Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399866.roa
File: AS399866.roa (raw, json)
Hash identifier: 6+G40Kuh0ED4MLvJVXg5AS3lx6bPwktp3XIcOh7FnCU=
Subject key identifier: 1B:EC:97:6A:78:57:F7:54:C2:9E:37:62:C2:04:7C:D0:CD:32:27:D8
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3CEEEC7224231E159034C7AC7CF616310B14A9BB
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399866.roa
Signing time: Tue 05 Dec 2023 02:44:15 +0000
ROA not before: Tue 05 Dec 2023 02:39:15 +0000
ROA not after: Tue 03 Dec 2024 02:44:15 +0000
asID: 399866
IP address blocks: 2a06:a005:1170::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Oct 2024 17:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:ee:ec:72:24:23:1e:15:90:34:c7:ac:7c:f6:16:31:0b:14:a9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:15 2023 GMT
Not After : Dec 3 02:44:15 2024 GMT
Subject: CN=1BEC976A7857F754C29E3762C2047CD0CD3227D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f4:e4:6d:d0:d9:fb:ee:16:50:73:93:4d:0d:
47:b3:7f:90:ab:b0:a8:2b:01:41:17:18:c6:fb:ee:
fb:d5:4d:a1:cd:85:0f:f4:bd:e1:ad:d9:47:5d:72:
35:34:04:b0:fc:e7:49:58:62:3e:d6:2f:f7:b4:f6:
f5:8a:da:a9:0f:37:5e:de:94:eb:c1:6e:e9:96:94:
02:17:54:e6:a8:ce:bb:e6:05:e6:19:df:fb:31:94:
c7:40:e7:ec:62:c1:ed:16:23:35:0d:a7:c5:a5:12:
48:8f:74:bb:a7:21:e5:9f:5a:03:a6:55:36:04:cb:
0e:4d:73:ec:81:f0:9d:39:a6:37:09:42:3f:82:7b:
32:29:b7:ff:c6:88:2e:f0:64:57:8a:11:08:4d:6c:
5f:6a:8c:68:85:5c:33:59:cc:30:26:3a:53:aa:db:
db:da:0b:07:04:7c:04:6a:35:fd:02:95:80:1b:c4:
6d:f7:60:2c:8f:46:87:c5:0c:01:18:9f:c6:fb:83:
4e:ec:10:3c:9e:76:28:64:fd:9e:02:88:77:31:e9:
38:d1:f5:54:47:64:9c:c5:6f:b3:2d:71:cb:75:e2:
0d:5e:7a:b1:0d:1d:45:95:3e:dd:b2:ea:d6:6f:cf:
b5:3a:e6:23:e7:66:11:9c:75:51:4f:bc:65:7b:9b:
8f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:EC:97:6A:78:57:F7:54:C2:9E:37:62:C2:04:7C:D0:CD:32:27:D8
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399866.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1170::/44
Signature Algorithm: sha256WithRSAEncryption
cc:ba:d3:f5:dd:c1:4c:38:a1:7a:27:44:2d:2d:db:e0:89:e7:
c8:8e:3c:92:52:d0:aa:c5:99:f3:fa:e5:d5:83:c1:71:e9:da:
0a:6e:90:7c:be:87:f6:e6:b1:84:70:74:b9:33:0f:01:ad:de:
15:85:4a:12:c7:75:04:fb:97:b7:a2:3f:1b:36:b6:11:db:8c:
b8:e9:bb:40:c3:2c:04:7f:46:40:a4:01:77:12:c3:0f:0a:49:
a9:2c:82:94:14:da:83:a2:5b:ab:61:ee:b8:c1:e4:ec:64:61:
0d:3a:08:91:60:9a:a0:88:08:a8:cd:a3:41:b1:b8:36:84:ef:
f5:87:94:7b:4a:24:ba:72:ea:dc:ba:a9:c9:92:e7:24:87:92:
0d:64:b7:48:cb:9c:ca:8a:73:b2:bd:0a:0d:0f:29:32:79:42:
2d:99:56:94:95:dc:54:2b:42:ab:6d:e9:3c:95:ee:59:f9:1c:
7a:c4:2e:a7:67:93:91:3c:75:9d:b5:35:20:6a:05:ac:6f:bb:
a3:73:50:10:2d:23:5d:04:5e:a4:eb:00:f1:23:0f:e7:bb:ec:
f9:6e:38:73:da:d5:34:e0:9f:89:07:7e:5f:8e:5d:c3:2b:1d:
da:8b:7e:c6:a0:41:c1:04:ed:2f:c6:06:c7:2e:4f:0b:b3:e3:
54:e5:0a:9a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUPO7sciQjHhWQNMesfPYWMQsUqbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDFCRUM5NzZBNzg1N0Y3NTRDMjlFMzc2MkMyMDQ3Q0QwQ0QzMjI3RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH9ORt0Nn77hZQc5NNDUezf5Cr
sKgrAUEXGMb77vvVTaHNhQ/0veGt2UddcjU0BLD850lYYj7WL/e09vWK2qkPN17e
lOvBbumWlAIXVOaozrvmBeYZ3/sxlMdA5+xiwe0WIzUNp8WlEkiPdLunIeWfWgOm
VTYEyw5Nc+yB8J05pjcJQj+CezIpt//GiC7wZFeKEQhNbF9qjGiFXDNZzDAmOlOq
29vaCwcEfARqNf0ClYAbxG33YCyPRofFDAEYn8b7g07sEDyedihk/Z4CiHcx6TjR
9VRHZJzFb7Mtcct14g1eerENHUWVPt2y6tZvz7U65iPnZhGcdVFPvGV7m48vAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUG+yXanhX91TCnjdiwgR80M0yJ9gwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk5ODY2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRFwMA0GCSqGSIb3DQEBCwUAA4IBAQDMutP1
3cFMOKF6J0QtLdvgiefIjjySUtCqxZnz+uXVg8Fx6doKbpB8vof25rGEcHS5Mw8B
rd4VhUoSx3UE+5e3oj8bNrYR24y46btAwywEf0ZApAF3EsMPCkmpLIKUFNqDolur
Ye64weTsZGENOgiRYJqgiAiozaNBsbg2hO/1h5R7SiS6curcuqnJkuckh5INZLdI
y5zKinOyvQoNDykyeUItmVaUldxUK0Krbek8le5Z+Rx6xC6nZ5ORPHWdtTUgagWs
b7ujc1AQLSNdBF6k6wDxIw/nu+z5bjhz2tU04J+JB35fjl3DKx3ai37GoEHBBO0v
xgbHLk8Ls+NU5Qqa
-----END CERTIFICATE-----
Generated at Wed Oct 30 00:59:39 2024 by rpki-client on console-ams.rpki-client.org