Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18428.roa
File: AS18428.roa (raw, json)
Hash identifier: vAeXdRTpNR/MQVgzV+aOw5GobE+r83gAtBAKGXGm07M=
Subject key identifier: E8:27:A2:BD:32:53:F9:D6:D8:C7:9F:D2:09:77:92:C2:D9:0F:65:8F
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 703593566F36662037290DAC38E38C106DF1480B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18428.roa
Signing time: Mon 25 Nov 2024 19:40:12 +0000
ROA not before: Mon 25 Nov 2024 19:35:12 +0000
ROA not after: Mon 24 Nov 2025 19:40:12 +0000
asID: 18428
IP address blocks: 2a06:a005:25f0::/44 maxlen: 48
2a06:a005:2610::/44 maxlen: 48
2a06:a005:2620::/44 maxlen: 48
2a06:a005:29c0::/44 maxlen: 48
2a06:a005:2bb0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:35:93:56:6f:36:66:20:37:29:0d:ac:38:e3:8c:10:6d:f1:48:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 25 19:35:12 2024 GMT
Not After : Nov 24 19:40:12 2025 GMT
Subject: CN=E827A2BD3253F9D6D8C79FD2097792C2D90F658F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:f4:e2:aa:04:db:d3:2e:59:8c:ce:0e:e6:
c0:67:13:0a:00:b1:ca:81:1c:b0:18:d9:e9:75:c8:
da:0f:f2:75:09:52:14:f1:48:7b:a2:93:cc:a0:98:
f6:76:8d:db:56:92:a9:ac:e2:2c:f5:7c:91:a2:38:
46:4d:68:19:a6:05:ed:15:f2:52:27:dd:64:a9:b6:
d5:12:7d:69:82:b3:00:f7:f6:03:bb:11:be:f7:a2:
9e:eb:f1:64:90:2d:3d:6c:9f:77:6d:71:5b:03:e4:
59:d5:9c:70:4f:36:f5:92:7d:8a:84:e7:68:0b:16:
b7:b2:6e:64:5c:7d:f4:9d:63:64:7c:f2:e6:02:81:
da:c8:f0:2c:ae:29:b9:72:52:25:cd:1c:cb:c1:37:
f0:0c:7c:52:18:fc:23:9d:03:79:b2:de:67:81:34:
38:19:83:3f:76:cf:4d:f9:b0:28:fd:9d:7c:e2:55:
b6:e8:57:92:12:32:81:ee:67:b3:94:33:a3:c9:98:
8f:0a:8e:a2:ee:af:72:04:07:bf:6f:c8:a7:02:0e:
21:d9:b0:98:9b:82:f0:1a:4c:2a:70:99:c1:72:d3:
74:69:3a:fa:1f:7b:39:ea:10:ef:96:c4:6b:28:7b:
c3:4e:0f:31:c7:81:e3:91:65:6f:55:d5:4e:45:30:
15:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:27:A2:BD:32:53:F9:D6:D8:C7:9F:D2:09:77:92:C2:D9:0F:65:8F
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18428.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:25f0::/44
2a06:a005:2610::-2a06:a005:262f:ffff:ffff:ffff:ffff:ffff
2a06:a005:29c0::/44
2a06:a005:2bb0::/44
Signature Algorithm: sha256WithRSAEncryption
64:82:82:8a:5a:88:a9:26:a7:1f:79:89:aa:6e:6a:c6:1c:95:
c4:61:40:87:80:dc:06:a7:cd:57:96:02:9a:4e:fa:e5:23:e1:
7c:94:d4:5e:f0:98:9f:b9:fd:fb:c1:19:41:e6:bd:9e:91:0a:
ec:cc:cd:a2:ec:10:99:ed:d9:d5:8f:95:b2:11:78:ba:e7:7e:
9f:20:14:7d:0d:b1:25:9c:ba:d6:1a:b8:78:a3:be:54:cd:6f:
5e:e5:b0:f1:fd:28:8b:6b:7d:80:71:20:ec:56:be:98:7a:f2:
6d:7c:e2:43:03:b6:2e:e0:ce:4d:7a:e2:2d:d5:4b:9d:a8:7b:
39:aa:a1:ae:23:2d:1e:ea:50:ce:cf:b9:b4:f9:9f:84:0a:9e:
0a:3a:00:1d:8a:f4:ae:bd:c3:39:1a:55:cc:fa:08:dc:20:74:
02:20:4d:18:3a:b1:97:bc:ca:ea:53:20:0b:06:19:4d:19:95:
d3:b4:5e:2c:7e:db:74:cc:bb:9f:94:be:59:04:d5:f8:a7:43:
41:3a:ba:db:21:a5:55:99:87:be:5c:31:47:df:dd:1d:69:81:
c4:0c:9f:b8:aa:87:04:d0:e7:57:b0:a5:a4:f4:bf:df:7d:4f:
fc:71:2f:c0:d1:34:c0:37:34:cf:be:dc:af:88:27:e2:a4:21:
2b:94:97:31
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUcDWTVm82ZiA3KQ2sOOOMEG3xSAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMjUxOTM1MTJaFw0yNTExMjQxOTQwMTJaMDMxMTAvBgNV
BAMTKEU4MjdBMkJEMzI1M0Y5RDZEOEM3OUZEMjA5Nzc5MkMyRDkwRjY1OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu5fTiqgTb0y5ZjM4O5sBnEwoA
scqBHLAY2el1yNoP8nUJUhTxSHuik8ygmPZ2jdtWkqms4iz1fJGiOEZNaBmmBe0V
8lIn3WSpttUSfWmCswD39gO7Eb73op7r8WSQLT1sn3dtcVsD5FnVnHBPNvWSfYqE
52gLFreybmRcffSdY2R88uYCgdrI8CyuKblyUiXNHMvBN/AMfFIY/COdA3my3meB
NDgZgz92z035sCj9nXziVbboV5ISMoHuZ7OUM6PJmI8KjqLur3IEB79vyKcCDiHZ
sJibgvAaTCpwmcFy03RpOvofeznqEO+WxGsoe8NODzHHgeORZW9V1U5FMBWpAgMB
AAGjggIXMIICEzAdBgNVHQ4EFgQU6CeivTJT+dbYx5/SCXeSwtkPZY8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTg0Mjgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcB
Af8EOTA3MDUEAgACMC8DBwQqBqAFJfAwEgMHBCoGoAUmEAMHBCoGoAUmIAMHBCoG
oAUpwAMHBCoGoAUrsDANBgkqhkiG9w0BAQsFAAOCAQEAZIKCilqIqSanH3mJqm5q
xhyVxGFAh4DcBqfNV5YCmk765SPhfJTUXvCYn7n9+8EZQea9npEK7MzNouwQme3Z
1Y+VshF4uud+nyAUfQ2xJZy61hq4eKO+VM1vXuWw8f0oi2t9gHEg7Fa+mHrybXzi
QwO2LuDOTXriLdVLnah7OaqhriMtHupQzs+5tPmfhAqeCjoAHYr0rr3DORpVzPoI
3CB0AiBNGDqxl7zK6lMgCwYZTRmV07ReLH7bdMy7n5S+WQTV+KdDQTq62yGlVZmH
vlwxR9/dHWmBxAyfuKqHBNDnV7ClpPS/331P/HEvwNE0wDc0z77cr4gn4qQhK5SX
MQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:09 2024 by rpki-client on console-ams.rpki-client.org