Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: 8n4cxQdOJVWH4VpOSmj5z+23jnTLlqXgNclYKJqua7Y=
Subject key identifier: B2:89:C5:18:37:9D:32:22:E5:4F:A0:6E:37:BC:CE:68:C3:62:70:48
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 2020B8113670555A2D5E6058187DEDB72F033115
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS40676.roa
Signing time: Wed 01 May 2024 00:08:27 +0000
ROA not before: Wed 01 May 2024 00:03:27 +0000
ROA not after: Wed 30 Apr 2025 00:08:27 +0000
asID: 40676
IP address blocks: 2a05:dfc3::/32 maxlen: 48
2a06:9f40::/32 maxlen: 48
2a06:9f46::/32 maxlen: 48
2a09:54c1::/32 maxlen: 48
2a09:54c3::/32 maxlen: 48
2a09:54c7::/32 maxlen: 48
2a0a:6041::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:20:b8:11:36:70:55:5a:2d:5e:60:58:18:7d:ed:b7:2f:03:31:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: May 1 00:03:27 2024 GMT
Not After : Apr 30 00:08:27 2025 GMT
Subject: CN=B289C518379D3222E54FA06E37BCCE68C3627048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:db:eb:cb:e8:d5:aa:e4:e9:b4:8c:de:09:64:
df:52:3a:65:67:f6:f3:48:da:01:62:60:87:d0:c9:
ca:b6:b7:f5:19:08:ed:7c:37:fa:86:56:43:34:b3:
4c:23:af:a1:68:2e:4d:23:c5:f4:57:cf:0b:27:b4:
dc:c2:40:fd:aa:cc:ea:38:4e:77:4c:39:d6:93:57:
cc:34:34:aa:dd:e4:9c:60:e0:18:76:18:56:06:74:
9d:5e:f4:74:ec:fa:85:84:c2:c0:ae:62:b9:db:2c:
6d:0b:70:d8:75:dd:cb:8f:25:7e:5a:27:49:ea:61:
a1:47:c4:df:e4:d1:c0:54:98:c0:44:97:c4:40:f7:
37:6e:dd:24:d9:63:ed:ed:1e:bc:c6:9e:53:4e:e2:
84:6e:34:d4:94:74:c6:e5:65:d5:fc:81:15:db:c1:
bb:eb:14:bd:96:4e:5f:98:23:a3:a9:63:1d:fa:f5:
f4:01:d2:ff:57:1a:35:35:76:52:59:11:e7:fa:b4:
0b:fa:e3:3f:49:a4:47:19:c2:2a:75:43:a7:e4:4a:
e1:7e:9d:9c:5d:8c:9e:73:a3:5e:25:fd:a2:6c:43:
58:11:46:0a:00:b1:48:bb:ee:fb:3f:e3:be:6d:8f:
92:d3:d2:5a:64:51:2c:d4:b9:0c:5a:68:2f:c1:db:
1f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:C5:18:37:9D:32:22:E5:4F:A0:6E:37:BC:CE:68:C3:62:70:48
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3::/32
2a06:9f40::/32
2a06:9f46::/32
2a09:54c1::/32
2a09:54c3::/32
2a09:54c7::/32
2a0a:6041::/32
Signature Algorithm: sha256WithRSAEncryption
cf:71:6d:b7:62:b6:54:2f:88:32:04:91:cc:e7:88:3c:9c:b1:
0a:b7:c0:21:8f:64:82:c4:88:c3:5c:8c:92:bb:62:df:01:98:
a6:78:89:30:f7:0c:fc:f5:22:c4:b5:4e:8f:76:65:98:3b:5a:
fb:47:40:2a:47:4d:de:eb:92:9a:94:0c:5e:9c:4e:74:53:87:
4f:55:33:09:bb:af:dd:05:b5:46:a5:67:38:94:99:8c:4d:e4:
f9:7e:19:8d:55:a5:db:f8:4a:b9:2b:2c:01:54:6b:3d:37:65:
d3:1b:d4:42:7a:74:dc:bb:0a:26:77:30:6e:2e:28:8b:ea:0d:
37:63:9a:5c:fa:fa:52:28:1c:0f:2a:4d:6e:6f:97:81:6b:46:
63:32:dd:47:a2:5b:af:93:13:68:37:31:cf:21:75:07:bf:c5:
b0:f2:c7:f1:74:5f:f8:28:3a:66:f1:90:92:d6:45:12:ac:6f:
90:37:16:da:55:d7:c4:c5:f0:dc:a6:1a:cd:66:f3:06:09:c7:
94:b3:db:63:85:08:8a:71:96:10:f4:6f:fb:36:e9:a3:7b:b0:
5b:6b:c8:62:dc:59:c6:75:1e:be:c1:b3:3a:48:62:5d:8b:13:
f5:88:0e:12:a5:6c:47:87:a1:2b:f9:9b:e9:75:d1:96:c5:0a:
b3:58:1c:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUICC4ETZwVVotXmBYGH3tty8DMRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA1MDEwMDAzMjdaFw0yNTA0MzAwMDA4MjdaMDMxMTAvBgNV
BAMTKEIyODlDNTE4Mzc5RDMyMjJFNTRGQTA2RTM3QkNDRTY4QzM2MjcwNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ2+vL6NWq5Om0jN4JZN9SOmVn
9vNI2gFiYIfQycq2t/UZCO18N/qGVkM0s0wjr6FoLk0jxfRXzwsntNzCQP2qzOo4
TndMOdaTV8w0NKrd5Jxg4Bh2GFYGdJ1e9HTs+oWEwsCuYrnbLG0LcNh13cuPJX5a
J0nqYaFHxN/k0cBUmMBEl8RA9zdu3STZY+3tHrzGnlNO4oRuNNSUdMblZdX8gRXb
wbvrFL2WTl+YI6OpYx369fQB0v9XGjU1dlJZEef6tAv64z9JpEcZwip1Q6fkSuF+
nZxdjJ5zo14l/aJsQ1gRRgoAsUi77vs/475tj5LT0lpkUSzUuQxaaC/B2x9/AgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQUsonFGDedMiLlT6BuN7zOaMNicEgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDA2NzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcB
Af8EOzA5MDcEAgACMDEDBQAqBd/DAwUAKgafQAMFACoGn0YDBQAqCVTBAwUAKglU
wwMFACoJVMcDBQAqCmBBMA0GCSqGSIb3DQEBCwUAA4IBAQDPcW23YrZUL4gyBJHM
54g8nLEKt8Ahj2SCxIjDXIySu2LfAZimeIkw9wz89SLEtU6PdmWYO1r7R0AqR03e
65KalAxenE50U4dPVTMJu6/dBbVGpWc4lJmMTeT5fhmNVaXb+Eq5KywBVGs9N2XT
G9RCenTcuwomdzBuLiiL6g03Y5pc+vpSKBwPKk1ub5eBa0ZjMt1HoluvkxNoNzHP
IXUHv8Ww8sfxdF/4KDpm8ZCS1kUSrG+QNxbaVdfExfDcphrNZvMGCceUs9tjhQiK
cZYQ9G/7Numje7Bba8hi3FnGdR6+wbM6SGJdixP1iA4SpWxHh6Er+ZvpddGWxQqz
WBxx
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:34 2024 by rpki-client on console-ams.rpki-client.org