Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS7721.roa
File: AS7721.roa (raw, json)
Hash identifier: q5a3uwqdq9zTdIzthjtjJM6GQQpLTUIm5ayfW9ed8NE=
Subject key identifier: 7A:BC:CF:D2:5F:21:CA:9C:71:97:94:63:EA:D1:6C:92:45:47:D3:58
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 7C514927043EC1551E8774EBCEDB2455FC31E01D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS7721.roa
Signing time: Tue 05 Dec 2023 02:44:12 +0000
ROA not before: Tue 05 Dec 2023 02:39:12 +0000
ROA not after: Tue 03 Dec 2024 02:44:12 +0000
asID: 7721
IP address blocks: 2a06:a005:220::/44 maxlen: 48
2a06:a005:230::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:51:49:27:04:3e:c1:55:1e:87:74:eb:ce:db:24:55:fc:31:e0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:12 2023 GMT
Not After : Dec 3 02:44:12 2024 GMT
Subject: CN=7ABCCFD25F21CA9C71979463EAD16C924547D358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:23:52:d4:1c:0e:d9:8e:bf:7f:5d:e0:1b:13:
60:90:43:5d:2b:36:f7:29:3c:f1:73:cf:f2:44:17:
16:ce:73:74:9d:57:b5:90:df:19:8b:0c:12:60:99:
98:55:48:e1:f2:7d:40:28:28:51:ae:e1:05:0a:73:
58:ae:97:87:59:82:d0:86:c5:84:84:a1:14:08:5c:
f7:7f:d9:e7:c3:9b:ca:7a:f5:19:f1:35:50:b3:34:
e2:26:82:42:9a:96:c8:71:cd:61:86:7d:de:22:78:
1d:07:5c:46:c8:61:c9:09:2f:5c:92:8d:d6:b9:a7:
b5:20:13:04:47:c5:d9:ed:b9:b3:80:4a:9d:2b:c1:
ae:f6:9a:dd:f8:ed:6b:a5:bf:4a:9d:22:f8:41:96:
b9:3f:22:fb:45:9e:01:98:d7:d7:61:5e:df:e2:4d:
99:ff:1a:6b:c4:a9:f3:2d:fe:af:8e:89:f6:ad:97:
88:3b:75:9e:d2:06:bf:17:d3:a7:e8:1e:61:44:cc:
bf:34:63:05:e5:1a:64:9a:23:00:1e:8c:08:3c:a0:
30:8c:b2:5f:03:e7:fc:d2:00:4c:4c:ad:20:ca:9a:
96:a9:4f:56:af:40:de:72:92:48:5b:2e:a6:df:36:
c8:59:e1:46:ea:82:b1:bf:9c:7a:0a:ab:b4:46:2f:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BC:CF:D2:5F:21:CA:9C:71:97:94:63:EA:D1:6C:92:45:47:D3:58
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS7721.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:220::/43
Signature Algorithm: sha256WithRSAEncryption
ca:93:8c:d2:b0:a0:2b:0c:6b:65:ae:4b:b2:38:34:13:d1:13:
7b:e6:e7:93:e8:ca:da:45:b7:ec:74:5b:6c:78:41:44:9f:2f:
07:8d:e5:61:3f:75:fa:4f:16:a9:79:55:c4:ca:54:e5:06:ab:
40:50:59:03:ec:27:fb:f7:c2:16:1a:70:e5:d9:3f:ec:c2:33:
08:00:ac:a5:d2:5f:07:c4:3e:f2:6d:68:0e:f4:dd:fc:1e:3b:
da:d0:a5:af:0e:8d:d2:27:06:e9:7b:9b:b3:a6:bf:27:23:79:
96:d3:9f:f0:d2:6b:ce:7d:76:12:3e:4c:50:64:c6:cc:53:b7:
ab:10:de:40:65:b2:88:22:59:b4:4b:8a:09:a7:51:2e:8f:60:
f2:4f:b3:11:62:ef:0d:9a:c6:51:46:5c:bc:4d:b6:e2:21:bf:
a9:ae:16:95:d2:c1:b7:f5:fe:37:4f:19:34:f5:12:74:00:12:
ab:2a:42:12:1f:23:6c:a6:e8:8c:8d:d8:0f:40:99:05:66:f5:
8e:6f:3f:62:f6:06:eb:c2:f1:75:11:0c:e8:da:67:85:18:54:
08:af:4d:91:9b:37:69:49:88:50:3d:cd:fc:fd:11:2f:08:14:
49:56:09:94:93:9d:75:f8:1a:2e:45:60:e9:a9:49:ac:fa:6e:
e1:6d:0f:6f
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUfFFJJwQ+wVUeh3TrztskVfwx4B0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTJaFw0yNDEyMDMwMjQ0MTJaMDMxMTAvBgNV
BAMTKDdBQkNDRkQyNUYyMUNBOUM3MTk3OTQ2M0VBRDE2QzkyNDU0N0QzNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlI1LUHA7Zjr9/XeAbE2CQQ10r
NvcpPPFzz/JEFxbOc3SdV7WQ3xmLDBJgmZhVSOHyfUAoKFGu4QUKc1iul4dZgtCG
xYSEoRQIXPd/2efDm8p69RnxNVCzNOImgkKalshxzWGGfd4ieB0HXEbIYckJL1yS
jda5p7UgEwRHxdntubOASp0rwa72mt347Wulv0qdIvhBlrk/IvtFngGY19dhXt/i
TZn/GmvEqfMt/q+Oifatl4g7dZ7SBr8X06foHmFEzL80YwXlGmSaIwAejAg8oDCM
sl8D5/zSAExMrSDKmpapT1avQN5ykkhbLqbfNshZ4UbqgrG/nHoKq7RGL5WBAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUerzP0l8hypxxl5Rj6tFskkVH01gwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NzcyMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB
/wQTMBEwDwQCAAIwCQMHBSoGoAUCIDANBgkqhkiG9w0BAQsFAAOCAQEAypOM0rCg
KwxrZa5Lsjg0E9ETe+bnk+jK2kW37HRbbHhBRJ8vB43lYT91+k8WqXlVxMpU5Qar
QFBZA+wn+/fCFhpw5dk/7MIzCACspdJfB8Q+8m1oDvTd/B472tClrw6N0icG6Xub
s6a/JyN5ltOf8NJrzn12Ej5MUGTGzFO3qxDeQGWyiCJZtEuKCadRLo9g8k+zEWLv
DZrGUUZcvE224iG/qa4WldLBt/X+N08ZNPUSdAASqypCEh8jbKbojI3YD0CZBWb1
jm8/YvYG68LxdREM6NpnhRhUCK9NkZs3aUmIUD3N/P0RLwgUSVYJlJOddfgaLkVg
6alJrPpu4W0Pbw==
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:13 2024 by rpki-client on console-fra.rpki-client.org