Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS131745.roa
File: AS131745.roa (raw, json)
Hash identifier: hzlyKDiNcRPbIReNCxW/B6/SEQNeNzsb3nEngxiQIig=
Subject key identifier: 87:68:7A:5A:F8:A6:24:94:6F:8F:AC:0E:7E:7C:E2:5C:F8:F8:D6:A6
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 45574F83D9BCB6F1BC8191C0F060D2F9B9333D06
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS131745.roa
Signing time: Tue 05 Dec 2023 02:44:14 +0000
ROA not before: Tue 05 Dec 2023 02:39:14 +0000
ROA not after: Tue 03 Dec 2024 02:44:14 +0000
asID: 131745
IP address blocks: 2a06:a005:457::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:57:4f:83:d9:bc:b6:f1:bc:81:91:c0:f0:60:d2:f9:b9:33:3d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:14 2023 GMT
Not After : Dec 3 02:44:14 2024 GMT
Subject: CN=87687A5AF8A624946F8FAC0E7E7CE25CF8F8D6A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:62:71:7e:f7:f9:36:40:56:85:ec:60:9b:
31:0d:39:ca:f5:b5:81:a8:07:09:e4:11:8a:1c:fd:
f8:93:f8:0c:19:fc:ef:2f:2e:ec:0f:c1:a1:4e:72:
d7:e2:48:42:7f:a7:e7:28:b1:c7:94:93:7c:4e:ea:
60:be:f3:1d:32:03:61:0c:f4:63:41:e4:21:57:99:
fc:ac:dd:13:12:ae:f2:37:e7:db:28:23:f6:e4:d8:
c9:3b:86:88:0e:c6:44:3b:61:2a:a7:95:76:b0:c3:
c9:f0:d1:ed:03:d1:6f:19:79:f7:da:6e:96:f3:45:
95:ab:8c:9b:d3:7c:ef:fb:60:49:f7:00:96:1e:70:
65:6d:93:35:f3:74:09:25:b8:c0:48:d0:de:95:96:
6d:65:7f:65:ce:08:06:de:c5:4c:7e:63:e3:eb:f1:
8d:81:d4:84:e9:0b:f5:be:94:2e:2f:8c:14:7f:2c:
fe:83:14:7d:46:17:c5:73:db:2b:d4:75:ee:08:ba:
a1:bd:0b:65:8b:6b:ff:b9:88:b4:e7:8e:1d:bd:08:
87:ee:0b:42:37:5f:56:ff:0e:5c:5a:1e:95:ba:7a:
b2:14:df:5a:0f:fe:87:09:23:76:82:83:16:2d:08:
44:ce:2e:9b:ef:93:31:87:be:39:42:0f:95:ff:86:
e5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:7A:5A:F8:A6:24:94:6F:8F:AC:0E:7E:7C:E2:5C:F8:F8:D6:A6
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS131745.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:457::/48
Signature Algorithm: sha256WithRSAEncryption
c8:4a:73:15:ca:07:56:0f:84:be:d0:68:4e:3f:af:ac:24:f2:
72:12:ae:fa:e8:a7:74:b4:a5:36:1e:7e:b4:ae:8b:56:e2:19:
68:79:25:6c:16:7b:71:43:a8:be:1f:ee:7a:98:ec:61:d4:6e:
87:1b:75:26:8d:87:34:68:c7:b6:23:c9:5d:3d:d6:13:22:8b:
47:84:98:ce:8a:1d:48:02:d7:44:53:8e:67:76:b1:30:13:ba:
0b:c5:12:44:d1:a4:71:2c:72:ca:f2:35:2e:ac:e9:f1:fa:c1:
19:49:4e:8a:7a:05:59:bb:c1:9b:09:9d:f5:c8:d4:ae:32:f8:
99:ad:5e:06:1a:5c:4c:84:51:98:1d:82:75:cf:0a:e2:da:0a:
2b:17:89:b1:78:c2:c8:3b:f9:af:48:4b:20:c7:49:ba:0b:f0:
f1:ae:77:7d:29:37:93:5f:bc:17:8e:c2:f4:5c:27:d5:cd:57:
7d:47:c3:01:02:c4:71:cb:f2:90:c3:c7:09:20:87:3f:c5:9b:
73:f0:3e:33:58:ec:f6:e4:99:da:86:71:72:ec:02:ea:57:c0:
bc:98:0b:4c:fd:f9:76:1e:8e:d9:ac:da:5d:46:e6:5d:59:99:
83:e9:fc:d3:90:c8:22:44:75:cc:3a:77:33:7d:31:98:8b:c0:
cf:9f:3d:7f
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIURVdPg9m8tvG8gZHA8GDS+bkzPQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTRaFw0yNDEyMDMwMjQ0MTRaMDMxMTAvBgNV
BAMTKDg3Njg3QTVBRjhBNjI0OTQ2RjhGQUMwRTdFN0NFMjVDRjhGOEQ2QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/bGJxfvf5NkBWhexgmzENOcr1
tYGoBwnkEYoc/fiT+AwZ/O8vLuwPwaFOctfiSEJ/p+cosceUk3xO6mC+8x0yA2EM
9GNB5CFXmfys3RMSrvI359soI/bk2Mk7hogOxkQ7YSqnlXaww8nw0e0D0W8Zeffa
bpbzRZWrjJvTfO/7YEn3AJYecGVtkzXzdAkluMBI0N6Vlm1lf2XOCAbexUx+Y+Pr
8Y2B1ITpC/W+lC4vjBR/LP6DFH1GF8Vz2yvUde4IuqG9C2WLa/+5iLTnjh29CIfu
C0I3X1b/DlxaHpW6erIU31oP/ocJI3aCgxYtCETOLpvvkzGHvjlCD5X/huU5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUh2h6WvimJJRvj6wOfnziXPj41qYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTMxNzQ1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQRXMA0GCSqGSIb3DQEBCwUAA4IBAQDISnMV
ygdWD4S+0GhOP6+sJPJyEq766Kd0tKU2Hn60rotW4hloeSVsFntxQ6i+H+56mOxh
1G6HG3UmjYc0aMe2I8ldPdYTIotHhJjOih1IAtdEU45ndrEwE7oLxRJE0aRxLHLK
8jUurOnx+sEZSU6KegVZu8GbCZ31yNSuMviZrV4GGlxMhFGYHYJ1zwri2gorF4mx
eMLIO/mvSEsgx0m6C/Dxrnd9KTeTX7wXjsL0XCfVzVd9R8MBAsRxy/KQw8cJIIc/
xZtz8D4zWOz25JnahnFy7ALqV8C8mAtM/fl2Ho7ZrNpdRuZdWZmD6fzTkMgiRHXM
OnczfTGYi8DPnz1/
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:11 2024 by rpki-client on console-fra.rpki-client.org