Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS151704.roa
File: AS151704.roa (raw, json)
Hash identifier: 1E2vMt+6H9JWb1SHU1cFbcYnrhCMso5TXcCwfTQ5uoE=
Subject key identifier: C9:A2:DF:6F:8C:A6:CC:99:A6:EC:8C:D6:92:73:8A:3D:7F:C2:3F:A3
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 6DB1C48846DB3BCCC4E9A46958D5E9A9D9B41507
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS151704.roa
Signing time: Sat 14 Dec 2024 16:35:20 +0000
ROA not before: Sat 14 Dec 2024 16:30:20 +0000
ROA not after: Sat 13 Dec 2025 16:35:20 +0000
asID: 151704
IP address blocks: 81.31.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 13:37:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:b1:c4:88:46:db:3b:cc:c4:e9:a4:69:58:d5:e9:a9:d9:b4:15:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 14 16:30:20 2024 GMT
Not After : Dec 13 16:35:20 2025 GMT
Subject: CN=C9A2DF6F8CA6CC99A6EC8CD692738A3D7FC23FA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d5:f5:f7:b3:7f:e8:8b:3e:fd:d7:30:93:b9:
55:13:a9:f6:66:1a:e5:92:70:61:bd:c3:fe:a3:c3:
8f:d3:46:8b:46:a4:79:31:10:fc:98:89:86:89:2f:
7a:62:e1:64:1b:8e:cc:49:84:81:83:30:5b:93:ea:
f8:54:c5:80:fb:46:2e:a7:fb:69:4d:af:8f:3f:29:
15:96:4b:91:2f:de:48:45:f2:2a:a2:b3:7b:ee:e5:
b6:cd:56:aa:f5:fb:15:27:06:7e:d0:fd:fc:10:a2:
f4:a3:b4:30:06:96:40:bd:fd:20:5f:0e:6d:1d:28:
b6:91:1f:29:f1:8a:b3:01:64:44:3b:0e:7f:da:e8:
da:c8:6a:42:c5:6c:b8:ef:ee:57:9a:84:80:1d:ff:
b1:bb:83:ac:e5:01:8f:48:e4:7e:0c:ed:03:a5:6e:
1e:4b:d4:ce:80:b7:42:2c:51:55:18:01:6c:51:ae:
85:56:55:45:d0:54:12:05:03:f1:15:a0:00:07:39:
fb:fa:99:7f:75:d4:29:51:21:b5:0e:2f:56:57:27:
6e:a8:69:2e:10:39:b0:78:97:f3:c3:d6:11:eb:fd:
89:6c:84:30:df:16:5e:53:80:e5:6e:c0:ab:c1:6b:
e2:8d:d2:d4:16:b1:84:f3:e0:70:fa:25:19:ab:ef:
47:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A2:DF:6F:8C:A6:CC:99:A6:EC:8C:D6:92:73:8A:3D:7F:C2:3F:A3
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS151704.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.209.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:65:87:5a:2f:70:fe:c5:d4:d6:95:10:2f:42:55:b1:f8:cb:
de:6a:47:12:7c:a3:6d:2d:0c:dc:94:03:d6:a4:2c:22:88:27:
c1:51:0c:a3:f8:d5:b6:e7:7e:ad:23:4b:a4:99:cb:53:f4:2c:
c8:41:70:51:dc:66:c6:f7:6e:ad:1c:db:4f:7c:f7:c8:65:70:
4d:98:84:3b:f9:5b:05:80:c1:97:bf:5a:82:61:12:0d:61:89:
c0:a2:8a:d1:8d:1f:94:5d:a4:4c:c6:4e:9f:6d:46:4c:29:e5:
36:15:76:f1:e7:08:7c:27:eb:55:68:90:15:a8:f8:59:17:b5:
16:1b:be:2e:5b:3c:46:e5:d6:7a:8d:00:34:3e:9b:f8:75:c6:
09:c6:9f:ac:e8:96:47:6f:cb:29:94:db:b3:21:24:46:81:dd:
cd:77:55:10:3c:85:6b:cb:a9:98:c3:ae:f1:4a:8c:e7:ee:83:
8f:08:09:6a:10:eb:7d:8a:79:4d:94:20:b8:a8:59:07:c2:c8:
cc:a2:39:e5:77:b4:ca:5a:4d:9b:29:8d:10:3d:fb:c7:d1:4f:
8a:d5:ee:f2:83:78:12:37:38:88:5f:60:d4:44:aa:f8:93:39:
fb:c8:38:36:4f:88:53:f2:53:3c:e7:5e:bf:0c:8e:7e:42:97:
ab:a5:6c:77
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUbbHEiEbbO8zE6aRpWNXpqdm0FQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTQxNjMwMjBaFw0yNTEyMTMxNjM1MjBaMDMxMTAvBgNV
BAMTKEM5QTJERjZGOENBNkNDOTlBNkVDOENENjkyNzM4QTNEN0ZDMjNGQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC11fX3s3/oiz791zCTuVUTqfZm
GuWScGG9w/6jw4/TRotGpHkxEPyYiYaJL3pi4WQbjsxJhIGDMFuT6vhUxYD7Ri6n
+2lNr48/KRWWS5Ev3khF8iqis3vu5bbNVqr1+xUnBn7Q/fwQovSjtDAGlkC9/SBf
Dm0dKLaRHynxirMBZEQ7Dn/a6NrIakLFbLjv7leahIAd/7G7g6zlAY9I5H4M7QOl
bh5L1M6At0IsUVUYAWxRroVWVUXQVBIFA/EVoAAHOfv6mX911ClRIbUOL1ZXJ26o
aS4QObB4l/PD1hHr/YlshDDfFl5TgOVuwKvBa+KN0tQWsYTz4HD6JRmr70dFAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUyaLfb4ymzJmm7IzWknOKPX/CP6MwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTUxNzA0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAUR/RMA0GCSqGSIb3DQEBCwUAA4IBAQBvZYdaL3D+
xdTWlRAvQlWx+MveakcSfKNtLQzclAPWpCwiiCfBUQyj+NW2536tI0ukmctT9CzI
QXBR3GbG926tHNtPfPfIZXBNmIQ7+VsFgMGXv1qCYRINYYnAoorRjR+UXaRMxk6f
bUZMKeU2FXbx5wh8J+tVaJAVqPhZF7UWG74uWzxG5dZ6jQA0Ppv4dcYJxp+s6JZH
b8splNuzISRGgd3Nd1UQPIVry6mYw67xSozn7oOPCAlqEOt9inlNlCC4qFkHwsjM
ojnld7TKWk2bKY0QPfvH0U+K1e7yg3gSNziIX2DURKr4kzn7yDg2T4hT8lM8516/
DI5+QperpWx3
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:51:42 2025 by rpki-client