Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS398325.roa
File: AS398325.roa (raw, json)
Hash identifier: yv2FwaeSJrndZzXMYOlbu2STL7IxIWMisBSYwYKERUI=
Subject key identifier: 66:2F:F8:A8:D4:74:41:F5:D3:3B:A9:15:CE:88:74:B4:B2:40:3D:88
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4AD7A8912F2CAC9EDCBAAED4B058AA6BA5B9E768
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS398325.roa
Signing time: Tue 05 Dec 2023 02:44:10 +0000
ROA not before: Tue 05 Dec 2023 02:39:10 +0000
ROA not after: Tue 03 Dec 2024 02:44:10 +0000
asID: 398325
IP address blocks: 2a06:a005:5ba::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:d7:a8:91:2f:2c:ac:9e:dc:ba:ae:d4:b0:58:aa:6b:a5:b9:e7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:10 2023 GMT
Not After : Dec 3 02:44:10 2024 GMT
Subject: CN=662FF8A8D47441F5D33BA915CE8874B4B2403D88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:27:77:0b:aa:bc:45:8e:8e:1c:30:43:18:5b:
57:94:d1:40:70:96:f3:8c:a9:b8:e3:fb:14:3b:35:
91:bf:e0:98:f8:44:94:4a:42:80:77:58:89:e9:02:
3a:10:48:4d:04:11:b6:a3:46:63:99:7f:b2:4f:dd:
34:1b:39:d1:40:e5:10:51:14:a3:37:71:2d:91:cb:
60:bc:3c:75:8b:d7:94:dd:6b:53:90:61:d3:8c:e9:
80:81:21:67:77:88:ec:10:07:7d:6c:a2:7c:0d:e9:
5a:43:84:7d:31:81:ee:5b:cd:f4:3f:11:a2:a3:32:
75:69:29:0d:d8:7b:cc:b8:4f:89:06:28:26:38:8f:
60:80:e0:76:c6:3b:53:91:d0:35:4c:4f:80:80:2a:
79:70:30:eb:23:71:74:9f:81:5a:d0:2a:ea:f1:81:
88:f7:12:21:40:98:74:c7:6b:41:0d:df:c1:64:37:
47:bc:c2:8f:fb:a4:06:ca:84:97:e5:74:d5:42:60:
be:3f:4c:13:c0:d4:60:13:40:9a:9b:aa:89:a4:a1:
d4:0b:cc:4f:4e:a6:b2:59:8c:e3:fe:55:42:e4:05:
ba:4f:27:49:fc:04:52:23:e9:c1:ad:dc:07:16:2b:
16:0f:83:5b:76:aa:93:80:e3:0d:3b:a7:a9:38:9d:
43:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2F:F8:A8:D4:74:41:F5:D3:3B:A9:15:CE:88:74:B4:B2:40:3D:88
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS398325.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5ba::/48
Signature Algorithm: sha256WithRSAEncryption
24:4c:74:40:87:d1:ac:b6:c2:76:e8:85:c5:44:83:c4:00:1e:
a4:41:ba:0a:7e:91:27:b2:bd:32:cc:8d:c4:7d:56:d0:a2:d4:
dd:1e:f5:78:22:95:73:2e:5c:8d:3a:07:37:02:69:fd:b7:02:
ae:f4:b1:6b:42:95:69:cb:5d:90:8f:34:8c:61:68:53:d6:5b:
52:71:59:76:bc:dc:c7:dd:9e:89:fe:9e:aa:3c:4e:dd:50:3e:
0b:0b:bc:94:32:58:3b:16:01:81:51:5e:2d:d8:57:b0:56:9f:
cb:c3:62:2d:c2:f9:e9:23:f5:a5:53:25:92:db:f7:88:3d:dd:
7d:24:46:e0:8a:6c:c0:bf:62:02:46:d4:29:67:8a:c9:37:3a:
44:60:2f:9e:59:ca:3d:97:ad:ac:23:1d:5b:92:02:b9:4f:fd:
ac:7a:53:ef:80:44:6e:35:19:74:35:3d:26:ec:24:a5:ac:13:
95:ed:f0:3e:8a:a5:56:e9:6c:3b:d1:3a:ed:99:a8:6c:ba:d0:
60:bd:37:14:42:81:70:cf:98:da:38:55:55:1d:74:6a:75:c6:
b0:cd:7b:1d:97:00:00:82:cd:74:57:99:a0:db:f4:5f:93:43:
d6:40:a6:c1:77:10:7b:c4:7b:49:de:6f:d5:c2:d2:36:35:d1:
b8:ed:bc:c0
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUSteokS8srJ7cuq7UsFiqa6W552gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTBaFw0yNDEyMDMwMjQ0MTBaMDMxMTAvBgNV
BAMTKDY2MkZGOEE4RDQ3NDQxRjVEMzNCQTkxNUNFODg3NEI0QjI0MDNEODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBJ3cLqrxFjo4cMEMYW1eU0UBw
lvOMqbjj+xQ7NZG/4Jj4RJRKQoB3WInpAjoQSE0EEbajRmOZf7JP3TQbOdFA5RBR
FKM3cS2Ry2C8PHWL15Tda1OQYdOM6YCBIWd3iOwQB31sonwN6VpDhH0xge5bzfQ/
EaKjMnVpKQ3Ye8y4T4kGKCY4j2CA4HbGO1OR0DVMT4CAKnlwMOsjcXSfgVrQKurx
gYj3EiFAmHTHa0EN38FkN0e8wo/7pAbKhJfldNVCYL4/TBPA1GATQJqbqomkodQL
zE9OprJZjOP+VULkBbpPJ0n8BFIj6cGt3AcWKxYPg1t2qpOA4w07p6k4nUM/AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUZi/4qNR0QfXTO6kVzoh0tLJAPYgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk4MzI1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQW6MA0GCSqGSIb3DQEBCwUAA4IBAQAkTHRA
h9GstsJ26IXFRIPEAB6kQboKfpEnsr0yzI3EfVbQotTdHvV4IpVzLlyNOgc3Amn9
twKu9LFrQpVpy12QjzSMYWhT1ltScVl2vNzH3Z6J/p6qPE7dUD4LC7yUMlg7FgGB
UV4t2FewVp/Lw2ItwvnpI/WlUyWS2/eIPd19JEbgimzAv2ICRtQpZ4rJNzpEYC+e
Wco9l62sIx1bkgK5T/2selPvgERuNRl0NT0m7CSlrBOV7fA+iqVW6Ww70Trtmahs
utBgvTcUQoFwz5jaOFVVHXRqdcawzXsdlwAAgs10V5mg2/Rfk0PWQKbBdxB7xHtJ
3m/VwtI2NdG47bzA
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:32:18 2024 by rpki-client on console-fra.rpki-client.org