Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47689.roa
File: AS47689.roa (raw, json)
Hash identifier: mjhEtzwRQ6TB4w6FDPjlYcu4v93hu9pLrejmDNBrhpE=
Subject key identifier: C0:C0:A2:85:7E:6D:35:BF:FB:91:07:DC:B9:5C:40:2E:3D:DA:31:8F
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3BCDEB3A3B405B856754CDCD60452273EF9671BF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47689.roa
Signing time: Tue 05 Dec 2023 02:44:13 +0000
ROA not before: Tue 05 Dec 2023 02:39:13 +0000
ROA not after: Tue 03 Dec 2024 02:44:13 +0000
asID: 47689
IP address blocks: 2a06:a005:a18::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:cd:eb:3a:3b:40:5b:85:67:54:cd:cd:60:45:22:73:ef:96:71:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:13 2023 GMT
Not After : Dec 3 02:44:13 2024 GMT
Subject: CN=C0C0A2857E6D35BFFB9107DCB95C402E3DDA318F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8e:ce:d9:89:e1:e4:c4:31:c7:63:e0:65:92:
f6:f4:e3:a5:37:db:b5:d5:31:e8:99:5f:cc:74:95:
d4:11:94:dd:ce:e3:96:4a:dc:9d:f8:60:be:5c:32:
29:2a:ec:b6:8f:a5:c1:36:37:43:95:90:a6:27:20:
58:64:24:be:22:ba:54:de:1f:79:4b:c7:24:de:a6:
78:c0:ed:cc:a0:8b:e9:fe:7d:b9:4e:21:c0:e8:1c:
ed:1d:5e:b7:f1:00:ce:44:68:38:ad:9c:47:4d:6d:
99:90:56:93:1a:69:c1:2b:30:44:b9:c5:10:93:85:
9f:81:b5:e1:94:97:17:bf:64:a3:d4:0d:f9:ef:8a:
8d:a5:89:3e:9f:20:6f:42:e5:1a:14:46:45:38:a4:
1e:0c:85:4f:db:1e:75:a0:44:1d:b2:bc:ef:39:01:
ca:56:19:fb:d1:84:ae:a9:2a:2a:ca:de:bd:0d:2c:
1a:a5:ec:1c:9f:a2:43:77:50:6c:7e:88:fb:ac:48:
90:22:6a:86:1f:56:0a:f9:a4:74:14:01:cf:4a:ce:
bc:e8:05:bb:b6:71:2b:40:9f:a1:cd:f0:02:cb:b2:
36:19:ea:ba:8c:f3:44:2d:27:37:62:15:5e:13:fb:
fb:7f:1f:97:6f:45:71:53:6e:12:65:5a:6b:5d:b3:
c2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C0:A2:85:7E:6D:35:BF:FB:91:07:DC:B9:5C:40:2E:3D:DA:31:8F
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47689.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a18::/45
Signature Algorithm: sha256WithRSAEncryption
73:2e:57:20:31:3c:64:d9:95:78:23:3a:a7:17:b8:a6:85:22:
72:90:30:1e:16:77:69:f8:08:b7:7f:d0:90:f2:d5:af:46:ed:
ec:a6:48:38:03:2e:5b:9b:17:52:15:11:96:33:0f:ff:25:07:
04:53:60:7b:ee:af:02:50:e6:e2:41:38:80:79:72:54:43:49:
8d:ea:6e:53:2e:f2:e3:7c:df:d9:53:ae:19:04:38:fa:2a:43:
6f:8d:d0:8d:a2:8c:e0:66:39:b1:90:73:e0:7e:d5:35:91:b9:
6a:a1:63:f2:b3:e4:bb:92:6c:94:62:9b:3f:5a:31:95:d8:80:
da:2c:82:06:94:9a:be:f9:c4:ef:22:fb:34:24:6f:7e:30:8f:
23:ac:3d:72:f2:51:94:f0:ac:91:3a:c2:88:e5:62:9d:e6:cd:
f0:39:d5:ce:f5:cf:f0:fb:0f:ee:2e:a8:45:05:a5:94:02:fb:
11:07:ae:01:a1:4f:d2:c9:71:fd:27:92:d1:06:a6:2b:16:41:
c8:16:d8:b4:cb:2e:f4:c3:1d:78:a9:38:90:2e:46:4e:d4:72:
6a:92:c2:f8:e5:d9:fb:56:1a:fa:94:ea:77:28:a2:17:58:62:
86:c4:b0:a7:0f:8d:be:e5:3b:a5:9a:f1:de:69:c7:e8:aa:49:
f9:78:92:5d
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUO83rOjtAW4VnVM3NYEUic++Wcb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKEMwQzBBMjg1N0U2RDM1QkZGQjkxMDdEQ0I5NUM0MDJFM0REQTMxOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbjs7ZieHkxDHHY+Blkvb046U3
27XVMeiZX8x0ldQRlN3O45ZK3J34YL5cMikq7LaPpcE2N0OVkKYnIFhkJL4iulTe
H3lLxyTepnjA7cygi+n+fblOIcDoHO0dXrfxAM5EaDitnEdNbZmQVpMaacErMES5
xRCThZ+BteGUlxe/ZKPUDfnvio2liT6fIG9C5RoURkU4pB4MhU/bHnWgRB2yvO85
AcpWGfvRhK6pKirK3r0NLBql7ByfokN3UGx+iPusSJAiaoYfVgr5pHQUAc9Kzrzo
Bbu2cStAn6HN8ALLsjYZ6rqM80QtJzdiFV4T+/t/H5dvRXFTbhJlWmtds8KFAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUwMCihX5tNb/7kQfcuVxALj3aMY8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDc2ODkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwMqBqAFChgwDQYJKoZIhvcNAQELBQADggEBAHMuVyAx
PGTZlXgjOqcXuKaFInKQMB4Wd2n4CLd/0JDy1a9G7eymSDgDLlubF1IVEZYzD/8l
BwRTYHvurwJQ5uJBOIB5clRDSY3qblMu8uN839lTrhkEOPoqQ2+N0I2ijOBmObGQ
c+B+1TWRuWqhY/Kz5LuSbJRimz9aMZXYgNosggaUmr75xO8i+zQkb34wjyOsPXLy
UZTwrJE6wojlYp3mzfA51c71z/D7D+4uqEUFpZQC+xEHrgGhT9LJcf0nktEGpisW
QcgW2LTLLvTDHXipOJAuRk7UcmqSwvjl2ftWGvqU6ncoohdYYobEsKcPjb7lO6Wa
8d5px+iqSfl4kl0=
-----END CERTIFICATE-----
Generated at Fri Apr 19 15:09:23 2024 by rpki-client on console-fra.rpki-client.org