Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39312e302f32342d3234203d3e203336323336.roa
File:                     3137362e35382e39312e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          Zb8jHMIKQeAHNztov9V8A4lrJRH+Ndj63sSmq/n5RFY=
Subject key identifier:   5B:A1:0E:26:B8:C1:F9:E5:8B:95:DF:20:EB:9A:EA:92:7C:E6:3E:13
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       462B0394527ECC45AF6F6C4887D54B27578CB50C
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39312e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 23:29:11 +0000
ROA not before:           Mon 06 Jul 2026 23:24:11 +0000
ROA not after:            Mon 05 Jul 2027 23:29:11 +0000
asID:                     36236
IP address blocks:        176.58.91.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 02:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:2b:03:94:52:7e:cc:45:af:6f:6c:48:87:d5:4b:27:57:8c:b5:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jul  6 23:24:11 2026 GMT
            Not After : Jul  5 23:29:11 2027 GMT
        Subject: CN=5BA10E26B8C1F9E58B95DF20EB9AEA927CE63E13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5f:03:da:07:cd:4f:f2:2b:55:a6:da:ef:d1:
                    8b:26:f8:62:67:d3:23:4c:b2:57:3a:41:71:66:a4:
                    22:95:9b:70:1f:a5:8e:f2:62:28:ff:0e:fa:f0:45:
                    95:5c:3a:f9:d9:e5:c4:7b:8a:0b:ba:1e:54:8f:7a:
                    11:8e:5d:af:59:45:1c:05:b7:a4:80:98:25:1b:1c:
                    18:60:67:77:03:61:64:de:3f:81:87:5e:d2:fc:4b:
                    2b:92:1b:37:a6:dc:45:0e:6b:d3:5c:43:52:4a:ee:
                    51:c6:46:32:0d:95:f6:70:a9:3a:d8:12:99:e0:3b:
                    ed:b0:19:4e:59:37:7f:c0:52:06:1c:3b:69:a8:1b:
                    e9:63:1c:cf:42:09:b8:64:9f:4e:a6:73:c4:ad:91:
                    4a:fb:e1:66:2b:19:10:27:37:25:cf:d2:c7:83:ef:
                    7a:99:56:43:ed:93:a3:c0:5e:5a:08:3f:b5:65:f1:
                    52:4e:b8:5a:d1:74:78:de:e6:71:ab:b8:ba:3b:d8:
                    42:ca:a2:45:0b:6c:04:64:25:be:b9:8e:b1:ba:f5:
                    58:31:1e:3e:07:9a:f4:bf:a7:bd:c2:e9:48:df:25:
                    df:65:6b:bd:55:95:e3:c7:0a:0c:c7:93:c3:dc:41:
                    34:6f:98:35:3f:73:69:db:6f:6c:8a:6f:47:8a:e7:
                    f6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A1:0E:26:B8:C1:F9:E5:8B:95:DF:20:EB:9A:EA:92:7C:E6:3E:13
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39312e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:5c:fe:c1:3d:6e:6c:09:32:b0:1f:80:d4:f5:a5:c5:bb:d7:
         a0:52:7e:70:ab:07:ff:c2:8e:02:1d:5f:3b:53:f7:2d:3d:52:
         86:35:cf:bb:84:d0:aa:5d:1a:c4:27:51:7e:4c:e4:83:03:6e:
         64:a4:d3:64:47:1d:35:d6:7e:9e:3e:b5:ca:fc:62:0c:05:85:
         8d:22:f2:35:d0:e8:49:1e:6c:5c:3a:5f:f2:58:ca:25:0b:c4:
         04:7a:f1:62:b8:c6:de:72:53:34:75:dc:f9:da:0f:82:d4:b3:
         f7:ac:f0:82:29:3b:a3:d8:4d:d8:f5:36:39:c3:04:e5:37:5c:
         8e:0a:34:7d:12:42:cc:b3:06:62:3c:bd:9d:49:c5:72:1f:7f:
         b3:36:30:10:13:7d:c7:70:42:ee:26:c8:ff:62:82:c5:b4:0f:
         df:55:a1:25:cb:3a:c2:78:65:10:77:f8:68:a0:a3:13:a2:b1:
         19:2a:5f:8f:64:c9:3a:55:79:a1:73:bd:86:8e:35:c1:83:1c:
         97:1e:72:db:53:66:53:0d:21:b9:e0:f6:3a:72:78:1a:f6:10:
         df:48:d1:cf:85:6d:3b:33:a5:d9:d8:1d:37:d5:8a:da:16:51:
         b3:cc:81:c7:7f:5e:27:b5:eb:53:55:ed:b4:00:75:b2:1a:31:
         05:bc:b8:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIURisDlFJ+zEWvb2xIh9VLJ1eMtQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNjA3MDYyMzI0MTFaFw0yNzA3MDUyMzI5MTFaMDMxMTAvBgNV
BAMTKDVCQTEwRTI2QjhDMUY5RTU4Qjk1REYyMEVCOUFFQTkyN0NFNjNFMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDXwPaB81P8itVptrv0Ysm+GJn
0yNMslc6QXFmpCKVm3AfpY7yYij/DvrwRZVcOvnZ5cR7igu6HlSPehGOXa9ZRRwF
t6SAmCUbHBhgZ3cDYWTeP4GHXtL8SyuSGzem3EUOa9NcQ1JK7lHGRjINlfZwqTrY
EpngO+2wGU5ZN3/AUgYcO2moG+ljHM9CCbhkn06mc8StkUr74WYrGRAnNyXP0seD
73qZVkPtk6PAXloIP7Vl8VJOuFrRdHje5nGruLo72ELKokULbARkJb65jrG69Vgx
Hj4HmvS/p73C6UjfJd9la71VlePHCgzHk8PcQTRvmDU/c2nbb2yKb0eK5/apAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUW6EOJrjB+eWLld8g65rqknzmPhMwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzNzM2MmUzNTM4MmUzOTMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALA6WzANBgkqhkiG9w0BAQsFAAOCAQEANVz+wT1u
bAkysB+A1PWlxbvXoFJ+cKsH/8KOAh1fO1P3LT1ShjXPu4TQql0axCdRfkzkgwNu
ZKTTZEcdNdZ+nj61yvxiDAWFjSLyNdDoSR5sXDpf8ljKJQvEBHrxYrjG3nJTNHXc
+doPgtSz96zwgik7o9hN2PU2OcME5Tdcjgo0fRJCzLMGYjy9nUnFch9/szYwEBN9
x3BC7ibI/2KCxbQP31WhJcs6wnhlEHf4aKCjE6KxGSpfj2TJOlV5oXO9ho41wYMc
lx5y21NmUw0hueD2OnJ4GvYQ30jRz4VtOzOl2dgdN9WK2hZRs8yBx39eJ7XrU1Xt
tAB1shoxBby4og==
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:32:39 2026 by rpki-client