Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47689.roa
File: AS47689.roa (raw, json)
Hash identifier: misc+LdC9G2em2tiOLztg389Qo6+0ft+IsoXbK7OrqE=
Subject key identifier: BD:25:85:CC:FA:C0:96:A3:8C:03:14:A5:F4:BA:DB:C0:C2:3B:C3:C0
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 655A459025C33AD5172C057A35ED4E4102C65DD9
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47689.roa
Signing time: Tue 05 Nov 2024 03:40:05 +0000
ROA not before: Tue 05 Nov 2024 03:35:05 +0000
ROA not after: Tue 04 Nov 2025 03:40:05 +0000
asID: 47689
IP address blocks: 2a06:a005:a18::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 00:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:5a:45:90:25:c3:3a:d5:17:2c:05:7a:35:ed:4e:41:02:c6:5d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:05 2024 GMT
Not After : Nov 4 03:40:05 2025 GMT
Subject: CN=BD2585CCFAC096A38C0314A5F4BADBC0C23BC3C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f4:66:40:7c:16:87:b7:ce:f8:d0:c8:a3:f9:
19:7d:72:8c:70:ce:94:62:02:91:4f:ef:16:9b:d8:
b9:48:aa:7a:a1:df:31:d8:6c:85:f4:9c:6e:ef:d5:
65:fc:71:be:77:3d:e2:46:14:30:cf:4b:39:5a:55:
11:3b:cb:43:2d:ab:6d:03:28:32:09:be:09:77:0c:
39:af:46:d7:bd:0a:15:65:71:36:f4:80:a5:07:6c:
de:1e:30:33:47:fc:90:37:09:42:bf:cf:a1:d8:08:
c2:7d:05:12:47:13:09:d0:b5:f7:6e:b7:1e:74:30:
f1:09:b4:a5:70:ee:6e:ac:6b:f9:2b:50:a2:58:54:
b2:8d:a7:ab:0d:69:c0:10:ee:ec:50:a8:5b:05:bf:
d3:ae:ea:e8:07:62:9f:8d:2a:13:85:f8:b1:6c:fa:
f5:60:eb:fb:3c:f7:fd:de:5c:37:3f:cb:ac:c1:57:
e9:59:af:d6:90:b6:f6:17:5d:fc:c4:31:e1:99:9a:
75:3a:4f:aa:a5:c1:a0:9b:73:7d:4b:52:d4:c2:a8:
0a:fb:53:2e:0a:ba:4b:c0:85:52:89:de:a8:63:60:
ea:be:89:cb:fa:78:01:f1:27:e6:64:f5:de:9d:14:
6e:24:e2:af:05:39:4a:56:1f:a8:f4:fd:c0:36:10:
18:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:25:85:CC:FA:C0:96:A3:8C:03:14:A5:F4:BA:DB:C0:C2:3B:C3:C0
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47689.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a18::/45
Signature Algorithm: sha256WithRSAEncryption
c3:09:bb:5d:e0:76:41:07:ae:3d:ee:f8:e9:e9:37:2b:80:5d:
78:00:71:d5:3e:b1:fe:26:d6:87:40:c2:79:09:ed:a8:6a:bd:
b4:d5:9c:cb:52:80:37:cb:be:e3:40:14:5e:97:ee:ad:e0:5e:
a5:56:6c:b5:35:b0:e1:97:68:70:1a:b4:19:e0:07:e5:1b:28:
44:8e:64:ec:86:bb:05:47:9d:5a:ad:55:89:01:b8:0e:70:96:
d6:fc:77:8c:4f:f3:b0:37:95:71:c4:a3:2f:dd:e1:00:32:37:
64:e2:10:68:26:02:e7:09:16:0d:90:d4:2c:13:74:77:d7:98:
ee:72:1c:7d:27:b4:7a:52:e7:96:8a:b4:55:dc:52:89:60:cd:
12:94:49:e8:46:40:41:de:ed:05:1a:80:3e:be:3d:22:85:f6:
8e:d1:40:68:a3:6d:e7:da:71:19:02:a9:58:9f:10:8b:5f:72:
40:77:28:c4:0f:61:97:59:1b:82:c1:79:73:c3:e1:d4:b7:bf:
f6:c3:06:18:46:05:cc:d8:96:ba:1c:a3:72:6e:c8:94:64:bd:
a2:5b:1f:8c:52:b6:f1:14:dd:5d:23:1f:17:d4:b1:f0:45:4a:
aa:65:f3:bf:e5:fd:bf:e2:97:46:9b:91:bc:54:84:5f:51:8d:
bf:57:ec:89
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUZVpFkCXDOtUXLAV6Ne1OQQLGXdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDVaFw0yNTExMDQwMzQwMDVaMDMxMTAvBgNV
BAMTKEJEMjU4NUNDRkFDMDk2QTM4QzAzMTRBNUY0QkFEQkMwQzIzQkMzQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS9GZAfBaHt8740Mij+Rl9coxw
zpRiApFP7xab2LlIqnqh3zHYbIX0nG7v1WX8cb53PeJGFDDPSzlaVRE7y0Mtq20D
KDIJvgl3DDmvRte9ChVlcTb0gKUHbN4eMDNH/JA3CUK/z6HYCMJ9BRJHEwnQtfdu
tx50MPEJtKVw7m6sa/krUKJYVLKNp6sNacAQ7uxQqFsFv9Ou6ugHYp+NKhOF+LFs
+vVg6/s89/3eXDc/y6zBV+lZr9aQtvYXXfzEMeGZmnU6T6qlwaCbc31LUtTCqAr7
Uy4KukvAhVKJ3qhjYOq+icv6eAHxJ+Zk9d6dFG4k4q8FOUpWH6j0/cA2EBjFAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUvSWFzPrAlqOMAxSl9LrbwMI7w8AwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDc2ODkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwMqBqAFChgwDQYJKoZIhvcNAQELBQADggEBAMMJu13g
dkEHrj3u+OnpNyuAXXgAcdU+sf4m1odAwnkJ7ahqvbTVnMtSgDfLvuNAFF6X7q3g
XqVWbLU1sOGXaHAatBngB+UbKESOZOyGuwVHnVqtVYkBuA5wltb8d4xP87A3lXHE
oy/d4QAyN2TiEGgmAucJFg2Q1CwTdHfXmO5yHH0ntHpS55aKtFXcUolgzRKUSehG
QEHe7QUagD6+PSKF9o7RQGijbefacRkCqVifEItfckB3KMQPYZdZG4LBeXPD4dS3
v/bDBhhGBczYlroco3JuyJRkvaJbH4xStvEU3V0jHxfUsfBFSqpl87/l/b/il0ab
kbxUhF9Rjb9X7Ik=
-----END CERTIFICATE-----
Generated at Tue Dec 3 09:17:59 2024 by rpki-client on console-fra.rpki-client.org