Route Origin Authorization
$ rpki-client -vvf repo.rpki.space/repo/Netiface/3/326131343a396530313a3130303a3a2f34302d3438203d3e20323133363530.roa
File: 326131343a396530313a3130303a3a2f34302d3438203d3e20323133363530.roa (raw, json)
Hash identifier: LlJ7tyCGomIraMvtign/aBrCJxnl/8dLagjZil4xPss=
Subject key identifier: 43:4F:93:78:73:2E:E3:03:FC:9A:A4:3C:A7:47:5B:57:CA:4B:83:BB
Certificate issuer: /CN=a640aa61f1d62b9c940459804ae11be99ad43842
Certificate serial: 2E886DC4409758FFCC97B427A6E958F204627E5D
Authority key identifier: A6:40:AA:61:F1:D6:2B:9C:94:04:59:80:4A:E1:1B:E9:9A:D4:38:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkCqYfHWK5yUBFmASuEb6ZrUOEI.cer
Subject info access: rsync://repo.rpki.space/repo/Netiface/3/326131343a396530313a3130303a3a2f34302d3438203d3e20323133363530.roa
Signing time: Mon 06 Jan 2025 14:51:32 +0000
ROA not before: Mon 06 Jan 2025 14:46:32 +0000
ROA not after: Mon 05 Jan 2026 14:51:32 +0000
asID: 213650
IP address blocks: 2a14:9e01:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://repo.rpki.space/repo/Netiface/3/A640AA61F1D62B9C940459804AE11BE99AD43842.crl
rsync://repo.rpki.space/repo/Netiface/3/A640AA61F1D62B9C940459804AE11BE99AD43842.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkCqYfHWK5yUBFmASuEb6ZrUOEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:03:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:88:6d:c4:40:97:58:ff:cc:97:b4:27:a6:e9:58:f2:04:62:7e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a640aa61f1d62b9c940459804ae11be99ad43842
Validity
Not Before: Jan 6 14:46:32 2025 GMT
Not After : Jan 5 14:51:32 2026 GMT
Subject: CN=434F9378732EE303FC9AA43CA7475B57CA4B83BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7f:d2:10:10:1c:b9:e5:7e:17:c7:8c:b3:b8:
a2:cd:02:32:0d:96:09:79:f3:f0:7f:3a:1e:f5:3c:
e2:f3:ad:5c:5f:5a:c4:d1:99:10:f3:97:9b:60:76:
d9:66:90:bf:9d:38:a5:f2:05:9e:1f:eb:8d:5f:a5:
a2:3d:66:18:4a:8d:56:2c:9f:1f:71:62:79:73:9e:
94:8f:61:63:77:e7:1a:13:f0:71:4e:9d:e8:63:fd:
8a:88:c5:b2:97:65:4d:19:8a:2f:f3:ba:71:31:75:
d0:2d:34:86:e0:eb:3f:36:f8:a5:c2:c7:cb:0f:3b:
02:4b:97:fa:7c:8e:dc:7c:6b:c4:03:d7:45:2d:c4:
7f:cc:e6:8a:05:03:35:ea:0d:52:96:10:be:d4:62:
58:c1:21:40:80:90:21:1b:1a:17:2d:02:ce:7c:69:
88:60:05:bf:4a:d4:90:5d:1d:ae:37:4d:d5:43:78:
6f:66:5c:51:f0:a0:0e:ad:a6:81:12:67:21:dd:f3:
a5:56:47:47:63:c5:3f:9a:89:21:55:03:5e:cc:4a:
f8:39:a1:02:19:12:05:e8:b4:d2:3f:c4:2f:ac:fb:
1e:e9:1d:5d:09:cb:e7:f9:2f:6f:06:93:b5:f9:37:
6d:51:75:21:eb:04:2b:30:4a:61:5a:2e:2e:35:3c:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:4F:93:78:73:2E:E3:03:FC:9A:A4:3C:A7:47:5B:57:CA:4B:83:BB
X509v3 Authority Key Identifier:
keyid:A6:40:AA:61:F1:D6:2B:9C:94:04:59:80:4A:E1:1B:E9:9A:D4:38:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.rpki.space/repo/Netiface/3/A640AA61F1D62B9C940459804AE11BE99AD43842.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkCqYfHWK5yUBFmASuEb6ZrUOEI.cer
Subject Information Access:
Signed Object - URI:rsync://repo.rpki.space/repo/Netiface/3/326131343a396530313a3130303a3a2f34302d3438203d3e20323133363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9e01:100::/40
Signature Algorithm: sha256WithRSAEncryption
9a:7c:fb:06:df:76:6f:6c:9e:8e:a4:c9:f9:93:ba:36:97:67:
c4:76:8a:5c:9d:d9:3c:28:cc:58:dd:a6:41:96:bd:9a:3a:39:
ee:d8:26:1f:ac:3a:bd:d2:13:73:98:a0:42:a8:64:da:d9:43:
ae:0c:f9:98:66:d7:2e:a2:a4:f0:17:28:ac:e1:b3:95:91:7f:
59:73:10:69:78:de:51:37:55:15:1f:84:82:bf:10:09:5f:97:
3f:fa:5d:6d:c2:f9:55:52:e9:49:49:90:59:ef:e4:df:9a:b6:
a2:93:90:30:01:3f:bc:4d:61:fd:58:6b:6d:75:24:e0:5a:d3:
e8:16:29:7c:37:0c:84:20:bd:7a:e6:ca:eb:21:ca:f4:6a:55:
be:e3:61:a0:a7:e3:fc:f3:8c:b9:d6:a7:92:da:11:6f:f3:96:
e3:df:d0:32:23:14:3e:68:05:58:18:bb:79:a0:18:3a:df:67:
1e:07:26:fa:91:c8:91:f6:3c:68:f6:e4:b6:ff:8a:4a:18:ed:
d8:96:e9:81:dc:f5:e8:d7:c4:f8:6c:90:b6:f0:21:d5:91:4c:
fc:f4:1c:8b:85:3b:94:9d:fe:bf:9d:f4:67:64:1e:aa:d1:54:
d1:8f:50:ac:ed:7c:a9:94:4b:dd:03:c6:2b:83:21:35:34:91:
63:63:3b:31
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIULohtxECXWP/Ml7QnpulY8gRifl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTY0MGFhNjFmMWQ2MmI5Yzk0MDQ1OTgwNGFlMTFiZTk5
YWQ0Mzg0MjAeFw0yNTAxMDYxNDQ2MzJaFw0yNjAxMDUxNDUxMzJaMDMxMTAvBgNV
BAMTKDQzNEY5Mzc4NzMyRUUzMDNGQzlBQTQzQ0E3NDc1QjU3Q0E0QjgzQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnf9IQEBy55X4Xx4yzuKLNAjIN
lgl58/B/Oh71POLzrVxfWsTRmRDzl5tgdtlmkL+dOKXyBZ4f641fpaI9ZhhKjVYs
nx9xYnlznpSPYWN35xoT8HFOnehj/YqIxbKXZU0Zii/zunExddAtNIbg6z82+KXC
x8sPOwJLl/p8jtx8a8QD10UtxH/M5ooFAzXqDVKWEL7UYljBIUCAkCEbGhctAs58
aYhgBb9K1JBdHa43TdVDeG9mXFHwoA6tpoESZyHd86VWR0djxT+aiSFVA17MSvg5
oQIZEgXotNI/xC+s+x7pHV0Jy+f5L28Gk7X5N21RdSHrBCswSmFaLi41PJznAgMB
AAGjggHnMIIB4zAdBgNVHQ4EFgQUQ0+TeHMu4wP8mqQ8p0dbV8pLg7swHwYDVR0j
BBgwFoAUpkCqYfHWK5yUBFmASuEb6ZrUOEIwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vTmV0aWZh
Y2UvMy9BNjQwQUE2MUYxRDYyQjlDOTQwNDU5ODA0QUUxMUJFOTlBRDQzODQyLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcGtDcVlmSFdLNXlVQkZtQVN1RWI2WnJV
T0VJLmNlcjCBhgYIKwYBBQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3Jl
cG8ucnBraS5zcGFjZS9yZXBvL05ldGlmYWNlLzMvMzI2MTMxMzQzYTM5NjUzMDMx
M2EzMTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzMzNjM1MzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFJ4BATANBgkqhkiG9w0BAQsFAAOCAQEAmnz7Bt92b2yejqTJ+ZO6
NpdnxHaKXJ3ZPCjMWN2mQZa9mjo57tgmH6w6vdITc5igQqhk2tlDrgz5mGbXLqKk
8BcorOGzlZF/WXMQaXjeUTdVFR+Egr8QCV+XP/pdbcL5VVLpSUmQWe/k35q2opOQ
MAE/vE1h/VhrbXUk4FrT6BYpfDcMhCC9eubK6yHK9GpVvuNhoKfj/POMudanktoR
b/OW49/QMiMUPmgFWBi7eaAYOt9nHgcm+pHIkfY8aPbktv+KShjt2Jbpgdz16NfE
+GyQtvAh1ZFM/PQci4U7lJ3+v530Z2QeqtFU0Y9QrO18qZRL3QPGK4MhNTSRY2M7
MQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:56:43 2025 by rpki-client