Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399765.roa
File: AS399765.roa (raw, json)
Hash identifier: /DtsJBExK4OxjdG2uNWLwwvVRmcVQHcv/OEMEUqxwqk=
Subject key identifier: 00:A4:ED:0A:51:77:D5:38:9B:53:4F:F2:CF:23:C2:33:B2:93:E0:DB
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3A45FD4E3A7EEB25630652B540DC83807CEF09A4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399765.roa
Signing time: Sat 08 Feb 2025 19:57:05 +0000
ROA not before: Sat 08 Feb 2025 19:52:05 +0000
ROA not after: Sat 07 Feb 2026 19:57:05 +0000
asID: 399765
IP address blocks: 194.58.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:45:fd:4e:3a:7e:eb:25:63:06:52:b5:40:dc:83:80:7c:ef:09:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Feb 8 19:52:05 2025 GMT
Not After : Feb 7 19:57:05 2026 GMT
Subject: CN=00A4ED0A5177D5389B534FF2CF23C233B293E0DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:40:cc:97:3d:62:f3:cb:79:b1:32:71:42:94:
9d:c3:bf:ec:a0:5d:e2:ce:dd:ba:c7:b3:cf:37:59:
35:6b:dc:f7:e9:af:65:c0:5f:24:01:88:5d:f5:2e:
ce:2d:4b:0a:f3:67:dd:52:0e:1a:20:d3:03:b7:7a:
3b:88:12:9c:db:aa:e9:1e:b5:03:b1:92:c4:91:ca:
a6:e2:8f:69:e9:99:35:c0:ee:8d:83:29:9b:ed:41:
d6:46:57:ae:45:97:b3:3c:d0:24:2d:9a:66:ab:b7:
31:35:7e:54:dc:73:ca:ce:53:43:bc:7c:d8:74:b6:
b6:69:33:a9:f7:af:23:02:aa:20:4d:31:e9:c7:20:
fb:c0:eb:b1:bc:d1:d7:26:1b:5a:75:eb:6b:38:e3:
1c:91:0d:34:24:b3:99:93:fd:c5:6e:b8:bc:61:c7:
2e:e3:13:fa:08:fc:92:88:84:03:bc:b2:79:d3:d8:
a9:d5:d8:e3:5a:6b:f7:3c:b8:55:f5:88:07:35:a3:
8d:a7:69:1c:83:67:b9:19:ad:01:7f:6a:33:cb:f5:
cf:8a:fe:e5:e0:7e:21:ab:2d:f2:8f:45:18:59:b8:
a7:4f:ae:de:5a:bd:91:1c:a5:2e:86:ea:cb:93:14:
5f:a9:a6:2c:59:86:eb:84:20:fe:7f:cc:93:d1:ff:
18:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A4:ED:0A:51:77:D5:38:9B:53:4F:F2:CF:23:C2:33:B2:93:E0:DB
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.65.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:a2:00:40:b2:c4:83:a2:cb:b8:21:6a:b7:48:ba:cd:93:31:
8f:3a:ca:76:97:8a:03:cf:42:d0:51:4a:90:c8:fc:b8:f1:3b:
97:88:2e:95:48:6d:5d:1d:0f:e5:b0:71:d7:e1:54:f2:bc:54:
51:bc:c3:d9:7b:0b:c3:92:07:98:d4:e3:3c:aa:d0:98:6f:54:
e9:8a:60:3b:09:a4:de:e5:e8:32:78:95:2b:a0:1d:0e:b1:53:
c4:9b:d9:5d:51:e0:03:84:6c:a1:63:c5:21:ac:a7:2c:29:53:
37:11:eb:3c:73:6b:7d:16:cc:a1:85:b8:60:f8:4d:1a:0d:6b:
71:aa:99:35:7c:8e:ef:5a:48:7c:b5:cd:dc:a3:4d:2e:05:5c:
6a:03:50:e5:33:1b:2a:1a:a6:c0:a4:fa:20:1b:23:f9:98:b1:
48:cb:56:34:67:09:06:b7:b3:2f:26:cc:1b:cc:1a:4f:06:1a:
3a:0b:e6:51:6b:66:a6:2d:38:3b:cd:1d:4b:6b:57:97:b8:7b:
34:fa:44:4d:cb:26:15:65:d3:23:17:3d:ba:38:3f:83:2e:4c:
63:b0:1b:49:41:bb:49:a0:30:50:a6:ea:6c:6e:2c:7e:17:14:
df:57:7b:b8:45:bf:76:39:37:33:ea:44:70:3d:0d:0e:63:c4:
ca:93:65:03
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUOkX9Tjp+6yVjBlK1QNyDgHzvCaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAyMDgxOTUyMDVaFw0yNjAyMDcxOTU3MDVaMDMxMTAvBgNV
BAMTKDAwQTRFRDBBNTE3N0Q1Mzg5QjUzNEZGMkNGMjNDMjMzQjI5M0UwREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClQMyXPWLzy3mxMnFClJ3Dv+yg
XeLO3brHs883WTVr3Pfpr2XAXyQBiF31Ls4tSwrzZ91SDhog0wO3ejuIEpzbquke
tQOxksSRyqbij2npmTXA7o2DKZvtQdZGV65Fl7M80CQtmmartzE1flTcc8rOU0O8
fNh0trZpM6n3ryMCqiBNMenHIPvA67G80dcmG1p162s44xyRDTQks5mT/cVuuLxh
xy7jE/oI/JKIhAO8snnT2KnV2ONaa/c8uFX1iAc1o42naRyDZ7kZrQF/ajPL9c+K
/uXgfiGrLfKPRRhZuKdPrt5avZEcpS6G6suTFF+ppixZhuuEIP5/zJPR/xgfAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUAKTtClF31TibU0/yzyPCM7KT4NswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk5NzY1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAwjpBMA0GCSqGSIb3DQEBCwUAA4IBAQDPogBAssSD
osu4IWq3SLrNkzGPOsp2l4oDz0LQUUqQyPy48TuXiC6VSG1dHQ/lsHHX4VTyvFRR
vMPZewvDkgeY1OM8qtCYb1TpimA7CaTe5egyeJUroB0OsVPEm9ldUeADhGyhY8Uh
rKcsKVM3Ees8c2t9Fsyhhbhg+E0aDWtxqpk1fI7vWkh8tc3co00uBVxqA1DlMxsq
GqbApPogGyP5mLFIy1Y0ZwkGt7MvJswbzBpPBho6C+ZRa2amLTg7zR1La1eXuHs0
+kRNyyYVZdMjFz26OD+DLkxjsBtJQbtJoDBQpupsbix+FxTfV3u4Rb92OTcz6kRw
PQ0OY8TKk2UD
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:40:22 2025 by rpki-client