Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200234.roa
File: AS200234.roa (raw, json)
Hash identifier: +suiY00xfrRF+QqaZ9qpVuI7dtklyqK8wCkM5hx1pWk=
Subject key identifier: 4C:72:5B:33:35:26:C3:1E:0B:A2:EF:EC:04:8C:F9:91:22:1C:7A:33
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0E461164101CFE8A3CED4013641050D51131C6E5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200234.roa
Signing time: Fri 08 Nov 2024 21:40:12 +0000
ROA not before: Fri 08 Nov 2024 21:35:12 +0000
ROA not after: Fri 07 Nov 2025 21:40:12 +0000
asID: 200234
IP address blocks: 2a06:a005:d4e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:46:11:64:10:1c:fe:8a:3c:ed:40:13:64:10:50:d5:11:31:c6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 8 21:35:12 2024 GMT
Not After : Nov 7 21:40:12 2025 GMT
Subject: CN=4C725B333526C31E0BA2EFEC048CF991221C7A33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c0:39:32:d4:30:ef:40:88:f8:70:9f:a3:bc:
e3:b9:17:97:45:84:e8:37:8e:e5:1f:a2:6b:d4:fb:
2c:1e:4c:11:4e:7a:d6:d3:74:dc:aa:53:eb:ff:55:
04:f5:d7:53:0d:7f:b5:24:28:b6:74:eb:83:4c:bd:
8b:d8:e2:35:8e:6e:46:70:73:be:cd:cb:eb:46:69:
83:14:c1:7c:a5:81:c0:5f:3f:ae:00:84:0f:b2:ca:
50:51:d7:64:50:76:4e:a2:8c:b0:13:b5:ab:e0:43:
d5:16:4f:c3:2c:f0:d9:72:40:35:96:dd:7c:4e:9d:
15:22:44:11:69:38:79:1f:10:1a:bc:56:ed:54:57:
23:30:9e:79:fd:ca:9d:94:91:59:d1:95:df:f7:eb:
ab:75:0e:c7:de:32:4d:19:30:e7:4a:5f:26:f0:05:
fd:3c:52:b5:0b:52:77:ab:3b:bf:c4:3a:d2:8c:d7:
73:8b:c1:80:b1:6f:f7:21:3c:70:ff:8b:03:d4:c3:
eb:66:af:9f:b8:63:05:3f:ee:09:20:d1:0d:39:c3:
66:84:69:4f:eb:56:d2:c2:0d:16:86:95:71:cf:43:
15:e8:4e:9d:32:a9:8e:74:55:fc:50:46:a0:aa:e1:
5a:a1:cc:41:6c:a7:47:b1:aa:77:3c:e8:6c:bd:ca:
f7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:72:5B:33:35:26:C3:1E:0B:A2:EF:EC:04:8C:F9:91:22:1C:7A:33
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d4e::/48
Signature Algorithm: sha256WithRSAEncryption
bd:84:e4:95:5f:bc:08:71:bd:ac:6c:a9:e4:f1:db:a4:5c:7d:
67:a5:32:fb:d6:8f:03:d1:13:de:ee:2b:dd:ec:61:24:5a:d4:
38:d4:84:d1:3b:3a:24:de:d3:68:f7:ae:79:07:0b:d6:b2:1f:
6b:f3:14:f9:45:93:a1:2a:16:3c:93:78:c5:bf:81:c3:ef:ff:
32:a3:b7:33:2f:41:34:c9:66:0b:3f:46:75:64:e7:de:18:44:
8a:5b:67:7e:cf:bc:10:c9:00:ff:dc:1d:c9:90:94:be:24:b2:
e6:ae:ef:c7:17:53:c9:14:d9:00:12:8f:cf:c7:71:f1:9d:6e:
40:aa:6a:16:fa:d4:5d:c2:b1:dc:e2:21:09:3d:82:48:88:bb:
6e:4c:ea:b9:44:e0:8a:53:b2:21:14:a8:3e:d5:e9:2c:c2:f8:
65:b7:4d:99:da:04:12:22:c7:4a:39:00:dd:3c:a3:9d:33:48:
2b:67:51:67:97:b7:73:4b:2f:d2:c2:9a:59:e6:b7:94:bb:9b:
eb:d4:e6:d7:c8:dc:3e:3b:38:e7:58:65:ff:a4:16:1a:98:5a:
6a:aa:de:e6:b2:4e:4c:56:46:ad:97:c5:14:2d:72:d3:33:3d:
76:a2:d2:c0:5d:3f:4a:14:6d:4b:37:fd:b7:d3:77:0e:ab:a5:
65:df:a9:74
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUDkYRZBAc/oo87UATZBBQ1RExxuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDgyMTM1MTJaFw0yNTExMDcyMTQwMTJaMDMxMTAvBgNV
BAMTKDRDNzI1QjMzMzUyNkMzMUUwQkEyRUZFQzA0OENGOTkxMjIxQzdBMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLwDky1DDvQIj4cJ+jvOO5F5dF
hOg3juUfomvU+yweTBFOetbTdNyqU+v/VQT111MNf7UkKLZ064NMvYvY4jWObkZw
c77Ny+tGaYMUwXylgcBfP64AhA+yylBR12RQdk6ijLATtavgQ9UWT8Ms8NlyQDWW
3XxOnRUiRBFpOHkfEBq8Vu1UVyMwnnn9yp2UkVnRld/366t1DsfeMk0ZMOdKXybw
Bf08UrULUnerO7/EOtKM13OLwYCxb/chPHD/iwPUw+tmr5+4YwU/7gkg0Q05w2aE
aU/rVtLCDRaGlXHPQxXoTp0yqY50VfxQRqCq4VqhzEFsp0exqnc86Gy9yvcXAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUTHJbMzUmwx4Lou/sBIz5kSIcejMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ1OMA0GCSqGSIb3DQEBCwUAA4IBAQC9hOSV
X7wIcb2sbKnk8dukXH1npTL71o8D0RPe7ivd7GEkWtQ41ITROzok3tNo9655BwvW
sh9r8xT5RZOhKhY8k3jFv4HD7/8yo7czL0E0yWYLP0Z1ZOfeGESKW2d+z7wQyQD/
3B3JkJS+JLLmru/HF1PJFNkAEo/Px3HxnW5AqmoW+tRdwrHc4iEJPYJIiLtuTOq5
ROCKU7IhFKg+1ekswvhlt02Z2gQSIsdKOQDdPKOdM0grZ1Fnl7dzSy/SwppZ5reU
u5vr1ObXyNw+OzjnWGX/pBYamFpqqt7msk5MVkatl8UULXLTMz12otLAXT9KFG1L
N/2303cOq6Vl36l0
-----END CERTIFICATE-----
Generated at Mon Nov 25 06:04:57 2024 by rpki-client on console-fra.rpki-client.org