Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399114.roa
File: AS399114.roa (raw, json)
Hash identifier: TOxdwDh3FfdAPj/ifzihmKtLP18xlHP/rI3qS/iaX0w=
Subject key identifier: DD:55:49:5A:C8:B6:C4:79:D5:74:04:8E:BD:0D:99:7A:07:B7:D6:F7
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 6FD4409820E038B0DF6AC3EF3A550F8DEF5091DC
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399114.roa
Signing time: Tue 05 Dec 2023 02:44:12 +0000
ROA not before: Tue 05 Dec 2023 02:39:12 +0000
ROA not after: Tue 03 Dec 2024 02:44:12 +0000
asID: 399114
IP address blocks: 5.253.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:d4:40:98:20:e0:38:b0:df:6a:c3:ef:3a:55:0f:8d:ef:50:91:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:12 2023 GMT
Not After : Dec 3 02:44:12 2024 GMT
Subject: CN=DD55495AC8B6C479D574048EBD0D997A07B7D6F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1a:e1:26:a1:cb:96:91:fa:f8:91:a8:cf:07:
94:2d:d1:d8:24:fd:8e:b4:0a:7c:e4:1c:96:02:cc:
58:c2:95:ff:2e:33:39:7a:08:3e:13:b3:8b:44:c0:
47:ee:1d:d7:85:6f:a3:65:94:3e:88:f0:b0:2a:ca:
2b:6e:17:41:f7:ed:b9:1b:09:d0:e2:a6:7c:a3:e1:
a4:bf:a4:3f:f4:1b:8d:ed:dc:50:6c:7c:3c:84:fc:
19:bc:06:68:11:a1:54:16:8b:20:f8:06:76:d3:be:
64:33:3f:81:dd:f8:c5:74:cc:82:66:1b:f4:b4:62:
de:fd:4e:5c:92:17:92:e5:36:8c:55:d4:e6:2e:9e:
e0:6a:74:80:a3:c4:9c:86:dc:49:be:2b:99:60:02:
30:3b:fb:d0:bb:ff:6f:f5:f2:5b:11:c5:12:3e:b9:
2c:b8:7d:21:b9:29:b4:3e:4a:39:60:75:25:4f:d1:
3b:a9:b2:1a:6e:fc:14:81:30:23:b0:2c:55:11:8c:
02:27:e4:74:f2:b7:f5:a8:f9:7f:82:4c:ea:71:5b:
d6:0d:98:78:4e:48:15:0d:17:1b:1b:c2:4d:36:ba:
00:cb:f7:68:ec:8d:f1:c0:46:5b:7d:ce:2f:a1:1c:
1e:7d:d1:76:10:bd:4c:53:f3:43:2d:ae:9b:55:ad:
6e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:55:49:5A:C8:B6:C4:79:D5:74:04:8E:BD:0D:99:7A:07:B7:D6:F7
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399114.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.87.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:9e:fd:4f:bb:4c:65:8e:06:a2:eb:9f:ee:3f:7b:cd:ff:ea:
fa:d7:2a:73:7b:0b:05:14:ed:73:73:5a:d6:72:df:f9:98:11:
42:63:64:40:d1:ec:d6:ee:67:c2:16:44:fa:12:6c:4e:8d:56:
59:f5:3f:4e:a1:c2:b5:06:fd:de:a5:18:8e:d5:f3:33:19:ab:
5c:47:22:b0:3b:f5:a8:34:b4:d1:1d:f7:9f:b0:fd:a3:77:1d:
8f:e0:2d:01:39:90:68:2e:31:ad:36:0f:11:8d:7f:8c:53:41:
34:86:06:3f:56:eb:1a:15:5e:66:ce:61:cf:4b:a1:ee:f6:bf:
d5:ee:97:ad:d7:dc:e8:54:39:9e:84:78:29:77:91:81:96:bf:
88:8e:bd:78:36:eb:87:f6:6f:04:ec:8b:b2:33:6a:e4:4e:46:
84:8d:5b:4c:e7:e6:3c:da:a4:d6:00:31:74:64:a2:a5:ca:5a:
76:fa:10:7f:be:23:3b:2a:33:33:5a:6e:65:2f:2d:b9:2c:f0:
13:11:ee:5b:22:3b:e9:7a:66:ab:04:f5:22:12:e9:6f:ce:b2:
0b:f5:2a:91:d0:82:79:b6:86:bb:3f:33:57:4f:95:7d:93:cf:
70:7e:49:1d:71:c1:1e:54:2e:f1:ba:74:8c:bf:5d:1f:ec:88:
b1:e0:7c:e4
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUb9RAmCDgOLDfasPvOlUPje9QkdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTJaFw0yNDEyMDMwMjQ0MTJaMDMxMTAvBgNV
BAMTKERENTU0OTVBQzhCNkM0NzlENTc0MDQ4RUJEMEQ5OTdBMDdCN0Q2RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOGuEmocuWkfr4kajPB5Qt0dgk
/Y60CnzkHJYCzFjClf8uMzl6CD4Ts4tEwEfuHdeFb6NllD6I8LAqyituF0H37bkb
CdDipnyj4aS/pD/0G43t3FBsfDyE/Bm8BmgRoVQWiyD4BnbTvmQzP4Hd+MV0zIJm
G/S0Yt79TlySF5LlNoxV1OYunuBqdICjxJyG3Em+K5lgAjA7+9C7/2/18lsRxRI+
uSy4fSG5KbQ+SjlgdSVP0Tupshpu/BSBMCOwLFURjAIn5HTyt/Wo+X+CTOpxW9YN
mHhOSBUNFxsbwk02ugDL92jsjfHARlt9zi+hHB590XYQvUxT80MtrptVrW6lAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQU3VVJWsi2xHnVdASOvQ2Zege31vcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk5MTE0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQABf1XMA0GCSqGSIb3DQEBCwUAA4IBAQAfnv1Pu0xl
jgai65/uP3vN/+r61ypzewsFFO1zc1rWct/5mBFCY2RA0ezW7mfCFkT6EmxOjVZZ
9T9OocK1Bv3epRiO1fMzGatcRyKwO/WoNLTRHfefsP2jdx2P4C0BOZBoLjGtNg8R
jX+MU0E0hgY/VusaFV5mzmHPS6Hu9r/V7pet19zoVDmehHgpd5GBlr+Ijr14NuuH
9m8E7IuyM2rkTkaEjVtM5+Y82qTWADF0ZKKlylp2+hB/viM7KjMzWm5lLy25LPAT
Ee5bIjvpemarBPUiEulvzrIL9SqR0IJ5toa7PzNXT5V9k89wfkkdccEeVC7xunSM
v10f7Iix4Hzk
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:16:11 2024 by rpki-client on console-ams.rpki-client.org