Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199685.roa
File: AS199685.roa (raw, json)
Hash identifier: mBqRsyBR7p2Dz+qNPR9M2aj3F0F+1XqJFPHzZ7Odmqk=
Subject key identifier: 28:2E:43:99:8E:D5:AD:62:0E:A5:56:B3:F7:9F:71:78:43:74:F8:40
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 038E03E1C8D4672E1DA47FA516117C78792983DB
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199685.roa
Signing time: Fri 02 Feb 2024 21:44:24 +0000
ROA not before: Fri 02 Feb 2024 21:39:24 +0000
ROA not after: Fri 31 Jan 2025 21:44:24 +0000
asID: 199685
IP address blocks: 2a06:a005:1879::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:8e:03:e1:c8:d4:67:2e:1d:a4:7f:a5:16:11:7c:78:79:29:83:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Feb 2 21:39:24 2024 GMT
Not After : Jan 31 21:44:24 2025 GMT
Subject: CN=282E43998ED5AD620EA556B3F79F71784374F840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:c1:88:8a:e2:bd:d7:33:38:45:ee:dc:78:
34:7e:b7:6e:f1:89:12:be:73:b4:ef:3f:44:ed:76:
d1:ca:3a:d9:80:27:a2:c8:11:ed:a4:06:7f:47:ff:
22:48:a9:8a:9a:3d:71:fd:8d:1a:1e:05:ab:8f:7b:
b3:5a:a0:76:34:c8:23:15:7a:a8:01:00:9d:e7:c7:
2e:f9:a2:dc:2b:0e:2b:7f:53:a7:25:67:c3:3e:95:
f6:b2:99:3d:4b:28:c4:92:9b:a9:2a:4d:26:7b:11:
92:f4:aa:56:15:1e:a4:73:6a:82:08:fd:c6:f0:9e:
0e:e7:e8:df:aa:b1:d6:6e:fb:87:f9:3b:bb:27:3f:
e5:63:a1:eb:84:c6:3e:da:93:ee:48:40:08:e9:5e:
f0:e3:07:b6:c1:2c:6a:39:c7:a8:d1:d3:79:f0:c1:
bd:a8:d0:67:e0:88:c5:b2:c5:9b:fb:c8:cf:c6:15:
60:44:f5:c9:c9:07:e1:d9:6f:82:6a:15:9c:de:91:
60:79:fe:af:07:d2:38:aa:2a:c0:7c:e7:e3:bd:79:
a9:a3:69:e3:65:2f:19:6f:13:38:ab:eb:2f:a6:e8:
0f:0f:e8:23:bf:57:dd:b4:44:58:00:07:62:83:d2:
eb:b1:87:0f:9f:10:46:41:a4:d0:6f:07:67:54:39:
4a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2E:43:99:8E:D5:AD:62:0E:A5:56:B3:F7:9F:71:78:43:74:F8:40
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199685.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1879::/48
Signature Algorithm: sha256WithRSAEncryption
45:b8:ac:1d:c2:75:84:dd:67:81:6a:f8:94:77:4d:93:cc:55:
16:18:41:4d:1a:9d:2d:9a:7f:1d:97:e3:7c:7f:57:7f:c2:b2:
b9:27:73:5d:5d:a3:32:c4:59:b1:eb:d2:7f:b8:09:8d:98:eb:
c1:1a:35:70:d6:47:75:0c:aa:35:1f:e7:2d:be:cc:13:fd:32:
41:40:61:1e:a8:97:8a:2c:b4:5a:79:75:62:d9:29:44:f0:c3:
b9:5a:fa:68:5b:65:49:3d:93:6b:ef:f9:cc:82:45:dd:1c:11:
51:79:a8:05:ea:ea:d4:f7:44:8e:c3:07:c4:18:95:a3:ee:45:
07:cb:79:ae:e2:eb:ad:2c:c0:d5:08:8a:a8:fd:04:b4:6c:62:
ca:a3:05:e4:07:13:c7:91:38:29:96:2e:80:32:0b:a3:c3:02:
9b:2d:3f:4e:2a:8b:51:0c:67:68:e0:13:fd:ba:5b:60:96:c1:
de:c3:5e:48:42:ca:05:6a:2c:29:f9:f5:88:cb:bd:fe:c4:56:
45:e6:11:81:d8:09:ac:01:77:fe:d9:06:68:27:a0:f0:fb:12:
a6:54:d2:a9:9b:d9:85:8f:9c:86:2d:c5:83:f0:e9:de:e1:ca:
f9:aa:61:88:ef:57:3d:d7:e7:8d:ff:0a:e5:ea:54:11:68:60:
88:88:f2:24
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUA44D4cjUZy4dpH+lFhF8eHkpg9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDIyMTM5MjRaFw0yNTAxMzEyMTQ0MjRaMDMxMTAvBgNV
BAMTKDI4MkU0Mzk5OEVENUFENjIwRUE1NTZCM0Y3OUY3MTc4NDM3NEY4NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYZsGIiuK91zM4Re7ceDR+t27x
iRK+c7TvP0TtdtHKOtmAJ6LIEe2kBn9H/yJIqYqaPXH9jRoeBauPe7NaoHY0yCMV
eqgBAJ3nxy75otwrDit/U6clZ8M+lfaymT1LKMSSm6kqTSZ7EZL0qlYVHqRzaoII
/cbwng7n6N+qsdZu+4f5O7snP+VjoeuExj7ak+5IQAjpXvDjB7bBLGo5x6jR03nw
wb2o0GfgiMWyxZv7yM/GFWBE9cnJB+HZb4JqFZzekWB5/q8H0jiqKsB85+O9eamj
aeNlLxlvEzir6y+m6A8P6CO/V920RFgAB2KD0uuxhw+fEEZBpNBvB2dUOUo1AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUKC5DmY7VrWIOpVaz959xeEN0+EAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5Njg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRh5MA0GCSqGSIb3DQEBCwUAA4IBAQBFuKwd
wnWE3WeBaviUd02TzFUWGEFNGp0tmn8dl+N8f1d/wrK5J3NdXaMyxFmx69J/uAmN
mOvBGjVw1kd1DKo1H+ctvswT/TJBQGEeqJeKLLRaeXVi2SlE8MO5WvpoW2VJPZNr
7/nMgkXdHBFReagF6urU90SOwwfEGJWj7kUHy3mu4uutLMDVCIqo/QS0bGLKowXk
BxPHkTgpli6AMgujwwKbLT9OKotRDGdo4BP9ultglsHew15IQsoFaiwp+fWIy73+
xFZF5hGB2AmsAXf+2QZoJ6Dw+xKmVNKpm9mFj5yGLcWD8One4cr5qmGI71c91+eN
/wrl6lQRaGCIiPIk
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:30 2024 by rpki-client on console-ams.rpki-client.org