Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200890.roa
File: AS200890.roa (raw, json)
Hash identifier: BT1zA0qNroaA4TD4axPpxMzmz6sUwPczAWifrxIOOI8=
Subject key identifier: A9:53:04:EA:BB:78:73:BE:0A:F8:11:DD:45:05:AE:57:96:EC:BB:4E
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 45F4457A8EC6A0A4F5E75F00FD85E51641F465A2
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200890.roa
Signing time: Tue 05 Nov 2024 03:40:07 +0000
ROA not before: Tue 05 Nov 2024 03:35:07 +0000
ROA not after: Tue 04 Nov 2025 03:40:07 +0000
asID: 200890
IP address blocks: 2a06:a005:1b60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:f4:45:7a:8e:c6:a0:a4:f5:e7:5f:00:fd:85:e5:16:41:f4:65:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:07 2024 GMT
Not After : Nov 4 03:40:07 2025 GMT
Subject: CN=A95304EABB7873BE0AF811DD4505AE5796ECBB4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c0:cb:eb:e9:95:8e:0f:91:b0:97:46:d6:81:
c7:b2:d4:41:a6:b7:81:c5:39:90:2c:82:ae:ae:e9:
19:76:29:0a:4c:1a:39:c5:19:c8:d8:e9:24:28:dc:
8d:2c:4d:d6:ed:57:5a:36:47:e8:30:08:3f:0d:cf:
0c:0f:ab:2a:fd:e3:e0:ee:1c:7c:c9:60:ed:8e:86:
32:3e:5d:90:a9:b4:c5:55:b1:21:e6:0f:62:8a:21:
e3:33:34:58:fa:37:e8:89:b7:e2:9f:03:b9:dc:59:
51:d7:69:be:9d:8b:ea:ff:fd:2f:85:ee:e1:74:08:
f1:ca:65:f0:a9:dc:ed:f9:ad:65:d3:b6:99:4d:93:
6f:57:21:d7:84:27:9f:04:25:52:e0:fa:db:d7:c2:
a4:a1:4a:2e:f0:83:98:36:bc:3a:7e:dd:51:ff:83:
54:ca:32:f9:4a:ce:e5:1b:7b:0e:00:3f:8e:d8:32:
cc:83:b8:88:0b:d9:45:0d:95:7b:5c:a0:55:a2:8a:
86:a5:11:6e:92:bd:05:87:fc:5d:9f:51:f6:a1:9c:
b8:31:7c:9d:04:35:6e:b9:16:9d:84:ad:b6:b4:7d:
d6:11:18:75:ea:4d:8e:f6:56:99:dd:3a:4b:3f:1f:
14:ea:58:31:f9:c9:7f:c2:a9:2e:e3:a1:55:f7:ee:
4a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:53:04:EA:BB:78:73:BE:0A:F8:11:DD:45:05:AE:57:96:EC:BB:4E
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200890.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1b60::/44
Signature Algorithm: sha256WithRSAEncryption
93:51:fe:80:e6:cc:93:cd:33:e9:11:a2:d8:09:69:47:4b:16:
03:bb:5a:22:45:44:82:2e:c6:18:de:02:ff:16:89:6c:3e:bd:
aa:8b:60:13:37:b7:12:50:8a:ef:ff:24:9d:d2:a5:6c:d0:d2:
64:d5:d2:09:0f:45:e8:fa:93:67:a8:84:ef:57:c6:4c:64:50:
52:e3:b1:c2:12:1b:2a:69:54:6f:85:bb:ee:9b:21:c0:92:64:
22:02:e9:48:3c:a1:4b:da:7a:af:97:f3:98:84:b5:1a:5d:09:
5a:4e:ab:6a:f4:85:c3:a1:11:c9:4c:6a:bb:5c:d0:3a:9f:66:
6c:96:b9:3e:2a:6c:74:b3:97:95:4c:d4:d1:dd:f7:4a:56:d0:
a1:d0:41:a0:08:fe:5f:3a:ac:2c:6f:b6:08:c4:36:27:79:15:
40:65:67:a6:f7:81:bf:ac:be:a5:d2:be:94:74:4c:b4:6e:5b:
35:94:55:b1:56:0a:a0:0b:f1:55:2b:1c:b4:df:b6:0e:30:bd:
ec:e0:a2:9c:5a:f7:db:c2:ae:10:4e:41:56:d0:7f:02:77:fe:
1c:7d:82:38:64:8d:4a:0f:3f:a5:95:03:a9:c4:2b:a4:1a:43:
13:e4:9b:ef:a2:d1:8d:70:6e:e8:17:9d:82:11:e1:54:46:31:
40:e1:7e:f1
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIURfRFeo7GoKT1518A/YXlFkH0ZaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDdaFw0yNTExMDQwMzQwMDdaMDMxMTAvBgNV
BAMTKEE5NTMwNEVBQkI3ODczQkUwQUY4MTFERDQ1MDVBRTU3OTZFQ0JCNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbwMvr6ZWOD5Gwl0bWgcey1EGm
t4HFOZAsgq6u6Rl2KQpMGjnFGcjY6SQo3I0sTdbtV1o2R+gwCD8NzwwPqyr94+Du
HHzJYO2OhjI+XZCptMVVsSHmD2KKIeMzNFj6N+iJt+KfA7ncWVHXab6di+r//S+F
7uF0CPHKZfCp3O35rWXTtplNk29XIdeEJ58EJVLg+tvXwqShSi7wg5g2vDp+3VH/
g1TKMvlKzuUbew4AP47YMsyDuIgL2UUNlXtcoFWiioalEW6SvQWH/F2fUfahnLgx
fJ0ENW65Fp2Erba0fdYRGHXqTY72VpndOks/HxTqWDH5yX/CqS7joVX37kqvAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUqVME6rt4c74K+BHdRQWuV5bsu04wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODkwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRtgMA0GCSqGSIb3DQEBCwUAA4IBAQCTUf6A
5syTzTPpEaLYCWlHSxYDu1oiRUSCLsYY3gL/FolsPr2qi2ATN7cSUIrv/ySd0qVs
0NJk1dIJD0Xo+pNnqITvV8ZMZFBS47HCEhsqaVRvhbvumyHAkmQiAulIPKFL2nqv
l/OYhLUaXQlaTqtq9IXDoRHJTGq7XNA6n2Zslrk+Kmx0s5eVTNTR3fdKVtCh0EGg
CP5fOqwsb7YIxDYneRVAZWem94G/rL6l0r6UdEy0bls1lFWxVgqgC/FVKxy037YO
ML3s4KKcWvfbwq4QTkFW0H8Cd/4cfYI4ZI1KDz+llQOpxCukGkMT5JvvotGNcG7o
F52CEeFURjFA4X7x
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:10 2024 by rpki-client on console-ams.rpki-client.org