Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS21738.roa
File: AS21738.roa (raw, json)
Hash identifier: xlD5f0vBpjmFfj+qx/sHVsSeeZGXk2IBmmHJpBzQjr0=
Subject key identifier: 43:E3:DA:93:ED:E9:69:F9:FC:CA:0B:96:B2:0A:4E:FB:DA:89:75:B6
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 39031CDED9CB033F06A422F4512BA0058522BC11
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS21738.roa
Signing time: Mon 22 Jan 2024 19:16:10 +0000
ROA not before: Mon 22 Jan 2024 19:11:10 +0000
ROA not after: Mon 20 Jan 2025 19:16:10 +0000
asID: 21738
IP address blocks: 2a06:1287::/32 maxlen: 48
2a06:a005:2fb0::/44 maxlen: 48
2a06:a005:2fc0::/44 maxlen: 48
2a06:a005:2fd0::/44 maxlen: 48
2a06:a005:2fe0::/44 maxlen: 48
2a06:a005:2ff0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:03:1c:de:d9:cb:03:3f:06:a4:22:f4:51:2b:a0:05:85:22:bc:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Jan 22 19:11:10 2024 GMT
Not After : Jan 20 19:16:10 2025 GMT
Subject: CN=43E3DA93EDE969F9FCCA0B96B20A4EFBDA8975B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2e:5d:7b:04:a0:c6:60:af:61:8a:3c:be:32:
28:12:11:aa:f9:6e:73:ae:67:39:f0:72:83:ec:33:
69:2c:17:16:4a:75:3d:bd:ae:92:94:e6:60:62:7d:
c4:24:0a:52:4d:cd:5e:41:77:99:f0:ae:d2:c4:6f:
b7:a6:e5:4c:04:7f:fa:2b:c5:78:74:df:26:b1:2e:
d1:57:d9:09:f2:65:9b:16:2f:b7:17:44:a7:25:e7:
e4:26:ba:56:69:ae:86:12:0d:20:c8:dc:7b:92:bb:
9b:e1:9e:a2:54:31:3e:ea:bb:40:3c:af:a8:bd:9d:
3f:09:ad:6f:a4:8a:0d:79:44:33:24:89:b3:ed:85:
fb:16:c5:4a:d7:42:16:b3:98:1d:dc:cc:10:0c:db:
77:09:c9:64:18:8c:16:6a:09:ec:ba:7b:96:bb:9c:
15:82:22:a8:39:28:38:9f:3b:21:bd:be:57:55:d8:
66:6a:15:0f:47:fd:2c:51:18:55:de:42:1b:b7:0b:
50:cf:3d:08:3d:fb:6c:00:a3:d5:48:6f:5d:85:2b:
55:56:e3:e2:dd:a9:f3:11:dc:02:ed:79:42:75:92:
d4:6e:ef:7e:25:3b:70:3c:e8:a0:a0:0a:bf:83:11:
6b:1c:56:36:b2:30:b7:f0:63:45:a9:1b:a7:cc:a7:
56:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E3:DA:93:ED:E9:69:F9:FC:CA:0B:96:B2:0A:4E:FB:DA:89:75:B6
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS21738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1287::/32
2a06:a005:2fb0::-2a06:a005:2fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:f0:f8:5b:e7:aa:ee:3e:7c:53:40:19:57:76:75:e6:d3:af:
87:b2:e5:39:0e:be:40:56:fc:a2:56:39:1b:49:84:ee:fe:6b:
6d:4e:5e:e9:57:bb:34:e0:d0:54:c2:86:50:2f:2f:75:0c:9c:
2e:c0:c1:18:f7:71:49:ee:4a:44:cc:54:b6:38:e4:7a:5e:03:
d7:b6:34:d8:ab:49:14:28:f7:df:04:c3:af:d6:0d:6f:11:d9:
f8:ef:4e:ed:45:15:56:32:54:4f:e4:45:17:dd:4b:c7:84:e7:
7d:7f:40:7a:b1:c3:97:d9:d0:0b:ee:e5:8d:79:f4:3d:99:8c:
82:bf:ca:b7:0d:e3:24:4e:29:44:1d:15:c6:99:d8:63:da:72:
dc:11:54:d5:5d:54:dc:5b:62:d1:75:7c:1d:eb:23:1b:a1:64:
73:51:df:8d:e7:62:f8:ea:07:6f:c9:4d:d7:1f:aa:c7:29:5d:
20:44:e8:81:01:99:ed:b8:58:7b:6b:2f:00:3f:f6:10:65:f2:
38:eb:6f:c2:94:62:55:02:62:76:c2:4a:68:91:03:3a:21:c2:
b4:9e:93:7f:f8:73:35:fa:c2:ad:de:d5:92:29:9a:ab:77:26:
16:fd:29:20:51:c7:13:a1:3e:be:7e:f4:9d:38:48:9e:fa:d6:
52:8f:e0:0a
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIUOQMc3tnLAz8GpCL0USugBYUivBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMjIxOTExMTBaFw0yNTAxMjAxOTE2MTBaMDMxMTAvBgNV
BAMTKDQzRTNEQTkzRURFOTY5RjlGQ0NBMEI5NkIyMEE0RUZCREE4OTc1QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqLl17BKDGYK9hijy+MigSEar5
bnOuZznwcoPsM2ksFxZKdT29rpKU5mBifcQkClJNzV5Bd5nwrtLEb7em5UwEf/or
xXh03yaxLtFX2QnyZZsWL7cXRKcl5+QmulZproYSDSDI3HuSu5vhnqJUMT7qu0A8
r6i9nT8JrW+kig15RDMkibPthfsWxUrXQhazmB3czBAM23cJyWQYjBZqCey6e5a7
nBWCIqg5KDifOyG9vldV2GZqFQ9H/SxRGFXeQhu3C1DPPQg9+2wAo9VIb12FK1VW
4+LdqfMR3ALteUJ1ktRu734lO3A86KCgCr+DEWscVjayMLfwY0WpG6fMp1ZFAgMB
AAGjggICMIIB/jAdBgNVHQ4EFgQUQ+Pak+3pafn8yguWsgpO+9qJdbYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjE3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcB
Af8EJDAiMCAEAgACMBoDBQAqBhKHMBEDBwQqBqAFL7ADBgQqBqAFIDANBgkqhkiG
9w0BAQsFAAOCAQEAQ/D4W+eq7j58U0AZV3Z15tOvh7LlOQ6+QFb8olY5G0mE7v5r
bU5e6Ve7NODQVMKGUC8vdQycLsDBGPdxSe5KRMxUtjjkel4D17Y02KtJFCj33wTD
r9YNbxHZ+O9O7UUVVjJUT+RFF91Lx4TnfX9AerHDl9nQC+7ljXn0PZmMgr/Ktw3j
JE4pRB0VxpnYY9py3BFU1V1U3Fti0XV8HesjG6Fkc1Hfjedi+OoHb8lN1x+qxyld
IETogQGZ7bhYe2svAD/2EGXyOOtvwpRiVQJidsJKaJEDOiHCtJ6Tf/hzNfrCrd7V
kimaq3cmFv0pIFHHE6E+vn70nThInvrWUo/gCg==
-----END CERTIFICATE-----
Generated at Fri May 3 20:32:57 2024 by rpki-client on console-fra.rpki-client.org