Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
File: 326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa (raw, json)
Hash identifier: IzYGyBUr1iUqCws6DgtfA1OIfIPTsryxyrR7PL8GwJI=
Subject key identifier: 14:5B:00:25:79:C3:B8:A6:A6:46:3B:5C:79:B6:8A:DB:9A:C6:3C:EB
Certificate issuer: /CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Certificate serial: 024C27A71405368E8FC1A1215C18D46F464B7C32
Authority key identifier: 39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
Signing time: Tue 05 May 2026 15:56:14 +0000
ROA not before: Tue 05 May 2026 15:51:14 +0000
ROA not after: Tue 04 May 2027 15:56:14 +0000
asID: 197730
IP address blocks: 2a0b:2542:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:34:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:4c:27:a7:14:05:36:8e:8f:c1:a1:21:5c:18:d4:6f:46:4b:7c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f66f45a59b837ed24d6b9f20c60702114b70bb
Validity
Not Before: May 5 15:51:14 2026 GMT
Not After : May 4 15:56:14 2027 GMT
Subject: CN=145B002579C3B8A6A6463B5C79B68ADB9AC63CEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c9:f3:90:eb:8e:7b:fb:08:78:06:1a:ed:49:
47:b9:df:b5:bc:57:91:f9:3d:80:5a:f1:ee:16:c3:
e3:b3:44:fd:d2:aa:88:4e:39:51:5e:ee:be:19:bb:
da:4b:f0:ac:e7:bc:2a:82:dd:1c:47:5c:fd:65:6c:
e4:6b:74:f7:cb:b4:1c:4f:53:41:3f:82:2b:3a:da:
4e:c2:53:9c:c5:4f:ab:33:cf:e1:80:a8:70:a6:d2:
0b:64:e6:d1:f1:a5:c5:08:8e:87:1e:df:7c:39:06:
71:87:ff:df:db:71:9c:e8:99:8e:df:09:ae:81:c8:
ed:78:66:48:4c:3d:04:36:53:bc:50:36:92:85:81:
fd:08:42:5a:a7:13:2d:1c:8f:37:51:4a:c7:66:2d:
78:3e:d4:1d:3f:fa:53:1f:9e:5e:2e:d1:38:ef:39:
c1:bb:30:a5:4b:24:b5:02:81:cb:29:a8:1a:7d:ed:
a5:7f:75:9f:18:40:6c:19:24:78:7c:57:7a:47:3c:
94:59:1e:1a:d0:26:28:f9:5a:c6:4d:60:78:bc:c3:
d6:64:f0:2f:2e:ee:70:2f:61:7b:b8:4e:7b:73:e5:
00:a5:6f:fb:91:7a:50:fb:74:10:d1:57:f3:03:e3:
d7:ba:d5:f5:b3:3f:bd:54:1d:e1:a9:5d:94:b7:b0:
02:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5B:00:25:79:C3:B8:A6:A6:46:3B:5C:79:B6:8A:DB:9A:C6:3C:EB
X509v3 Authority Key Identifier:
keyid:39:F6:6F:45:A5:9B:83:7E:D2:4D:6B:9F:20:C6:07:02:11:4B:70:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/41/39F66F45A59B837ED24D6B9F20C60702114B70BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfZvRaWbg37STWufIMYHAhFLcLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/41/326130623a323534323a3530303a3a2f34302d3438203d3e20313937373330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2542:500::/40
Signature Algorithm: sha256WithRSAEncryption
73:0e:f3:80:58:72:d4:3f:56:45:c9:a1:e4:dc:95:d9:97:2f:
7d:f7:99:4b:15:f1:d0:d3:db:9d:d6:b3:30:de:7a:15:9d:fc:
66:99:24:7e:83:2a:56:a4:7d:07:b6:47:2b:b2:3d:49:32:0b:
05:2d:22:6e:08:7e:f1:45:b0:ab:9f:3b:f4:21:f1:fa:95:ab:
0e:f1:5f:41:13:d7:8a:35:97:d1:ce:4c:64:dc:fe:2d:ef:46:
07:57:cc:93:2b:d4:b8:29:a4:20:4c:d7:b4:b6:86:ba:4d:fa:
4f:1f:43:4b:d2:5a:3f:55:76:d6:85:69:c5:55:e2:96:d4:b1:
f6:98:f9:74:25:c9:ce:1f:e9:09:49:a2:d8:1b:8c:39:49:f1:
9c:51:1d:7c:20:85:98:be:2c:7b:46:23:33:88:0b:7c:97:60:
48:b4:9e:2f:f7:17:81:47:c5:33:fa:7e:c0:36:f3:87:f4:05:
29:4e:b1:57:5c:bd:d6:6d:da:70:74:52:41:06:0f:1e:d5:51:
3e:e9:5e:8c:8f:07:28:d0:d0:21:ca:b0:28:f6:20:59:c0:c7:
ab:e0:09:f4:cd:c6:e3:44:fd:a1:5b:c6:06:d3:27:51:89:e5:
f0:89:6c:8e:56:d9:51:c4:fb:28:7e:66:92:ca:9b:85:66:a7:
5c:90:4f:61
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUAkwnpxQFNo6PwaEhXBjUb0ZLfDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlmNjZmNDVhNTliODM3ZWQyNGQ2YjlmMjBjNjA3MDIx
MTRiNzBiYjAeFw0yNjA1MDUxNTUxMTRaFw0yNzA1MDQxNTU2MTRaMDMxMTAvBgNV
BAMTKDE0NUIwMDI1NzlDM0I4QTZBNjQ2M0I1Qzc5QjY4QURCOUFDNjNDRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOyfOQ6457+wh4BhrtSUe537W8
V5H5PYBa8e4Ww+OzRP3SqohOOVFe7r4Zu9pL8KznvCqC3RxHXP1lbORrdPfLtBxP
U0E/gis62k7CU5zFT6szz+GAqHCm0gtk5tHxpcUIjoce33w5BnGH/9/bcZzomY7f
Ca6ByO14ZkhMPQQ2U7xQNpKFgf0IQlqnEy0cjzdRSsdmLXg+1B0/+lMfnl4u0Tjv
OcG7MKVLJLUCgcspqBp97aV/dZ8YQGwZJHh8V3pHPJRZHhrQJij5WsZNYHi8w9Zk
8C8u7nAvYXu4Tntz5QClb/uRelD7dBDRV/MD49e61fWzP71UHeGpXZS3sAInAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUFFsAJXnDuKamRjtcebaK25rGPOswHwYDVR0j
BBgwFoAUOfZvRaWbg37STWufIMYHAhFLcLswDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80MS8z
OUY2NkY0NUE1OUI4MzdFRDI0RDZCOUYyMEM2MDcwMjExNEI3MEJCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvT2ZadlJhV2JnMzdTVFd1ZklNWUhBaEZMY0xzLmNl
cjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDEvMzI2MTMwNjIzYTMyMzUzNDMyM2EzNTMwMzAzYTNh
MmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM5MzczNzMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCyVC
BTANBgkqhkiG9w0BAQsFAAOCAQEAcw7zgFhy1D9WRcmh5NyV2ZcvffeZSxXx0NPb
ndazMN56FZ38ZpkkfoMqVqR9B7ZHK7I9STILBS0ibgh+8UWwq5879CHx+pWrDvFf
QRPXijWX0c5MZNz+Le9GB1fMkyvUuCmkIEzXtLaGuk36Tx9DS9JaP1V21oVpxVXi
ltSx9pj5dCXJzh/pCUmi2BuMOUnxnFEdfCCFmL4se0YjM4gLfJdgSLSeL/cXgUfF
M/p+wDbzh/QFKU6xV1y91m3acHRSQQYPHtVRPulejI8HKNDQIcqwKPYgWcDHq+AJ
9M3G40T9oVvGBtMnUYnl8IlsjlbZUcT7KH5mksqbhWanXJBPYQ==
-----END CERTIFICATE-----
Generated at Wed May 13 00:40:46 2026 by rpki-client