Route Origin Authorization
$ rpki-client -vvf repo.rpki.space/repo/Netiface/3/326131343a396530303a3430303a3a2f33382d3338203d3e2030.roa
File: 326131343a396530303a3430303a3a2f33382d3338203d3e2030.roa (raw, json)
Hash identifier: xjfkdIlYBgSQ/OgvXVyyGTYWazwIv9I7ClkzF5Sz0e8=
Subject key identifier: 88:00:3B:AF:4A:44:B5:7C:A2:79:5C:1B:54:8E:65:50:10:EC:59:AD
Certificate issuer: /CN=a640aa61f1d62b9c940459804ae11be99ad43842
Certificate serial: 5A3D8666F7C939C775B96B86A622975F1A839DDC
Authority key identifier: A6:40:AA:61:F1:D6:2B:9C:94:04:59:80:4A:E1:1B:E9:9A:D4:38:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkCqYfHWK5yUBFmASuEb6ZrUOEI.cer
Subject info access: rsync://repo.rpki.space/repo/Netiface/3/326131343a396530303a3430303a3a2f33382d3338203d3e2030.roa
Signing time: Fri 23 May 2025 23:57:20 +0000
ROA not before: Fri 23 May 2025 23:52:20 +0000
ROA not after: Fri 22 May 2026 23:57:20 +0000
asID: 0
IP address blocks: 2a14:9e00:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://repo.rpki.space/repo/Netiface/3/A640AA61F1D62B9C940459804AE11BE99AD43842.crl
rsync://repo.rpki.space/repo/Netiface/3/A640AA61F1D62B9C940459804AE11BE99AD43842.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkCqYfHWK5yUBFmASuEb6ZrUOEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 13:09:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3d:86:66:f7:c9:39:c7:75:b9:6b:86:a6:22:97:5f:1a:83:9d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a640aa61f1d62b9c940459804ae11be99ad43842
Validity
Not Before: May 23 23:52:20 2025 GMT
Not After : May 22 23:57:20 2026 GMT
Subject: CN=88003BAF4A44B57CA2795C1B548E655010EC59AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2b:7a:d0:a5:6d:07:69:c4:c6:79:34:9a:92:
d3:ca:76:98:3f:95:a8:48:d7:e4:17:ff:cc:6f:2a:
88:a7:de:b1:63:0d:11:58:15:4d:37:76:6a:04:6e:
5c:b0:47:99:57:34:fd:de:30:d2:70:18:85:1e:a4:
14:2a:57:54:72:e2:1d:86:0c:89:ef:3e:20:6b:56:
10:ea:e1:88:69:a8:d7:55:a4:b6:96:55:26:97:ad:
8b:8e:fb:e6:31:50:98:b6:6e:70:a4:2a:26:94:0e:
67:c5:a2:90:f0:ca:c5:48:2c:24:17:5e:0d:34:33:
6b:8c:24:b4:e5:43:83:08:2f:df:21:d3:6c:52:9c:
63:41:04:bd:19:d3:a2:f2:77:a9:17:11:f3:5a:ae:
41:5d:4a:4c:c7:b7:98:95:59:59:97:5c:d1:9c:3b:
03:74:9c:57:a8:7a:f8:c0:c5:88:8c:23:84:71:86:
9c:42:25:8b:32:50:bd:2a:ae:37:ac:9c:a7:aa:81:
a5:d0:bc:5f:6b:45:28:ae:b0:07:3f:d1:48:e4:3e:
53:65:c0:25:77:6b:ad:38:da:a4:91:46:9c:ec:61:
69:06:04:7a:e3:a3:db:8e:b3:18:2e:37:f0:5b:7e:
32:86:8a:07:79:1d:1f:40:3b:14:30:c8:8b:1c:45:
b7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:00:3B:AF:4A:44:B5:7C:A2:79:5C:1B:54:8E:65:50:10:EC:59:AD
X509v3 Authority Key Identifier:
keyid:A6:40:AA:61:F1:D6:2B:9C:94:04:59:80:4A:E1:1B:E9:9A:D4:38:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.rpki.space/repo/Netiface/3/A640AA61F1D62B9C940459804AE11BE99AD43842.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkCqYfHWK5yUBFmASuEb6ZrUOEI.cer
Subject Information Access:
Signed Object - URI:rsync://repo.rpki.space/repo/Netiface/3/326131343a396530303a3430303a3a2f33382d3338203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9e00:400::/38
Signature Algorithm: sha256WithRSAEncryption
20:95:ae:0f:14:9d:30:29:b6:19:bc:90:43:5b:e4:e9:f9:d6:
cc:96:68:59:f1:a2:cb:80:3a:d2:df:0e:eb:fb:e6:92:6a:43:
31:b0:58:2b:5a:5a:01:32:48:ed:7f:1a:8d:96:75:ea:c6:72:
e3:d8:a0:2b:db:d8:52:72:e2:b3:e6:8a:d0:75:90:86:1e:61:
a9:94:71:31:c0:b5:0c:30:43:c2:a0:6a:74:dc:64:82:f5:9e:
61:b3:5c:5d:df:0b:77:65:67:38:8a:a4:16:6b:30:56:f3:50:
f2:aa:0f:1a:87:80:10:d5:ab:e8:5a:2e:b3:79:e2:26:64:63:
08:a1:6a:d2:43:a0:87:26:80:b6:f6:a6:52:f4:d7:72:59:bf:
e5:51:6d:38:ec:33:de:6a:a7:c2:30:82:8e:d6:2e:d4:98:08:
17:f3:4e:40:5d:03:7a:c0:b1:31:33:58:1c:31:8c:08:c8:2c:
f1:98:2d:6f:08:96:9f:8d:3d:a9:5c:d4:11:d9:49:6d:bf:20:
71:cb:8d:74:9b:ff:b3:d4:54:84:b5:81:1a:eb:86:b3:e2:dd:
e9:d8:b9:49:35:4e:16:d6:71:03:be:79:1e:7f:52:2c:ea:a0:
3e:ed:e2:33:e9:7c:77:77:d4:69:9b:5f:76:8e:d3:a1:e9:af:
2e:5e:85:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIUWj2GZvfJOcd1uWuGpiKXXxqDndwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTY0MGFhNjFmMWQ2MmI5Yzk0MDQ1OTgwNGFlMTFiZTk5
YWQ0Mzg0MjAeFw0yNTA1MjMyMzUyMjBaFw0yNjA1MjIyMzU3MjBaMDMxMTAvBgNV
BAMTKDg4MDAzQkFGNEE0NEI1N0NBMjc5NUMxQjU0OEU2NTUwMTBFQzU5QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEK3rQpW0HacTGeTSaktPKdpg/
lahI1+QX/8xvKoin3rFjDRFYFU03dmoEblywR5lXNP3eMNJwGIUepBQqV1Ry4h2G
DInvPiBrVhDq4YhpqNdVpLaWVSaXrYuO++YxUJi2bnCkKiaUDmfFopDwysVILCQX
Xg00M2uMJLTlQ4MIL98h02xSnGNBBL0Z06Lyd6kXEfNarkFdSkzHt5iVWVmXXNGc
OwN0nFeoevjAxYiMI4RxhpxCJYsyUL0qrjesnKeqgaXQvF9rRSiusAc/0UjkPlNl
wCV3a6042qSRRpzsYWkGBHrjo9uOsxguN/BbfjKGigd5HR9AOxQwyIscRbfrAgMB
AAGjggHcMIIB2DAdBgNVHQ4EFgQUiAA7r0pEtXyieVwbVI5lUBDsWa0wHwYDVR0j
BBgwFoAUpkCqYfHWK5yUBFmASuEb6ZrUOEIwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vTmV0aWZh
Y2UvMy9BNjQwQUE2MUYxRDYyQjlDOTQwNDU5ODA0QUUxMUJFOTlBRDQzODQyLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcGtDcVlmSFdLNXlVQkZtQVN1RWI2WnJV
T0VJLmNlcjB8BggrBgEFBQcBCwRwMG4wbAYIKwYBBQUHMAuGYHJzeW5jOi8vcmVw
by5ycGtpLnNwYWNlL3JlcG8vTmV0aWZhY2UvMy8zMjYxMzEzNDNhMzk2NTMwMzAz
YTM0MzAzMDNhM2EyZjMzMzgyZDMzMzgyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhSe
AAQwDQYJKoZIhvcNAQELBQADggEBACCVrg8UnTApthm8kENb5On51syWaFnxosuA
OtLfDuv75pJqQzGwWCtaWgEySO1/Go2WderGcuPYoCvb2FJy4rPmitB1kIYeYamU
cTHAtQwwQ8KganTcZIL1nmGzXF3fC3dlZziKpBZrMFbzUPKqDxqHgBDVq+haLrN5
4iZkYwihatJDoIcmgLb2plL013JZv+VRbTjsM95qp8Iwgo7WLtSYCBfzTkBdA3rA
sTEzWBwxjAjILPGYLW8Ilp+NPalc1BHZSW2/IHHLjXSb/7PUVIS1gRrrhrPi3enY
uUk1ThbWcQO+eR5/UizqoD7t4jPpfHd31GmbX3aO06Hpry5ehZI=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:08:49 2025 by rpki-client