Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS21738.roa
File: AS21738.roa (raw, json)
Hash identifier: 0DvkH8S+KSfXBH1PXjpTXUIQ/F90fwopz1B0aQQJJIM=
Subject key identifier: DA:71:45:96:A2:5F:91:B3:7F:A0:9D:52:3B:02:FB:B6:41:22:A1:FE
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 332DDC219F240757E7D3A091447E3D0BF0D4868A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS21738.roa
Signing time: Tue 10 Sep 2024 07:57:49 +0000
ROA not before: Tue 10 Sep 2024 07:52:49 +0000
ROA not after: Tue 09 Sep 2025 07:57:49 +0000
asID: 21738
IP address blocks: 2a06:a005:2fb0::/44 maxlen: 48
2a06:a005:2fc0::/44 maxlen: 48
2a06:a005:2fd0::/44 maxlen: 48
2a06:a005:2fe0::/44 maxlen: 48
2a06:a005:2ff0::/44 maxlen: 48
2a0d:d905::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:2d:dc:21:9f:24:07:57:e7:d3:a0:91:44:7e:3d:0b:f0:d4:86:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Sep 10 07:52:49 2024 GMT
Not After : Sep 9 07:57:49 2025 GMT
Subject: CN=DA714596A25F91B37FA09D523B02FBB64122A1FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7f:e7:12:43:1d:7d:84:16:aa:4c:10:a2:85:
a6:6c:d5:0f:fe:71:b8:0d:0b:fb:34:49:f9:79:79:
a9:58:ea:73:e8:96:4a:c2:74:14:eb:2f:11:4d:ee:
fd:14:02:ce:f1:3d:3f:0f:77:a4:f9:53:ff:70:10:
86:59:bd:a0:df:bc:d5:0a:d8:bb:22:5f:b9:cb:76:
f6:57:bd:48:28:3a:98:db:bd:78:57:5a:bd:fc:0a:
80:a5:1e:78:77:46:33:4d:0f:07:f7:d1:0f:03:b2:
c7:f1:b2:51:ff:43:a7:8c:1f:ff:32:46:8e:7a:60:
57:5a:6f:ff:91:aa:1c:04:13:f4:7e:d3:51:88:1b:
2b:00:06:bb:08:51:29:b6:29:d5:d7:d9:e3:d1:ad:
87:ca:11:29:8d:d3:b6:45:b7:8e:a2:29:f4:e7:3c:
d6:32:fe:25:a5:36:0b:e5:8b:40:70:a8:3a:78:ee:
26:97:ae:dc:78:b7:cc:40:c2:b4:d3:6f:4d:95:1a:
c9:09:1a:91:35:c0:9f:a7:4e:a2:d8:03:43:c1:8c:
91:3f:71:0a:14:ca:df:b8:28:89:d4:70:c1:c1:ec:
44:e9:e6:13:58:fc:a4:94:a5:b6:dc:de:5f:52:75:
41:0a:85:54:33:72:60:09:b8:55:6a:f7:10:b8:db:
b5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:71:45:96:A2:5F:91:B3:7F:A0:9D:52:3B:02:FB:B6:41:22:A1:FE
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS21738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2fb0::-2a06:a005:2fff:ffff:ffff:ffff:ffff:ffff
2a0d:d905::/32
Signature Algorithm: sha256WithRSAEncryption
29:3c:17:c7:8e:87:ea:05:50:45:01:99:30:3f:1f:a4:2e:bb:
18:09:28:5e:ca:47:53:2c:fe:cb:6a:e7:9c:eb:57:c6:b0:5b:
fe:7e:0c:cd:9c:9c:81:39:92:3b:64:52:e7:e7:b3:79:52:67:
c2:f8:a6:79:c9:cf:6b:60:5e:40:1a:5a:2f:53:15:a6:88:e5:
5b:ea:1c:ed:3a:7e:08:a2:14:1b:75:c1:9a:26:2f:f1:4d:f9:
04:2d:07:42:21:42:85:19:4d:3c:1d:cc:f7:53:1f:8d:e1:09:
07:11:66:89:be:55:2d:58:8c:b3:57:91:51:93:fe:e0:5c:9c:
67:76:c9:cf:c3:9f:f2:8e:7b:a9:f2:ba:76:6c:65:b2:0b:9f:
c4:1d:48:d5:d5:cd:0c:c8:04:b4:e1:0c:d5:b2:d1:0e:00:e2:
8e:27:26:dd:8a:48:2f:21:ea:0e:10:66:d6:cb:21:54:3b:e0:
f4:7f:69:98:18:bb:2a:08:83:00:b6:18:f8:e9:80:52:f5:be:
5d:f6:18:05:67:81:82:5f:78:e5:e3:92:ac:80:c2:de:89:80:
32:d5:a3:3d:55:05:bc:80:1d:1d:1a:6f:58:df:3b:48:40:0b:
c9:1e:ea:92:c0:62:b4:53:f0:3f:fe:7c:79:46:80:ab:de:df:
1b:75:85:aa
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIUMy3cIZ8kB1fn06CRRH49C/DUhoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA5MTAwNzUyNDlaFw0yNTA5MDkwNzU3NDlaMDMxMTAvBgNV
BAMTKERBNzE0NTk2QTI1RjkxQjM3RkEwOUQ1MjNCMDJGQkI2NDEyMkExRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGf+cSQx19hBaqTBCihaZs1Q/+
cbgNC/s0Sfl5ealY6nPolkrCdBTrLxFN7v0UAs7xPT8Pd6T5U/9wEIZZvaDfvNUK
2LsiX7nLdvZXvUgoOpjbvXhXWr38CoClHnh3RjNNDwf30Q8DssfxslH/Q6eMH/8y
Ro56YFdab/+RqhwEE/R+01GIGysABrsIUSm2KdXX2ePRrYfKESmN07ZFt46iKfTn
PNYy/iWlNgvli0BwqDp47iaXrtx4t8xAwrTTb02VGskJGpE1wJ+nTqLYA0PBjJE/
cQoUyt+4KInUcMHB7ETp5hNY/KSUpbbc3l9SdUEKhVQzcmAJuFVq9xC427UBAgMB
AAGjggICMIIB/jAdBgNVHQ4EFgQU2nFFlqJfkbN/oJ1SOwL7tkEiof4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjE3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcB
Af8EJDAiMCAEAgACMBowEQMHBCoGoAUvsAMGBCoGoAUgAwUAKg3ZBTANBgkqhkiG
9w0BAQsFAAOCAQEAKTwXx46H6gVQRQGZMD8fpC67GAkoXspHUyz+y2rnnOtXxrBb
/n4MzZycgTmSO2RS5+ezeVJnwvimecnPa2BeQBpaL1MVpojlW+oc7Tp+CKIUG3XB
miYv8U35BC0HQiFChRlNPB3M91MfjeEJBxFmib5VLViMs1eRUZP+4FycZ3bJz8Of
8o57qfK6dmxlsgufxB1I1dXNDMgEtOEM1bLRDgDijicm3YpILyHqDhBm1sshVDvg
9H9pmBi7KgiDALYY+OmAUvW+XfYYBWeBgl945eOSrIDC3omAMtWjPVUFvIAdHRpv
WN87SEALyR7qksBitFPwP/58eUaAq97fG3WFqg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:37 2024 by rpki-client on console-fra.rpki-client.org