Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS148971.roa
File: AS148971.roa (raw, json)
Hash identifier: YUdMFI56+hTQikExwdWSSeQhv2H8ht0c17sPAR3l/TE=
Subject key identifier: 00:17:79:23:95:2D:9F:BC:D0:53:CE:4F:33:CB:61:7F:18:2C:CD:19
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 368F4FAC635B0414CFC5EEB69ECE9A8C4710A8E5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS148971.roa
Signing time: Tue 05 Nov 2024 03:40:05 +0000
ROA not before: Tue 05 Nov 2024 03:35:05 +0000
ROA not after: Tue 04 Nov 2025 03:40:05 +0000
asID: 148971
IP address blocks: 2a06:a005:25a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:8f:4f:ac:63:5b:04:14:cf:c5:ee:b6:9e:ce:9a:8c:47:10:a8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:05 2024 GMT
Not After : Nov 4 03:40:05 2025 GMT
Subject: CN=00177923952D9FBCD053CE4F33CB617F182CCD19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d4:1c:94:08:69:19:2b:38:1f:64:d4:9c:51:
93:21:a3:93:ca:25:37:cd:64:1a:c1:5e:e0:8d:43:
7e:df:60:ba:bf:e5:74:e7:18:36:1a:d0:17:2d:07:
d8:21:3b:2e:19:6e:47:29:97:40:2e:43:e7:82:5a:
2d:fb:7d:b3:12:a7:a9:6c:79:99:51:ba:71:16:78:
92:6b:03:e6:39:3f:1e:20:37:c0:84:d6:b3:b2:e2:
66:43:b8:ba:c8:93:84:1c:22:84:1e:b1:00:d8:ae:
84:54:89:91:f8:56:62:19:1f:1f:21:a0:70:4b:a8:
6e:2b:bf:ab:ba:82:e5:2c:4a:7b:d0:d7:ff:24:98:
1a:97:24:23:7a:5f:40:42:0a:b5:2d:e5:10:94:83:
e9:d2:87:a0:2c:ef:df:47:4f:39:05:9a:ad:f8:b7:
08:fc:c5:26:16:65:c5:5a:57:05:a7:cc:90:86:23:
6f:6a:5e:f4:50:b4:56:6e:02:11:39:bf:2d:33:1c:
7b:d7:07:23:ff:a6:3e:16:e7:e1:37:ec:03:eb:1a:
a4:36:14:b5:d9:69:4f:02:05:a3:34:c9:70:a6:8d:
df:78:ab:bc:0e:e3:1d:e1:00:2e:a2:db:6a:63:27:
39:a6:e8:2a:c6:a4:73:18:74:8b:8e:58:cd:82:83:
89:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:17:79:23:95:2D:9F:BC:D0:53:CE:4F:33:CB:61:7F:18:2C:CD:19
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS148971.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:25a0::/44
Signature Algorithm: sha256WithRSAEncryption
7b:b5:a1:22:8b:37:88:4f:3e:a7:ff:76:b2:63:f7:5d:42:11:
20:60:8d:b9:da:86:eb:dc:a7:98:c6:50:32:94:3c:2b:a4:74:
db:e4:e8:f0:f6:c3:f8:f1:5d:4b:59:6a:2d:81:bd:94:6c:2f:
00:b7:cd:4e:ff:3e:8b:36:e1:c9:2d:74:cf:75:b6:19:2d:15:
22:cf:c7:2f:af:b6:9c:59:b9:00:f6:02:39:8b:10:05:af:92:
37:4d:c7:84:1b:fa:71:16:3e:86:2b:e0:24:c5:8b:15:b4:2a:
bd:52:ca:7a:7a:5e:1e:e2:b6:c3:c6:0a:5a:cf:0b:78:6b:ae:
19:47:c1:3b:1a:7e:4f:9f:84:46:22:c5:e8:75:64:9d:3a:d2:
a0:13:89:10:cb:05:d1:80:70:3b:e6:98:f0:d9:f1:52:57:9b:
06:1d:46:d5:a0:4a:40:b9:05:b3:5e:c7:99:9e:e8:7e:88:e3:
c9:e2:f4:00:f5:db:c3:bc:4b:a2:f3:19:8d:40:1c:0f:88:ac:
46:90:73:7a:53:1f:be:6c:69:12:6e:f0:27:9c:6e:b8:54:a3:
ab:8e:40:b1:ec:44:2d:79:8f:97:53:d0:18:24:db:ea:82:f1:
4d:ab:5f:33:0f:12:4c:4a:3d:fd:a3:a4:93:1b:44:c1:25:61:
c0:fa:a9:58
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUNo9PrGNbBBTPxe62ns6ajEcQqOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDVaFw0yNTExMDQwMzQwMDVaMDMxMTAvBgNV
BAMTKDAwMTc3OTIzOTUyRDlGQkNEMDUzQ0U0RjMzQ0I2MTdGMTgyQ0NEMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC1ByUCGkZKzgfZNScUZMho5PK
JTfNZBrBXuCNQ37fYLq/5XTnGDYa0BctB9ghOy4Zbkcpl0AuQ+eCWi37fbMSp6ls
eZlRunEWeJJrA+Y5Px4gN8CE1rOy4mZDuLrIk4QcIoQesQDYroRUiZH4VmIZHx8h
oHBLqG4rv6u6guUsSnvQ1/8kmBqXJCN6X0BCCrUt5RCUg+nSh6As799HTzkFmq34
twj8xSYWZcVaVwWnzJCGI29qXvRQtFZuAhE5vy0zHHvXByP/pj4W5+E37APrGqQ2
FLXZaU8CBaM0yXCmjd94q7wO4x3hAC6i22pjJzmm6CrGpHMYdIuOWM2Cg4klAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUABd5I5Utn7zQU85PM8thfxgszRkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQ4OTcxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSWgMA0GCSqGSIb3DQEBCwUAA4IBAQB7taEi
izeITz6n/3ayY/ddQhEgYI252obr3KeYxlAylDwrpHTb5Ojw9sP48V1LWWotgb2U
bC8At81O/z6LNuHJLXTPdbYZLRUiz8cvr7acWbkA9gI5ixAFr5I3TceEG/pxFj6G
K+AkxYsVtCq9Usp6el4e4rbDxgpazwt4a64ZR8E7Gn5Pn4RGIsXodWSdOtKgE4kQ
ywXRgHA75pjw2fFSV5sGHUbVoEpAuQWzXseZnuh+iOPJ4vQA9dvDvEui8xmNQBwP
iKxGkHN6Ux++bGkSbvAnnG64VKOrjkCx7EQteY+XU9AYJNvqgvFNq18zDxJMSj39
o6STG0TBJWHA+qlY
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:34 2024 by rpki-client on console-fra.rpki-client.org