Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200809.roa
File: AS200809.roa (raw, json)
Hash identifier: Bi2PmigdaLacyCtGd5dYuir6UR3zFbc+VviRLJQ+GtQ=
Subject key identifier: 22:A9:8B:A8:38:CC:BB:87:29:4F:7F:CA:C7:31:54:78:B8:AB:0C:86
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0E64FE9F479E85CDF826D2C91C583BC541A7376C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200809.roa
Signing time: Tue 05 Dec 2023 02:44:14 +0000
ROA not before: Tue 05 Dec 2023 02:39:14 +0000
ROA not after: Tue 03 Dec 2024 02:44:14 +0000
asID: 200809
IP address blocks: 2a06:a005:2670::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:64:fe:9f:47:9e:85:cd:f8:26:d2:c9:1c:58:3b:c5:41:a7:37:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:14 2023 GMT
Not After : Dec 3 02:44:14 2024 GMT
Subject: CN=22A98BA838CCBB87294F7FCAC7315478B8AB0C86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4d:55:a8:6f:ed:6a:57:af:53:cc:40:70:27:
9e:11:b0:0f:bc:3e:1d:dc:e9:18:e2:69:43:7a:aa:
f0:3b:59:13:0c:5b:a7:4a:57:fe:69:de:b5:36:6d:
ab:6b:6f:59:94:55:60:79:5e:a6:7c:78:83:fa:08:
3a:3a:28:f6:bf:54:7c:7a:96:7e:b1:9e:a1:e3:dc:
d6:16:fb:aa:06:d9:cb:5a:1d:7e:4d:7e:46:64:43:
e5:34:20:81:8d:6d:bb:00:e8:8e:ba:ba:7a:22:73:
09:b2:68:bf:81:d7:3b:0e:78:b3:66:f6:c5:ef:ea:
2f:92:e4:59:82:32:55:8d:56:a1:e7:53:9a:e8:88:
2a:ad:26:4d:6c:88:09:3a:da:f4:73:df:ba:37:ef:
b0:2e:4b:ed:28:dc:54:08:c6:2e:65:56:9f:b2:ae:
17:bf:5c:63:86:19:75:f1:c5:4f:e3:ba:d7:89:b3:
2c:05:a6:59:77:dd:e2:e8:09:e4:5e:e1:d4:66:33:
13:7f:a8:82:2e:64:32:05:0e:aa:a5:e4:16:ef:e4:
7b:27:0c:db:ba:6b:3f:4e:f2:d0:21:f6:fd:6b:be:
94:61:c6:f2:3b:68:c8:fd:ac:a2:48:f1:1a:76:08:
a7:2b:a3:74:11:3a:74:33:fa:a2:6b:a6:61:a9:3e:
76:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A9:8B:A8:38:CC:BB:87:29:4F:7F:CA:C7:31:54:78:B8:AB:0C:86
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200809.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2670::/44
Signature Algorithm: sha256WithRSAEncryption
82:57:2c:9b:53:55:fa:36:e3:34:59:39:2d:6c:ea:35:c5:46:
fb:ad:02:2b:e8:59:a8:d7:dd:6c:6d:79:47:cc:4c:72:02:2b:
8d:a2:6a:13:21:53:e4:44:7f:01:f0:2e:fb:89:38:28:ca:03:
bd:3e:80:47:c8:f2:c8:e6:b3:d7:4f:e3:e7:41:61:f2:48:75:
c9:36:c5:93:6f:f6:6d:2b:4f:3a:1b:0d:f6:c9:bd:93:8c:25:
1d:2d:b3:1d:df:64:d4:6b:20:89:08:70:10:12:af:6d:8a:4d:
42:61:08:d2:1d:c3:0f:a5:5b:11:fa:5f:75:b7:bd:86:96:82:
c6:a8:05:32:e6:54:06:53:85:7e:c3:78:b3:0a:ca:0c:d1:64:
20:20:8e:29:cb:18:8d:6a:29:0a:81:12:33:ce:43:a6:0d:48:
c0:99:90:8d:54:cf:84:fe:00:7b:c4:2b:68:ca:a4:14:99:fa:
4d:7b:0d:b6:32:26:f1:74:8a:4e:de:c4:ef:8c:68:43:a7:93:
c6:6b:f6:5c:65:0f:6e:00:a5:4a:a7:fa:0a:99:a5:22:35:2e:
a7:60:c0:67:c6:79:c4:8a:e8:41:d5:3b:9c:50:e9:e4:45:0a:
10:9b:4e:3c:81:c0:41:54:aa:18:87:a9:3c:bf:b8:fa:02:9a:
dd:30:04:62
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUDmT+n0eehc34JtLJHFg7xUGnN2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTRaFw0yNDEyMDMwMjQ0MTRaMDMxMTAvBgNV
BAMTKDIyQTk4QkE4MzhDQ0JCODcyOTRGN0ZDQUM3MzE1NDc4QjhBQjBDODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNTVWob+1qV69TzEBwJ54RsA+8
Ph3c6RjiaUN6qvA7WRMMW6dKV/5p3rU2batrb1mUVWB5XqZ8eIP6CDo6KPa/VHx6
ln6xnqHj3NYW+6oG2ctaHX5NfkZkQ+U0IIGNbbsA6I66unoicwmyaL+B1zsOeLNm
9sXv6i+S5FmCMlWNVqHnU5roiCqtJk1siAk62vRz37o377AuS+0o3FQIxi5lVp+y
rhe/XGOGGXXxxU/juteJsywFpll33eLoCeRe4dRmMxN/qIIuZDIFDqql5Bbv5Hsn
DNu6az9O8tAh9v1rvpRhxvI7aMj9rKJI8Rp2CKcro3QROnQz+qJrpmGpPnZtAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUIqmLqDjMu4cpT3/KxzFUeLirDIYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSZwMA0GCSqGSIb3DQEBCwUAA4IBAQCCVyyb
U1X6NuM0WTktbOo1xUb7rQIr6Fmo191sbXlHzExyAiuNomoTIVPkRH8B8C77iTgo
ygO9PoBHyPLI5rPXT+PnQWHySHXJNsWTb/ZtK086Gw32yb2TjCUdLbMd32TUayCJ
CHAQEq9tik1CYQjSHcMPpVsR+l91t72GloLGqAUy5lQGU4V+w3izCsoM0WQgII4p
yxiNaikKgRIzzkOmDUjAmZCNVM+E/gB7xCtoyqQUmfpNew22MibxdIpO3sTvjGhD
p5PGa/ZcZQ9uAKVKp/oKmaUiNS6nYMBnxnnEiuhB1TucUOnkRQoQm048gcBBVKoY
h6k8v7j6AprdMARi
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:12 2024 by rpki-client on console-fra.rpki-client.org