Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400304.roa
File: AS400304.roa (raw, json)
Hash identifier: x/pwjNCFpVBNLe4ruOBnqSO517tDiEXRRZxVWLhB0OA=
Subject key identifier: D8:98:30:99:39:0E:3B:27:60:79:BE:D4:E6:F4:D9:80:D8:0A:1D:4F
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 10D02EAB22E0A1606FC22A04D80DFD0E4A274BA2
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400304.roa
Signing time: Wed 02 Oct 2024 23:38:34 +0000
ROA not before: Wed 02 Oct 2024 23:33:34 +0000
ROA not after: Wed 01 Oct 2025 23:38:34 +0000
asID: 400304
IP address blocks: 104.167.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d0:2e:ab:22:e0:a1:60:6f:c2:2a:04:d8:0d:fd:0e:4a:27:4b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Oct 2 23:33:34 2024 GMT
Not After : Oct 1 23:38:34 2025 GMT
Subject: CN=D8983099390E3B276079BED4E6F4D980D80A1D4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:cf:af:99:da:be:68:51:ec:07:d0:90:60:
7d:4f:e2:c3:4e:bf:06:fa:c6:cd:a4:ca:60:1d:3e:
0c:dc:88:b5:62:35:23:ea:82:0c:96:bf:12:b5:de:
59:90:6e:cc:49:34:2d:1e:59:49:0d:af:a5:43:f6:
4e:14:15:87:ed:f0:7c:65:2c:79:d5:91:d2:e8:e8:
11:75:da:52:39:f2:83:86:53:c7:d6:fc:94:a7:38:
18:4f:bc:cb:f3:e4:9e:86:66:d2:a0:e5:84:9a:45:
08:12:55:9a:0e:27:cb:12:b5:7b:7b:38:69:1b:79:
44:10:28:34:a8:31:81:43:2d:50:6c:c2:ca:a5:14:
97:3b:e9:f0:99:57:00:69:73:f0:e7:14:71:56:8a:
79:72:03:f8:d2:ce:20:cb:07:b1:bf:14:b9:a1:d8:
33:f7:2a:7f:5a:cb:d7:c4:3c:87:1f:e6:f7:fb:fd:
bb:83:b6:1e:8f:70:c4:18:93:59:07:7a:59:a8:d7:
ac:ed:09:8b:03:94:63:4c:0d:ef:3f:ac:ee:f4:c0:
fc:7a:62:13:67:ff:a8:fd:99:ff:f2:a3:47:ed:ce:
e6:91:51:11:58:4b:bd:bd:77:0d:6c:42:f4:d5:34:
48:54:09:75:0d:8a:e3:9e:5e:69:c0:ea:f7:25:d8:
a5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:98:30:99:39:0E:3B:27:60:79:BE:D4:E6:F4:D9:80:D8:0A:1D:4F
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.17.0/24
Signature Algorithm: sha256WithRSAEncryption
30:40:c4:4e:bf:67:7b:5d:c3:bb:a3:9c:e0:5e:a6:d0:c7:90:
52:70:2d:86:30:11:68:4f:53:53:50:12:d4:2a:e0:d9:3d:b4:
76:23:28:4b:32:5e:e6:a3:c1:2d:85:16:6d:2c:07:97:7f:21:
6a:7b:24:97:86:9b:1d:e6:47:3c:75:3a:8a:63:8d:6a:0a:29:
7a:c1:7c:29:30:5f:ff:26:6e:01:7d:64:02:b1:18:2a:76:04:
61:e6:65:61:5d:0a:fd:b2:80:90:59:a0:69:b4:de:1f:44:10:
85:49:2a:ab:ee:96:34:5f:14:e4:86:bd:cc:24:ff:1e:a3:7b:
da:6b:b6:63:93:c9:32:ac:56:5f:95:78:b1:a4:e8:1f:98:f2:
45:1d:70:43:d6:d6:c3:b6:58:15:89:7c:8d:76:2c:83:8d:64:
5e:48:55:ac:d4:f0:fe:a5:ed:03:07:b4:ef:eb:21:36:cf:66:
d2:41:c9:09:00:f0:83:39:97:e4:ef:7b:a1:19:c9:ca:5b:23:
fe:8c:5e:1c:74:2e:58:14:02:40:66:44:4e:30:af:d3:c2:fe:
2e:13:33:f1:1a:ab:ad:56:b8:fd:3f:51:c3:0a:52:63:8e:a9:
5c:9b:68:69:3e:fb:3a:97:db:d9:ae:47:2b:a7:00:86:39:f1:
3d:55:7c:40
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUENAuqyLgoWBvwioE2A39DkonS6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEwMDIyMzMzMzRaFw0yNTEwMDEyMzM4MzRaMDMxMTAvBgNV
BAMTKEQ4OTgzMDk5MzkwRTNCMjc2MDc5QkVENEU2RjREOTgwRDgwQTFENEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpM8+vmdq+aFHsB9CQYH1P4sNO
vwb6xs2kymAdPgzciLViNSPqggyWvxK13lmQbsxJNC0eWUkNr6VD9k4UFYft8Hxl
LHnVkdLo6BF12lI58oOGU8fW/JSnOBhPvMvz5J6GZtKg5YSaRQgSVZoOJ8sStXt7
OGkbeUQQKDSoMYFDLVBswsqlFJc76fCZVwBpc/DnFHFWinlyA/jSziDLB7G/FLmh
2DP3Kn9ay9fEPIcf5vf7/buDth6PcMQYk1kHelmo16ztCYsDlGNMDe8/rO70wPx6
YhNn/6j9mf/yo0ftzuaRURFYS729dw1sQvTVNEhUCXUNiuOeXmnA6vcl2KUFAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQU2JgwmTkOOydgeb7U5vTZgNgKHU8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDAwMzA0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAaKcRMA0GCSqGSIb3DQEBCwUAA4IBAQAwQMROv2d7
XcO7o5zgXqbQx5BScC2GMBFoT1NTUBLUKuDZPbR2IyhLMl7mo8EthRZtLAeXfyFq
eySXhpsd5kc8dTqKY41qCil6wXwpMF//Jm4BfWQCsRgqdgRh5mVhXQr9soCQWaBp
tN4fRBCFSSqr7pY0XxTkhr3MJP8eo3vaa7Zjk8kyrFZflXixpOgfmPJFHXBD1tbD
tlgViXyNdiyDjWReSFWs1PD+pe0DB7Tv6yE2z2bSQckJAPCDOZfk73uhGcnKWyP+
jF4cdC5YFAJAZkROMK/Twv4uEzPxGqutVrj9P1HDClJjjqlcm2hpPvs6l9vZrkcr
pwCGOfE9VXxA
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:37 2024 by rpki-client on console-fra.rpki-client.org