Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201398.roa
File: AS201398.roa (raw, json)
Hash identifier: 0ooTWJJDuWj7dAV2S9LQF0nxmYlDFvXXPyAal43z2JU=
Subject key identifier: 54:FB:40:88:53:32:39:18:CC:7E:1C:C9:18:21:27:26:FC:7A:7A:5C
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3ED80B548DA17874B99B96633DA4746A462DC8D9
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201398.roa
Signing time: Tue 05 Dec 2023 02:44:19 +0000
ROA not before: Tue 05 Dec 2023 02:39:19 +0000
ROA not after: Tue 03 Dec 2024 02:44:19 +0000
asID: 201398
IP address blocks: 2a06:a005:108f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:d8:0b:54:8d:a1:78:74:b9:9b:96:63:3d:a4:74:6a:46:2d:c8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:19 2023 GMT
Not After : Dec 3 02:44:19 2024 GMT
Subject: CN=54FB408853323918CC7E1CC918212726FC7A7A5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:12:8e:ad:50:d8:47:d5:42:27:0d:4c:28:
42:30:cc:a2:0e:4f:6d:a3:f2:04:75:df:3d:32:59:
c6:f5:7a:37:ab:fc:0b:8c:5a:3b:35:ea:fc:9d:09:
f9:a2:72:81:a4:14:be:90:a7:01:c7:ac:39:36:bf:
36:dc:0e:10:10:dd:c4:93:f8:a8:21:4d:0b:25:18:
19:46:80:e9:5d:4a:8d:e7:ce:06:42:e8:da:e2:c7:
20:21:6d:65:b6:65:54:65:f2:e0:9b:ec:7b:a3:ba:
30:7f:44:75:27:fb:e7:f7:7f:8c:dd:68:61:52:43:
46:5a:ac:ea:4b:57:fe:7c:2f:0c:9b:7d:8a:6f:5a:
30:c9:94:ac:bf:df:62:b2:79:71:5a:29:d0:22:4c:
fb:fd:78:81:e9:3e:71:18:24:33:6c:54:21:03:fb:
2d:48:36:98:77:97:4f:15:a6:34:e3:8a:15:63:c9:
7d:4e:c6:27:85:e5:81:f5:27:67:3a:77:b7:5a:2a:
89:af:57:b6:f1:7e:ef:c6:fa:f4:29:f4:73:c0:02:
cb:0a:80:7c:e5:57:74:01:1c:c0:25:44:ac:ef:9a:
04:c9:9a:7a:1d:fa:12:cf:6f:dd:47:05:b1:ed:62:
a8:f9:0b:15:f9:5e:f0:05:3f:5b:e2:75:f7:28:86:
4e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FB:40:88:53:32:39:18:CC:7E:1C:C9:18:21:27:26:FC:7A:7A:5C
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201398.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:108f::/48
Signature Algorithm: sha256WithRSAEncryption
41:ff:50:22:f4:86:b0:f0:6c:29:f3:9a:29:9f:b2:81:e4:e0:
2a:53:3f:eb:02:da:f9:90:15:f2:38:82:6c:c1:2a:b0:96:a0:
21:7d:40:13:dc:77:2d:22:22:ee:44:fd:59:f1:bf:b5:be:33:
d1:71:3f:a4:1d:42:e4:8f:08:fe:06:53:80:eb:4b:ec:dd:42:
7e:54:75:de:2b:55:91:ef:d5:8e:43:3f:3f:2f:00:56:8d:04:
9f:ac:47:22:19:6b:ba:d7:d0:ee:ea:05:d7:d5:ab:d8:66:8b:
60:e4:62:75:9d:a5:7a:5a:0d:aa:c7:3b:3d:36:4c:1f:79:71:
90:b8:c2:cc:56:d7:05:05:90:48:91:c6:ea:c1:fd:65:41:ae:
6b:c1:1b:1b:08:58:c4:f8:63:01:47:13:fc:f9:6d:b1:99:52:
64:77:b3:02:df:71:28:c8:a7:de:97:46:4d:4d:1a:ff:ca:57:
e7:66:29:1e:f0:49:36:48:76:d3:dd:6e:b6:ef:2b:ac:c4:a5:
3e:0c:eb:02:9a:36:c6:44:ba:0c:63:2e:60:a9:c0:47:14:b2:
7d:d4:af:dc:bf:ab:72:a6:5f:3f:15:ff:eb:30:1b:15:db:6e:
55:60:fd:5d:7e:89:3d:46:b8:3a:5f:56:21:b9:0f:33:76:f9:
41:93:31:3a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUPtgLVI2heHS5m5ZjPaR0akYtyNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDU0RkI0MDg4NTMzMjM5MThDQzdFMUNDOTE4MjEyNzI2RkM3QTdBNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGHBKOrVDYR9VCJw1MKEIwzKIO
T22j8gR13z0yWcb1ejer/AuMWjs16vydCfmicoGkFL6QpwHHrDk2vzbcDhAQ3cST
+KghTQslGBlGgOldSo3nzgZC6NrixyAhbWW2ZVRl8uCb7HujujB/RHUn++f3f4zd
aGFSQ0ZarOpLV/58LwybfYpvWjDJlKy/32KyeXFaKdAiTPv9eIHpPnEYJDNsVCED
+y1INph3l08VpjTjihVjyX1OxieF5YH1J2c6d7daKomvV7bxfu/G+vQp9HPAAssK
gHzlV3QBHMAlRKzvmgTJmnod+hLPb91HBbHtYqj5CxX5XvAFP1vidfcohk4fAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUVPtAiFMyORjMfhzJGCEnJvx6elwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAxMzk4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRCPMA0GCSqGSIb3DQEBCwUAA4IBAQBB/1Ai
9Iaw8Gwp85opn7KB5OAqUz/rAtr5kBXyOIJswSqwlqAhfUAT3HctIiLuRP1Z8b+1
vjPRcT+kHULkjwj+BlOA60vs3UJ+VHXeK1WR79WOQz8/LwBWjQSfrEciGWu619Du
6gXX1avYZotg5GJ1naV6Wg2qxzs9NkwfeXGQuMLMVtcFBZBIkcbqwf1lQa5rwRsb
CFjE+GMBRxP8+W2xmVJkd7MC33EoyKfel0ZNTRr/ylfnZike8Ek2SHbT3W627yus
xKU+DOsCmjbGRLoMYy5gqcBHFLJ91K/cv6typl8/Ff/rMBsV225VYP1dfok9Rrg6
X1YhuQ8zdvlBkzE6
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:30 2024 by rpki-client on console-ams.rpki-client.org