Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199972.roa
File: AS199972.roa (raw, json)
Hash identifier: Ub8WlAzKmy6XLdQAyVBv9StSbNooCw0HzcMx8NS9xyA=
Subject key identifier: 28:AE:1B:FC:7A:A9:D2:87:7A:9F:B0:AA:7D:30:BF:F6:03:33:36:03
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3FDF8853DD2C20EB01F0E41E4941CEA7CA507897
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199972.roa
Signing time: Sat 03 Feb 2024 18:44:24 +0000
ROA not before: Sat 03 Feb 2024 18:39:24 +0000
ROA not after: Sat 01 Feb 2025 18:44:24 +0000
asID: 199972
IP address blocks: 2a06:a005:d25::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:df:88:53:dd:2c:20:eb:01:f0:e4:1e:49:41:ce:a7:ca:50:78:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Feb 3 18:39:24 2024 GMT
Not After : Feb 1 18:44:24 2025 GMT
Subject: CN=28AE1BFC7AA9D2877A9FB0AA7D30BFF603333603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:53:e6:53:b1:cc:13:a9:7f:12:ae:73:95:c1:
ed:da:89:19:32:86:0e:6b:cd:c5:e6:7a:2b:f3:c3:
a9:5a:9c:26:39:9d:cc:52:aa:6c:4c:fb:0f:4b:b4:
ee:7a:df:9d:21:5b:9a:ce:10:6b:50:01:79:15:7b:
1a:07:9b:94:1d:27:56:95:37:e8:bd:39:51:f4:7d:
13:70:84:1c:9a:75:d1:03:07:a5:e6:b3:ad:78:9b:
32:14:d0:52:4b:be:91:0b:f0:69:73:06:aa:4d:b1:
1a:e2:3f:79:a9:84:26:7c:78:91:3d:40:54:5e:52:
6b:86:eb:ed:d3:62:a2:55:fb:31:18:32:5d:0a:e2:
e0:a7:67:1e:12:5c:b3:94:54:d4:cc:84:4c:55:7f:
8f:06:00:24:4c:fa:66:57:65:2a:0b:d8:af:d0:57:
d0:83:d5:ee:1a:50:8f:73:9a:9d:14:c4:89:c6:0c:
49:62:51:08:0f:74:d8:e6:43:9a:38:30:ea:e5:b8:
8d:ab:af:c1:ab:6f:fd:fe:8c:01:0d:53:52:4e:fe:
9e:0f:74:5b:f8:b2:5d:17:56:76:a9:98:36:15:71:
3c:ae:04:64:3b:e5:c5:04:25:58:d9:73:ed:fd:c0:
a1:88:83:36:41:4a:5e:ef:4b:92:d7:56:4b:6e:a0:
a7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AE:1B:FC:7A:A9:D2:87:7A:9F:B0:AA:7D:30:BF:F6:03:33:36:03
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199972.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d25::/48
Signature Algorithm: sha256WithRSAEncryption
6a:66:70:3a:31:27:30:0c:8b:e4:e3:70:46:26:29:74:07:70:
5a:49:12:32:c4:1d:60:b7:40:0b:9f:da:94:5d:81:c0:ca:c1:
93:a2:30:93:2d:82:d3:48:a0:e4:5e:b4:c0:76:37:17:cd:93:
28:1f:3f:58:c5:f8:71:45:54:ac:1b:fb:01:b8:fc:27:f4:fa:
25:3a:f9:09:f3:b1:35:f1:c5:83:af:da:bb:11:b0:58:4c:a1:
c3:28:7a:a0:9a:72:59:53:83:ff:22:77:97:1e:f7:59:c8:0f:
b0:6c:68:45:41:cc:14:db:3f:82:a8:07:cd:35:eb:b5:1d:80:
ef:1f:a5:d7:8b:1d:8c:7d:a0:74:4a:ba:e6:e4:1c:d7:8e:d8:
8d:c8:b1:ee:90:43:50:a4:75:be:36:77:02:08:2c:5a:24:7c:
2f:b8:ff:3b:74:c8:b1:95:57:0d:05:f6:11:44:d4:44:8e:91:
23:12:0c:7c:8d:7b:14:4d:e9:07:ca:df:f9:d7:f1:45:89:e6:
23:30:80:d0:31:10:1e:af:83:9e:46:48:a7:5c:fc:3e:88:80:
cd:d6:0d:2d:51:cd:98:9e:eb:99:83:05:21:fe:3d:08:cc:be:
4a:be:a2:28:15:55:86:8d:58:bb:3a:6d:de:c0:0f:d1:8d:c8:
fe:94:ce:f1
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUP9+IU90sIOsB8OQeSUHOp8pQeJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDMxODM5MjRaFw0yNTAyMDExODQ0MjRaMDMxMTAvBgNV
BAMTKDI4QUUxQkZDN0FBOUQyODc3QTlGQjBBQTdEMzBCRkY2MDMzMzM2MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTU+ZTscwTqX8SrnOVwe3aiRky
hg5rzcXmeivzw6lanCY5ncxSqmxM+w9LtO56350hW5rOEGtQAXkVexoHm5QdJ1aV
N+i9OVH0fRNwhByaddEDB6Xms614mzIU0FJLvpEL8GlzBqpNsRriP3mphCZ8eJE9
QFReUmuG6+3TYqJV+zEYMl0K4uCnZx4SXLOUVNTMhExVf48GACRM+mZXZSoL2K/Q
V9CD1e4aUI9zmp0UxInGDEliUQgPdNjmQ5o4MOrluI2rr8Grb/3+jAENU1JO/p4P
dFv4sl0XVnapmDYVcTyuBGQ75cUEJVjZc+39wKGIgzZBSl7vS5LXVktuoKeZAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUKK4b/Hqp0od6n7CqfTC/9gMzNgMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5OTcyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ0lMA0GCSqGSIb3DQEBCwUAA4IBAQBqZnA6
MScwDIvk43BGJil0B3BaSRIyxB1gt0ALn9qUXYHAysGTojCTLYLTSKDkXrTAdjcX
zZMoHz9YxfhxRVSsG/sBuPwn9PolOvkJ87E18cWDr9q7EbBYTKHDKHqgmnJZU4P/
IneXHvdZyA+wbGhFQcwU2z+CqAfNNeu1HYDvH6XXix2MfaB0Srrm5BzXjtiNyLHu
kENQpHW+NncCCCxaJHwvuP87dMixlVcNBfYRRNREjpEjEgx8jXsUTekHyt/51/FF
ieYjMIDQMRAer4OeRkinXPw+iIDN1g0tUc2YnuuZgwUh/j0IzL5KvqIoFVWGjVi7
Om3ewA/Rjcj+lM7x
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:11 2024 by rpki-client on console-fra.rpki-client.org