Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199840.roa
File: AS199840.roa (raw, json)
Hash identifier: KWeI0GRERPDP9Y04JcYXracWUF6ezWA3pqDyaHzrfHk=
Subject key identifier: 7E:BF:57:7F:40:B4:94:8C:6A:87:A3:4C:85:0C:6D:69:43:5C:8A:FA
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 66F8E3F35D7DD0B9BFB7A69C8F1FFE4E22563D3D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199840.roa
Signing time: Fri 13 Dec 2024 02:56:30 +0000
ROA not before: Fri 13 Dec 2024 02:51:30 +0000
ROA not after: Fri 12 Dec 2025 02:56:30 +0000
asID: 199840
IP address blocks: 2a06:a005:d20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f8:e3:f3:5d:7d:d0:b9:bf:b7:a6:9c:8f:1f:fe:4e:22:56:3d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 13 02:51:30 2024 GMT
Not After : Dec 12 02:56:30 2025 GMT
Subject: CN=7EBF577F40B4948C6A87A34C850C6D69435C8AFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b0:8f:8d:3a:2f:19:7b:27:e6:8c:9a:5d:cc:
08:62:f8:85:b9:2f:f6:1d:6b:0c:63:30:4f:5e:a2:
b6:ff:65:a7:ce:e3:35:0e:34:fc:64:01:0a:8c:d9:
e5:a7:d4:88:da:33:25:2a:db:11:3e:6a:a6:c9:d4:
bd:36:e9:42:07:7f:33:0a:e0:62:75:e2:df:03:0b:
9c:2d:2f:f4:ec:33:c4:8c:fa:31:73:23:05:32:9d:
80:a3:f4:48:23:a6:48:73:72:c9:15:6a:2c:cf:fa:
b0:ee:12:8c:8c:4a:4f:65:b4:69:27:67:1c:81:00:
ae:17:bc:75:fd:3d:0d:a1:b3:37:1a:58:7d:93:ed:
23:f9:8e:b5:e8:53:6b:28:e7:a0:d6:d4:98:ac:1f:
73:90:78:26:6c:2a:b9:12:9d:45:81:e9:24:c3:bd:
0d:0b:53:66:0a:7a:d4:56:ba:de:c9:6e:9b:12:5a:
3d:7f:a5:76:2f:98:a2:ed:4a:b8:6c:3b:41:1c:89:
0b:af:6c:9d:1c:8e:a7:c2:34:f8:09:d2:09:b3:a4:
e5:1a:24:2b:bc:48:e5:1d:07:ab:3d:48:3f:3b:9c:
19:af:ef:3f:49:8d:f3:85:80:f2:c1:d0:13:44:f8:
bb:03:f1:61:8d:a2:ee:64:f7:f3:4f:f5:76:3b:d1:
c5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BF:57:7F:40:B4:94:8C:6A:87:A3:4C:85:0C:6D:69:43:5C:8A:FA
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d20::/48
Signature Algorithm: sha256WithRSAEncryption
6e:a4:6a:5f:02:0b:47:41:32:7c:6b:dd:c0:5a:34:a1:09:bb:
0f:27:7b:6d:44:fb:c2:55:90:13:32:ef:b5:14:ff:a2:d3:2a:
74:f8:2c:06:86:db:d1:0c:25:e2:58:cc:28:a1:24:fd:70:3c:
41:56:b0:e6:d0:76:46:bc:10:e8:d1:03:62:a7:3c:85:d1:3b:
fc:6a:22:95:30:f8:a7:de:ef:d7:bc:00:c4:cc:3d:5c:c9:3a:
bf:2b:13:6e:a9:e9:d9:64:62:83:9f:11:df:a5:5f:6d:3b:cd:
60:5a:cc:e6:85:5e:69:38:17:2e:7d:e9:7a:aa:d7:be:1d:18:
99:88:4a:04:ce:99:21:f5:6e:22:0b:3e:54:00:8e:92:be:c2:
20:4f:e0:96:fd:d5:79:13:64:70:fe:6c:04:23:d3:a4:03:75:
cb:8f:93:1e:27:d0:2c:97:0e:86:2d:0d:fc:cd:73:65:cc:57:
71:53:61:fe:de:b4:cb:e6:38:56:37:9f:df:f9:29:35:1c:bf:
a0:ee:c6:a0:1f:d0:67:30:b2:65:31:a9:fa:e7:ac:3f:57:ea:
1f:3b:19:84:07:4c:bb:8b:37:56:ac:80:c9:d6:f1:a4:cb:e7:
0a:2b:c6:b5:35:eb:ff:9b:6d:9f:ca:84:10:30:29:36:07:2d:
6a:43:c1:68
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUZvjj81190Lm/t6acjx/+TiJWPT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMzBaFw0yNTEyMTIwMjU2MzBaMDMxMTAvBgNV
BAMTKDdFQkY1NzdGNDBCNDk0OEM2QTg3QTM0Qzg1MEM2RDY5NDM1QzhBRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDesI+NOi8ZeyfmjJpdzAhi+IW5
L/YdawxjME9eorb/ZafO4zUONPxkAQqM2eWn1IjaMyUq2xE+aqbJ1L026UIHfzMK
4GJ14t8DC5wtL/TsM8SM+jFzIwUynYCj9EgjpkhzcskVaizP+rDuEoyMSk9ltGkn
ZxyBAK4XvHX9PQ2hszcaWH2T7SP5jrXoU2so56DW1JisH3OQeCZsKrkSnUWB6STD
vQ0LU2YKetRWut7JbpsSWj1/pXYvmKLtSrhsO0EciQuvbJ0cjqfCNPgJ0gmzpOUa
JCu8SOUdB6s9SD87nBmv7z9JjfOFgPLB0BNE+LsD8WGNou5k9/NP9XY70cWVAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUfr9Xf0C0lIxqh6NMhQxtaUNcivowHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5ODQwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ0gMA0GCSqGSIb3DQEBCwUAA4IBAQBupGpf
AgtHQTJ8a93AWjShCbsPJ3ttRPvCVZATMu+1FP+i0yp0+CwGhtvRDCXiWMwooST9
cDxBVrDm0HZGvBDo0QNipzyF0Tv8aiKVMPin3u/XvADEzD1cyTq/KxNuqenZZGKD
nxHfpV9tO81gWszmhV5pOBcufel6qte+HRiZiEoEzpkh9W4iCz5UAI6SvsIgT+CW
/dV5E2Rw/mwEI9OkA3XLj5MeJ9Aslw6GLQ38zXNlzFdxU2H+3rTL5jhWN5/f+Sk1
HL+g7sagH9BnMLJlMan656w/V+ofOxmEB0y7izdWrIDJ1vGky+cKK8a1Nev/m22f
yoQQMCk2By1qQ8Fo
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:39:17 2025 by rpki-client