Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e33342e322e302f32342d3234203d3e203336323336.roa
File:                     3138352e33342e322e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          ASq2YM53IjdvUt/OEykAeG36rT2g8BxfEDsX45QXXuQ=
Subject key identifier:   A5:73:48:29:80:E0:92:0A:4C:53:39:69:9D:99:00:8B:DD:B9:0A:8D
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       6E74A17B74A30033A273A6D36D6710C7CCC0CE15
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e33342e322e302f32342d3234203d3e203336323336.roa
Signing time:             Thu 25 Jun 2026 19:29:04 +0000
ROA not before:           Thu 25 Jun 2026 19:24:04 +0000
ROA not after:            Thu 24 Jun 2027 19:29:04 +0000
asID:                     36236
IP address blocks:        185.34.2.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 02:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:74:a1:7b:74:a3:00:33:a2:73:a6:d3:6d:67:10:c7:cc:c0:ce:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jun 25 19:24:04 2026 GMT
            Not After : Jun 24 19:29:04 2027 GMT
        Subject: CN=A573482980E0920A4C5339699D99008BDDB90A8D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bf:1f:c6:e6:48:8d:31:bb:5e:2c:af:d5:11:
                    6c:10:45:7a:b1:7e:e5:6f:6c:be:8b:9d:c0:48:d6:
                    e2:4f:4c:c5:52:d5:40:8e:08:eb:33:ad:7e:f2:6d:
                    06:b6:e6:ed:6b:e2:bb:28:75:8a:b8:aa:03:dc:bd:
                    eb:22:b2:2b:0f:be:e1:02:61:d4:fd:a5:00:34:aa:
                    46:69:30:74:29:0e:b2:f7:98:0c:6c:45:e2:3c:6d:
                    61:83:68:b5:1a:fa:3c:ea:57:8d:4f:a0:3a:3a:d7:
                    be:47:63:69:c0:62:36:d3:6a:66:41:e2:05:3b:e0:
                    4e:53:af:4f:b6:f9:88:94:91:9f:26:52:fd:f4:dc:
                    84:8e:a0:e4:da:51:2c:40:57:2d:87:08:6b:25:36:
                    10:64:36:34:81:48:cb:e6:81:68:92:aa:1f:79:c5:
                    a7:b6:58:2c:21:6a:80:a4:f6:3f:6d:6e:21:0d:82:
                    cf:dc:3c:9f:6e:d7:34:af:e9:cf:31:ae:b6:59:be:
                    ee:df:9b:87:2c:10:e8:48:eb:9c:cd:e4:35:5c:4b:
                    56:1b:8a:9b:c8:f2:66:e4:1b:a3:14:1c:ce:e4:04:
                    18:c0:be:92:d8:35:1a:5f:e8:74:68:69:68:a6:78:
                    bb:5c:0b:51:48:11:81:37:bb:bb:25:3b:57:f9:a9:
                    88:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:73:48:29:80:E0:92:0A:4C:53:39:69:9D:99:00:8B:DD:B9:0A:8D
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e33342e322e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.34.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:85:34:fe:ed:da:15:d8:ea:7b:62:08:ea:af:36:90:ca:28:
         ce:dd:f0:a7:40:e7:13:7b:f0:9d:18:98:b4:12:cb:34:a5:ba:
         10:7e:f0:6f:80:b1:33:66:22:d4:9a:8b:37:f5:0d:e3:c9:e0:
         e8:61:83:f4:e0:f8:6f:77:88:f1:4a:1d:bc:79:44:82:35:d2:
         ce:49:4b:5b:ef:cd:26:43:e8:47:dc:f3:2b:b3:c0:bf:97:af:
         76:34:c9:b0:0c:1c:ce:a2:5c:d4:73:6d:44:d3:77:25:ec:07:
         da:0a:4c:1e:ae:0f:88:25:09:d7:e6:be:c4:e2:7f:b0:3a:06:
         f1:fb:34:0b:b3:18:56:76:46:ea:ae:91:1f:9f:12:dd:b0:d8:
         2e:12:00:68:c2:49:f6:60:96:ad:29:1e:7f:0c:82:f8:34:38:
         fb:39:93:76:4e:ba:50:0c:31:9b:13:bb:f5:71:f6:29:0f:79:
         1b:97:83:1b:98:dd:29:30:dd:45:fc:1e:9e:e1:43:ab:62:c2:
         fe:aa:c8:39:fe:3a:55:94:7e:eb:c3:5d:7e:04:eb:fe:b5:0e:
         9c:c3:fa:54:db:41:31:2d:29:2f:b3:6e:ef:7a:6f:2b:f1:6f:
         2b:17:0c:e6:e4:bb:c6:4c:48:15:e4:aa:d1:4c:c3:0b:45:4b:
         d2:1d:85:59
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUbnShe3SjADOic6bTbWcQx8zAzhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNjA2MjUxOTI0MDRaFw0yNzA2MjQxOTI5MDRaMDMxMTAvBgNV
BAMTKEE1NzM0ODI5ODBFMDkyMEE0QzUzMzk2OTlEOTkwMDhCRERCOTBBOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQvx/G5kiNMbteLK/VEWwQRXqx
fuVvbL6LncBI1uJPTMVS1UCOCOszrX7ybQa25u1r4rsodYq4qgPcvesisisPvuEC
YdT9pQA0qkZpMHQpDrL3mAxsReI8bWGDaLUa+jzqV41PoDo6175HY2nAYjbTamZB
4gU74E5Tr0+2+YiUkZ8mUv303ISOoOTaUSxAVy2HCGslNhBkNjSBSMvmgWiSqh95
xae2WCwhaoCk9j9tbiENgs/cPJ9u1zSv6c8xrrZZvu7fm4csEOhI65zN5DVcS1Yb
ipvI8mbkG6MUHM7kBBjAvpLYNRpf6HRoaWimeLtcC1FIEYE3u7slO1f5qYhPAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUpXNIKYDgkgpMUzlpnZkAi925Co0wHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBnQYIKwYB
BQUHAQsEgZAwgY0wgYoGCCsGAQUFBzALhn5yc3luYzovL3Jwa2ktcnBzLmFyaW4u
bmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYv
MS8zMTM4MzUyZTMzMzQyZTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzNjMy
MzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEALkiAjANBgkqhkiG9w0BAQsFAAOCAQEAXYU0/u3aFdjq
e2II6q82kMoozt3wp0DnE3vwnRiYtBLLNKW6EH7wb4CxM2Yi1JqLN/UN48ng6GGD
9OD4b3eI8UodvHlEgjXSzklLW+/NJkPoR9zzK7PAv5evdjTJsAwczqJc1HNtRNN3
JewH2gpMHq4PiCUJ1+a+xOJ/sDoG8fs0C7MYVnZG6q6RH58S3bDYLhIAaMJJ9mCW
rSkefwyC+DQ4+zmTdk66UAwxmxO79XH2KQ95G5eDG5jdKTDdRfwenuFDq2LC/qrI
Of46VZR+68NdfgTr/rUOnMP6VNtBMS0pL7Nu73pvK/FvKxcM5uS7xkxIFeSq0UzD
C0VL0h2FWQ==
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:32:11 2026 by rpki-client