Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200234.roa
File: AS200234.roa (raw, json)
Hash identifier: I2jp4ykxWjAZtmIp2BaDNTW8dMvf8rRwmX9bRvPc/yo=
Subject key identifier: BD:B6:00:F9:29:9C:C5:50:7A:36:EE:CA:50:0E:39:9C:96:04:37:B2
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3D74E4B6FB825BA165667EE7EAC37F2AA56B8768
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200234.roa
Signing time: Fri 08 Dec 2023 20:44:21 +0000
ROA not before: Fri 08 Dec 2023 20:39:21 +0000
ROA not after: Fri 06 Dec 2024 20:44:21 +0000
asID: 200234
IP address blocks: 2a06:a005:d4e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:74:e4:b6:fb:82:5b:a1:65:66:7e:e7:ea:c3:7f:2a:a5:6b:87:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 8 20:39:21 2023 GMT
Not After : Dec 6 20:44:21 2024 GMT
Subject: CN=BDB600F9299CC5507A36EECA500E399C960437B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:7a:5a:8b:bf:20:fe:f7:5f:a9:cc:8d:52:
27:fd:db:f9:b4:f7:55:5c:4b:7a:e2:5a:dc:8d:95:
42:03:34:70:f3:c7:60:8e:74:22:d4:f2:15:eb:0d:
14:e5:1d:15:2c:f5:0c:ba:05:c3:66:4e:aa:ee:e5:
6c:89:ae:2a:43:6c:9c:7f:51:63:a1:e0:2f:cd:48:
6a:e5:ba:71:1c:ba:59:4a:ae:e5:0a:04:c8:a7:a2:
2c:ae:e4:94:41:65:f8:ec:bb:03:ca:1f:ac:67:d4:
0a:1f:df:f2:29:63:00:e8:b0:59:6c:26:3e:54:ec:
07:eb:ce:c4:14:97:38:03:60:52:5f:7c:f6:1c:73:
ec:ef:5d:d0:78:93:4f:66:b7:6b:69:bf:49:77:55:
62:a8:5c:ed:06:0b:f3:bd:5f:a5:98:6b:88:57:6c:
db:2d:ae:fb:f5:c3:2a:8b:7f:c7:f6:5e:95:d7:8e:
6d:c1:cd:a7:eb:ec:c0:17:45:a7:6d:7c:9c:84:e6:
b4:25:76:68:dd:cf:b3:e5:6f:7c:88:da:dd:5a:07:
35:bc:b8:1f:f6:29:32:05:34:f8:a9:b1:aa:57:28:
de:83:45:65:33:fa:5d:f9:5e:60:e9:9e:06:33:3b:
f0:0b:7f:74:69:1e:3b:45:23:2e:71:6e:41:f7:72:
85:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B6:00:F9:29:9C:C5:50:7A:36:EE:CA:50:0E:39:9C:96:04:37:B2
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d4e::/48
Signature Algorithm: sha256WithRSAEncryption
64:59:48:11:36:4d:91:0d:0a:6a:a3:fa:68:17:b0:ad:de:e9:
ae:37:6e:86:72:20:ec:3f:1c:79:0a:28:e3:24:dc:46:21:23:
34:32:0a:d6:70:11:b5:60:3f:96:7f:36:c8:95:32:34:79:5e:
71:fc:4b:04:de:08:0e:bb:3b:0d:69:7b:37:90:8c:a9:9f:36:
b6:88:9e:8e:a0:6a:7b:63:6b:7d:d6:64:5d:05:fe:74:15:53:
9d:04:4a:47:83:f7:d8:1c:c3:f3:d0:31:c0:35:84:54:05:78:
05:d6:03:7f:40:ad:27:fb:bb:33:52:6b:2d:f5:e7:48:c7:56:
32:c8:16:a9:c3:cc:13:d6:c2:61:ee:66:3b:1b:0d:3e:67:f7:
a1:64:ec:b3:9d:52:1c:49:c7:c8:77:df:bd:f4:87:45:8e:92:
fc:db:e4:71:86:ee:bd:76:76:cd:2a:be:7b:40:4f:f7:11:7b:
26:04:3b:bb:74:26:a6:9c:04:be:e1:01:cc:73:f8:1a:de:05:
9a:cf:50:ca:57:72:31:7c:b2:42:11:1c:16:b7:9a:45:93:4e:
65:2b:bf:a8:a2:a8:9a:ab:59:c0:c9:ca:69:31:6f:5a:ab:a8:
54:92:c0:79:2a:df:0d:d3:50:03:26:80:f4:84:76:ac:03:d3:
38:63:68:dc
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUPXTktvuCW6FlZn7n6sN/KqVrh2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDgyMDM5MjFaFw0yNDEyMDYyMDQ0MjFaMDMxMTAvBgNV
BAMTKEJEQjYwMEY5Mjk5Q0M1NTA3QTM2RUVDQTUwMEUzOTlDOTYwNDM3QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwVXpai78g/vdfqcyNUif92/m0
91VcS3riWtyNlUIDNHDzx2COdCLU8hXrDRTlHRUs9Qy6BcNmTqru5WyJripDbJx/
UWOh4C/NSGrlunEcullKruUKBMinoiyu5JRBZfjsuwPKH6xn1Aof3/IpYwDosFls
Jj5U7AfrzsQUlzgDYFJffPYcc+zvXdB4k09mt2tpv0l3VWKoXO0GC/O9X6WYa4hX
bNstrvv1wyqLf8f2XpXXjm3Bzafr7MAXRadtfJyE5rQldmjdz7Plb3yI2t1aBzW8
uB/2KTIFNPipsapXKN6DRWUz+l35XmDpngYzO/ALf3RpHjtFIy5xbkH3coXtAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUvbYA+SmcxVB6Nu7KUA45nJYEN7IwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ1OMA0GCSqGSIb3DQEBCwUAA4IBAQBkWUgR
Nk2RDQpqo/poF7Ct3umuN26GciDsPxx5CijjJNxGISM0MgrWcBG1YD+WfzbIlTI0
eV5x/EsE3ggOuzsNaXs3kIypnza2iJ6OoGp7Y2t91mRdBf50FVOdBEpHg/fYHMPz
0DHANYRUBXgF1gN/QK0n+7szUmst9edIx1YyyBapw8wT1sJh7mY7Gw0+Z/ehZOyz
nVIcScfId9+99IdFjpL82+Rxhu69dnbNKr57QE/3EXsmBDu7dCamnAS+4QHMc/ga
3gWaz1DKV3IxfLJCERwWt5pFk05lK7+ooqiaq1nAycppMW9aq6hUksB5Kt8N01AD
JoD0hHasA9M4Y2jc
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:12 2024 by rpki-client on console-fra.rpki-client.org