Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399840.roa
File: AS399840.roa (raw, json)
Hash identifier: kF6fymFsOQ5XP24nEHhkJ9yt0rXnQ/ZNvM97U3voh7k=
Subject key identifier: D5:4E:A0:65:08:7C:B5:98:12:B8:3A:35:F4:1A:88:6C:71:CB:37:5C
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4DCC9E145A5444723CE4CB975A3A0318B3DD83D6
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399840.roa
Signing time: Tue 16 Jan 2024 17:44:21 +0000
ROA not before: Tue 16 Jan 2024 17:39:21 +0000
ROA not after: Tue 14 Jan 2025 17:44:21 +0000
asID: 399840
IP address blocks: 2a06:a005:14e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:cc:9e:14:5a:54:44:72:3c:e4:cb:97:5a:3a:03:18:b3:dd:83:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Jan 16 17:39:21 2024 GMT
Not After : Jan 14 17:44:21 2025 GMT
Subject: CN=D54EA065087CB59812B83A35F41A886C71CB375C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:30:52:46:a9:56:a2:84:f6:f9:4f:0c:60:57:
5e:fc:31:84:ca:ca:2f:98:95:8c:a1:ce:e4:4b:45:
9b:e4:7d:1f:4e:65:71:5a:6b:72:5b:46:e6:6b:d7:
c6:97:a2:55:c8:d0:82:a8:3e:03:15:12:45:25:89:
24:71:79:bc:76:b6:95:10:ba:b0:62:de:b1:63:4a:
85:e1:07:fd:81:f5:7a:2d:2f:81:2e:55:32:a4:07:
d3:6b:80:c5:42:dc:1f:76:7e:f7:bd:f0:f8:6e:7f:
82:74:96:27:fb:cb:50:98:c0:d1:95:e8:47:d8:b1:
62:e0:f2:d1:fd:94:18:2f:2f:2b:7f:47:83:e8:97:
ef:ef:f2:f8:bb:18:e1:1d:c6:a2:28:81:e4:60:d7:
de:10:25:85:ca:47:f4:57:18:30:2b:18:31:c0:7e:
84:d5:b6:d3:52:c6:d1:c6:bb:77:28:d0:03:24:fb:
e9:55:bc:2d:8d:f3:cc:df:c0:19:14:35:c4:15:62:
f8:bb:02:98:d1:14:65:73:49:a3:a9:c7:85:b2:df:
5c:66:3b:4a:83:48:d8:a0:d8:b9:58:67:28:bc:92:
92:2f:30:92:15:76:45:57:2c:c2:7f:29:73:3d:d9:
ce:84:90:fb:69:b7:aa:ce:84:94:19:a0:36:8e:ec:
3c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4E:A0:65:08:7C:B5:98:12:B8:3A:35:F4:1A:88:6C:71:CB:37:5C
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:14e0::/44
Signature Algorithm: sha256WithRSAEncryption
d4:11:00:85:60:bb:63:aa:24:eb:c0:03:c3:93:63:67:91:db:
9a:47:b5:6a:59:c3:48:68:70:93:f3:93:67:b8:db:6c:e2:db:
3b:4a:b3:7b:e1:c4:55:7e:69:1b:76:b8:15:f0:5c:42:c4:b1:
2e:41:61:f6:26:f7:38:1b:89:a1:c7:fc:13:50:81:f5:50:58:
99:ab:d8:08:86:f3:db:70:11:ca:ff:58:84:c0:52:71:dd:f3:
0d:fe:44:38:a3:3f:08:72:88:07:1f:81:4b:ef:fc:de:1a:8c:
2e:c0:79:7a:9d:08:bc:ff:84:74:fd:3a:26:b5:8e:ca:d3:61:
8d:2d:32:43:c4:bb:9d:b1:d8:6d:14:24:6e:c6:a9:35:ef:05:
60:1d:4f:aa:9d:86:01:8b:b4:eb:8e:97:95:4e:4a:8c:e3:98:
a9:e3:02:a5:e1:d7:19:c2:55:7e:e1:8a:48:15:0a:9f:a5:87:
2e:9e:f5:6e:c4:61:ec:ad:88:db:f1:03:2a:09:93:1a:2d:38:
d4:4b:4f:9a:14:48:ac:ee:af:0e:5e:ae:e5:71:a8:85:8a:3e:
56:03:34:a8:5d:f3:c6:1a:4f:d4:31:9a:93:4f:a5:a9:8f:70:
5d:d7:fa:1b:eb:5e:27:f5:bc:9c:90:4a:96:55:ba:4f:e1:17:
3f:78:bf:a0
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUTcyeFFpURHI85MuXWjoDGLPdg9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMTYxNzM5MjFaFw0yNTAxMTQxNzQ0MjFaMDMxMTAvBgNV
BAMTKEQ1NEVBMDY1MDg3Q0I1OTgxMkI4M0EzNUY0MUE4ODZDNzFDQjM3NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnMFJGqVaihPb5TwxgV178MYTK
yi+YlYyhzuRLRZvkfR9OZXFaa3JbRuZr18aXolXI0IKoPgMVEkUliSRxebx2tpUQ
urBi3rFjSoXhB/2B9XotL4EuVTKkB9NrgMVC3B92fve98Phuf4J0lif7y1CYwNGV
6EfYsWLg8tH9lBgvLyt/R4Pol+/v8vi7GOEdxqIogeRg194QJYXKR/RXGDArGDHA
foTVttNSxtHGu3co0AMk++lVvC2N88zfwBkUNcQVYvi7ApjRFGVzSaOpx4Wy31xm
O0qDSNig2LlYZyi8kpIvMJIVdkVXLMJ/KXM92c6EkPtpt6rOhJQZoDaO7DyjAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU1U6gZQh8tZgSuDo19BqIbHHLN1wwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk5ODQwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRTgMA0GCSqGSIb3DQEBCwUAA4IBAQDUEQCF
YLtjqiTrwAPDk2NnkduaR7VqWcNIaHCT85NnuNts4ts7SrN74cRVfmkbdrgV8FxC
xLEuQWH2Jvc4G4mhx/wTUIH1UFiZq9gIhvPbcBHK/1iEwFJx3fMN/kQ4oz8IcogH
H4FL7/zeGowuwHl6nQi8/4R0/TomtY7K02GNLTJDxLudsdhtFCRuxqk17wVgHU+q
nYYBi7TrjpeVTkqM45ip4wKl4dcZwlV+4YpIFQqfpYcunvVuxGHsrYjb8QMqCZMa
LTjUS0+aFEis7q8OXq7lcaiFij5WAzSoXfPGGk/UMZqTT6Wpj3Bd1/ob614n9byc
kEqWVbpP4Rc/eL+g
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:37 2024 by rpki-client on console-fra.rpki-client.org