxQUMwMjBEODMyQzYzNjZGMjBEQjBGQzgzN0ZDMTY3NEVBOUM1QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCCe/oSJr98n/6FBeh8JvsC9Ots
V855gqlLPXsr1kKbLfdLfj1YG0+rFhdJ8Zg3xS25XlqVuy8gJq7y37J/wrr6lotc
Z4YVrF+crIdQxYwuh5TCCkf1YnYFHCfNXK66IClK/YR0SkMPXdgY1Xt0iqJnH0Hc
FOQrhxi0PPP3bc7bi6Fyu9SgcfFtBmsZc/vs5YsEpC45OiwOlmKXU4b1P+P8ZVDJ
cjfAHsZjqFjZQXGmrpzcewVm/2JWXqqppIgQixdkRezrwxDdyg1KsDpB1GaXtRQ4
wn9rT3mRBQKO2y5CQ2qmAhwRVCOKLbwUXW9BCwwShBgEraGBghf2Yy621mbDAgMB
AAGjggHdMIIB2TAdBgNVHQ4EFgQU8awCDYMsY2byDbD8g3/BZ06pxbswHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBggYIKwYBBQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzMTMzMzAzMDNh
M2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMjM1MzEzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoL
JUITMA0GCSqGSIb3DQEBCwUAA4IBAQCFnP3bjwypcMQbxTw5gGkpFASFX+BE3j5w
kJbDqM6qFwrweMH+PBnHhQa1xe3Wa1jNKNpLjoZjFMY472cxsvpRjuLOK1CR85xA
cgJdm8mgkjpVVVJcEKSEvyvPl8e2Fm7ebj1EPd7RAwbeoiPVo8OzltK3JHjCRDFP
g6VbfgWftr+Pi7XNEQyKkE6fFTEGlF/zh10hsP5G4d8qeYQWV3esqf3RqzzGd+Gf
LGDOQlL2m5EK4nK9kJbcdePXwJ72WYrsrfRczkOoElAlIX0KfaK5wj0iqe9zD4Nd
GZ5jtFN43+5OlVlqaZFOgmwFSJC/z5OxJ+WWDRlLutflxX6UcPbz
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:06:40 2026 by rpki-client