Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200897.roa
File: AS200897.roa (raw, json)
Hash identifier: IjZOT+b+n7wtebEwSpt2bTcwYACWILacQ3uA7eD6+PU=
Subject key identifier: DF:AF:23:94:F3:9D:93:01:42:00:A9:2E:8D:90:6A:93:C2:EF:67:BD
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 52FC5F34EFCEAB240A34AB66C06F58CF21567859
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200897.roa
Signing time: Tue 05 Dec 2023 02:44:10 +0000
ROA not before: Tue 05 Dec 2023 02:39:10 +0000
ROA not after: Tue 03 Dec 2024 02:44:10 +0000
asID: 200897
IP address blocks: 2a06:a005:5b9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:fc:5f:34:ef:ce:ab:24:0a:34:ab:66:c0:6f:58:cf:21:56:78:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:10 2023 GMT
Not After : Dec 3 02:44:10 2024 GMT
Subject: CN=DFAF2394F39D93014200A92E8D906A93C2EF67BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:76:0c:1e:a5:d6:46:fd:e9:1a:c5:5c:c1:2a:
55:7c:85:86:38:c3:1c:90:78:ec:d2:33:ee:09:d7:
2c:52:11:8e:e1:c8:a3:4a:04:b7:9c:23:0b:f9:c2:
e2:88:12:ef:6c:f9:ad:f6:bc:53:e1:d9:bb:a9:4a:
38:9e:fa:f3:10:0f:26:a9:f8:9f:5f:02:5e:1c:49:
87:92:10:bd:50:0e:97:b7:82:fa:db:32:bb:cc:ef:
8b:6d:0d:47:6c:e7:9f:8b:5a:cb:e4:62:fd:9d:11:
ee:10:31:09:2e:ca:2d:e8:60:f9:8f:d8:ac:f7:b7:
44:03:44:5a:05:c7:ee:df:cd:0a:ef:fd:a7:7d:76:
f2:5e:10:71:16:cf:d3:97:09:32:e0:06:45:e3:ec:
a4:10:e4:dc:45:e4:28:29:65:e9:4f:8f:11:4c:b8:
42:c7:5d:14:36:9e:f2:7e:9b:8e:79:9c:39:62:70:
97:66:6d:1f:90:35:42:46:78:76:a2:f4:f8:cc:79:
46:1f:7c:e9:e4:28:23:d1:7b:55:42:3d:66:0e:f2:
73:22:68:8d:15:ed:e5:78:bd:a5:98:5e:75:15:c0:
4d:83:21:0d:9f:39:47:0e:77:37:14:70:9a:9a:f6:
ce:15:22:5e:05:6c:87:66:64:61:78:2f:9d:8f:db:
ef:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AF:23:94:F3:9D:93:01:42:00:A9:2E:8D:90:6A:93:C2:EF:67:BD
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200897.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5b9::/48
Signature Algorithm: sha256WithRSAEncryption
b8:10:5c:e0:1e:de:e3:af:b5:84:7d:85:64:ff:56:bc:b9:e3:
b3:57:cc:79:78:a0:0b:1e:09:73:95:e9:0e:52:75:09:0e:d7:
50:f7:78:92:8f:d6:fa:ce:fd:ef:ee:af:01:d6:c6:4b:51:ef:
0e:fa:b3:a6:dc:4f:ac:4f:3d:7d:a0:14:da:52:46:84:db:7b:
26:f8:cf:2c:a1:f0:57:4c:0c:a4:99:39:4c:49:58:44:94:2d:
8d:3d:1b:5e:4f:97:34:7d:0c:d2:9c:a3:4d:9e:e4:92:bf:86:
2a:d2:03:86:8f:eb:47:29:a3:37:78:b3:a6:15:1d:59:1c:f7:
53:42:24:bd:2b:39:ce:9f:bc:ba:f9:14:25:6b:e0:8c:92:c6:
4e:a8:fa:aa:df:db:e9:9f:1c:53:5a:ba:d7:d8:de:34:0e:6e:
ad:38:a0:ac:77:22:41:b9:19:f1:fa:de:44:7e:44:88:af:a3:
07:a5:19:d3:ae:b0:d3:45:23:12:42:e5:5f:40:11:fd:f0:42:
cb:0e:38:dd:e7:27:02:5e:e3:4c:21:53:65:ca:cf:4a:88:62:
b5:44:ea:2f:91:85:c0:31:5b:8e:22:5c:2d:8d:83:67:98:20:
c8:27:1d:a9:34:23:ab:23:bf:d0:b4:dc:a3:f4:41:15:fd:03:
91:80:f7:b9
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUUvxfNO/OqyQKNKtmwG9YzyFWeFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTBaFw0yNDEyMDMwMjQ0MTBaMDMxMTAvBgNV
BAMTKERGQUYyMzk0RjM5RDkzMDE0MjAwQTkyRThEOTA2QTkzQzJFRjY3QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqdgwepdZG/ekaxVzBKlV8hYY4
wxyQeOzSM+4J1yxSEY7hyKNKBLecIwv5wuKIEu9s+a32vFPh2bupSjie+vMQDyap
+J9fAl4cSYeSEL1QDpe3gvrbMrvM74ttDUds55+LWsvkYv2dEe4QMQkuyi3oYPmP
2Kz3t0QDRFoFx+7fzQrv/ad9dvJeEHEWz9OXCTLgBkXj7KQQ5NxF5CgpZelPjxFM
uELHXRQ2nvJ+m455nDlicJdmbR+QNUJGeHai9PjMeUYffOnkKCPRe1VCPWYO8nMi
aI0V7eV4vaWYXnUVwE2DIQ2fOUcOdzcUcJqa9s4VIl4FbIdmZGF4L52P2+/JAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU368jlPOdkwFCAKkujZBqk8LvZ70wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODk3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQW5MA0GCSqGSIb3DQEBCwUAA4IBAQC4EFzg
Ht7jr7WEfYVk/1a8ueOzV8x5eKALHglzlekOUnUJDtdQ93iSj9b6zv3v7q8B1sZL
Ue8O+rOm3E+sTz19oBTaUkaE23sm+M8sofBXTAykmTlMSVhElC2NPRteT5c0fQzS
nKNNnuSSv4Yq0gOGj+tHKaM3eLOmFR1ZHPdTQiS9KznOn7y6+RQla+CMksZOqPqq
39vpnxxTWrrX2N40Dm6tOKCsdyJBuRnx+t5EfkSIr6MHpRnTrrDTRSMSQuVfQBH9
8ELLDjjd5ycCXuNMIVNlys9KiGK1ROovkYXAMVuOIlwtjYNnmCDIJx2pNCOrI7/Q
tNyj9EEV/QORgPe5
-----END CERTIFICATE-----
Generated at Sat May 4 12:12:18 2024 by rpki-client on console-ams.rpki-client.org