Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS38254.roa
File: AS38254.roa (raw, json)
Hash identifier: pkdaP2pvhqSnpvxbWwiRnFlcuVbSRyudq2M2lQWuklk=
Subject key identifier: 3F:82:D6:76:66:92:35:FC:09:25:A2:56:F7:CE:99:88:1F:EA:52:8C
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 6341442A0393190402DF0668D9E1261D0E3F4417
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS38254.roa
Signing time: Tue 05 Nov 2024 03:39:59 +0000
ROA not before: Tue 05 Nov 2024 03:34:59 +0000
ROA not after: Tue 04 Nov 2025 03:39:59 +0000
asID: 38254
IP address blocks: 2a06:a005:160::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:41:44:2a:03:93:19:04:02:df:06:68:d9:e1:26:1d:0e:3f:44:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:34:59 2024 GMT
Not After : Nov 4 03:39:59 2025 GMT
Subject: CN=3F82D676669235FC0925A256F7CE99881FEA528C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:68:11:cd:f2:15:9e:bb:74:3e:1b:71:45:b3:
40:c5:73:22:aa:fc:9b:77:66:3c:dc:9c:b2:26:60:
68:34:be:47:d6:10:94:f6:cb:76:37:a9:76:43:80:
a3:0b:f0:af:a7:10:ae:01:c0:e2:e2:20:f3:cf:38:
47:1c:98:09:0f:f0:f3:b4:9f:c6:eb:e4:a7:4b:2f:
ae:1a:c5:a7:f7:19:e7:4f:f7:52:3d:bb:25:c0:38:
05:fe:b6:19:a0:0f:1a:cb:ce:79:ca:57:88:5d:05:
c3:66:3f:cd:26:89:56:e0:42:a6:ac:4f:30:b7:39:
6e:c6:3d:42:c2:35:59:37:77:69:a1:5f:cc:cc:30:
4c:59:e2:02:d4:c5:d4:a2:4e:27:d4:87:77:cf:6a:
2c:bc:67:b5:74:28:16:21:39:db:f8:fe:13:b6:74:
64:b4:02:a6:b1:ed:ad:eb:62:f0:8d:6c:6f:9d:5e:
9c:ec:4f:1f:22:98:65:27:e8:08:c7:d1:22:0e:dd:
9b:90:41:0a:28:66:95:20:27:ee:fd:eb:c9:e5:01:
43:59:0c:b8:1b:2e:29:fc:b4:31:53:8c:0f:94:fd:
83:be:25:94:83:c5:b0:48:d2:c7:60:51:d9:05:3a:
89:0d:65:77:76:f2:9d:b5:18:43:45:e4:dc:f9:ee:
1d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:82:D6:76:66:92:35:FC:09:25:A2:56:F7:CE:99:88:1F:EA:52:8C
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS38254.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:160::/44
Signature Algorithm: sha256WithRSAEncryption
d6:84:1f:91:84:1e:94:a9:43:16:aa:ee:39:6e:3c:9a:0b:4c:
4c:a1:68:3b:31:85:ce:6d:a2:92:d3:da:ac:88:73:ba:2b:2f:
05:2b:15:24:3e:fb:36:b8:f8:a7:44:f3:54:b4:a9:40:b3:72:
31:87:84:70:20:0a:77:e1:fa:95:48:44:74:41:b7:0d:55:25:
d1:85:00:0b:af:0b:60:62:15:a6:80:34:bf:20:4a:bc:e2:db:
9a:2b:b5:af:a2:26:28:3e:91:3e:21:1e:05:2d:6e:10:32:30:
11:32:23:c7:44:ba:e8:58:22:e9:c5:75:1c:54:61:e6:13:5a:
a7:6b:a0:4a:c6:2b:b3:95:78:3d:83:6d:79:c2:7b:92:48:0c:
f7:49:90:29:f3:83:dd:fe:d7:20:30:ac:af:60:40:87:bc:a2:
03:dc:48:01:4c:fa:ca:00:0d:af:80:47:f2:e8:cb:cb:97:35:
35:9f:28:44:97:a0:d7:79:aa:8c:05:09:93:e8:5f:5e:a5:47:
1e:b0:4d:95:b7:13:cf:fb:d0:9e:6a:7e:25:db:43:21:9f:4c:
ea:7a:33:44:d8:8f:fb:d5:8f:ea:00:2c:59:c3:f1:fc:91:16:
be:99:1c:bb:11:6c:65:d5:a9:30:33:3f:be:18:bc:17:a2:11:
89:73:5f:da
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUY0FEKgOTGQQC3wZo2eEmHQ4/RBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM0NTlaFw0yNTExMDQwMzM5NTlaMDMxMTAvBgNV
BAMTKDNGODJENjc2NjY5MjM1RkMwOTI1QTI1NkY3Q0U5OTg4MUZFQTUyOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWaBHN8hWeu3Q+G3FFs0DFcyKq
/Jt3ZjzcnLImYGg0vkfWEJT2y3Y3qXZDgKML8K+nEK4BwOLiIPPPOEccmAkP8PO0
n8br5KdLL64axaf3GedP91I9uyXAOAX+thmgDxrLznnKV4hdBcNmP80miVbgQqas
TzC3OW7GPULCNVk3d2mhX8zMMExZ4gLUxdSiTifUh3fPaiy8Z7V0KBYhOdv4/hO2
dGS0Aqax7a3rYvCNbG+dXpzsTx8imGUn6AjH0SIO3ZuQQQooZpUgJ+7968nlAUNZ
DLgbLin8tDFTjA+U/YO+JZSDxbBI0sdgUdkFOokNZXd28p21GENF5Nz57h1jAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUP4LWdmaSNfwJJaJW986ZiB/qUowwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MzgyNTQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFAWAwDQYJKoZIhvcNAQELBQADggEBANaEH5GE
HpSpQxaq7jluPJoLTEyhaDsxhc5topLT2qyIc7orLwUrFSQ++za4+KdE81S0qUCz
cjGHhHAgCnfh+pVIRHRBtw1VJdGFAAuvC2BiFaaANL8gSrzi25orta+iJig+kT4h
HgUtbhAyMBEyI8dEuuhYIunFdRxUYeYTWqdroErGK7OVeD2DbXnCe5JIDPdJkCnz
g93+1yAwrK9gQIe8ogPcSAFM+soADa+AR/Loy8uXNTWfKESXoNd5qowFCZPoX16l
Rx6wTZW3E8/70J5qfiXbQyGfTOp6M0TYj/vVj+oALFnD8fyRFr6ZHLsRbGXVqTAz
P74YvBeiEYlzX9o=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:04:25 2024 by rpki-client on console-fra.rpki-client.org