Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202528.roa
File: AS202528.roa (raw, json)
Hash identifier: 904hrHsAiP+AOZ7tyJvgz7VhTf8qD/qKDRYni/xp2rQ=
Subject key identifier: 96:F1:2C:53:92:9C:79:B1:A1:2D:85:B8:D0:A8:C2:1B:73:8F:10:39
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0D32164698E996310BE1613B036C1D5E3D023E58
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202528.roa
Signing time: Tue 05 Nov 2024 03:40:03 +0000
ROA not before: Tue 05 Nov 2024 03:35:03 +0000
ROA not after: Tue 04 Nov 2025 03:40:03 +0000
asID: 202528
IP address blocks: 2a06:a005:1d56::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:32:16:46:98:e9:96:31:0b:e1:61:3b:03:6c:1d:5e:3d:02:3e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:03 2024 GMT
Not After : Nov 4 03:40:03 2025 GMT
Subject: CN=96F12C53929C79B1A12D85B8D0A8C21B738F1039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1b:7d:98:b0:38:4f:c9:92:73:bd:c6:9a:5b:
ee:f7:a1:ff:a1:e2:b4:f1:79:3c:df:1b:69:f5:f0:
02:c2:74:83:a4:cf:e1:6b:3d:4b:65:25:02:2c:bf:
22:53:ea:c2:25:00:ed:b9:59:6e:cf:bf:7b:fe:c5:
f0:d5:18:97:2c:43:4c:24:0d:93:ef:11:d1:e1:3d:
91:63:69:da:21:e0:53:41:b2:b0:d2:d5:e3:c6:88:
78:31:60:fe:63:2d:37:9e:66:9d:89:b1:ef:68:8b:
a1:c6:ed:90:16:75:6f:66:69:b7:58:61:25:19:c6:
b5:58:d4:97:c5:c7:54:c2:8a:d9:32:af:f6:e2:4e:
34:3b:0b:50:4f:c1:2e:7e:0d:e2:14:8f:93:29:4d:
16:ba:9d:77:b5:c4:73:9a:70:79:75:d8:2f:4f:af:
6f:ce:28:f7:d5:72:81:e1:6d:99:44:df:c2:ce:52:
5c:a2:e7:85:11:b8:bb:c0:58:b3:39:6b:48:58:60:
30:39:5d:23:89:91:de:0e:88:5b:5f:2b:8d:fa:3d:
b2:39:4e:55:31:b5:ad:a4:9e:39:f5:46:49:3a:80:
28:29:68:be:b3:f3:e7:cc:9d:b9:6c:2d:70:be:63:
22:05:4e:f4:11:86:31:03:44:1d:48:0b:dd:de:0a:
a0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F1:2C:53:92:9C:79:B1:A1:2D:85:B8:D0:A8:C2:1B:73:8F:10:39
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202528.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1d56::/48
Signature Algorithm: sha256WithRSAEncryption
6c:4e:98:62:10:7e:77:5d:ba:d0:c8:03:fd:3b:3e:f2:b4:ff:
53:70:49:69:6f:6f:f0:bc:2c:c4:2a:5a:8e:b4:87:25:95:96:
fa:9c:d3:e6:1f:c9:c8:cf:73:58:da:3b:e5:61:0c:69:1e:06:
6b:8a:86:49:03:32:94:3c:aa:8d:ef:a9:a8:f9:cd:0d:f1:45:
6a:37:f3:4e:f6:1c:5a:14:f5:b8:a8:cd:0f:4f:16:ef:e8:df:
2f:a0:b9:10:92:78:ea:9f:5a:bc:79:d4:cc:2c:02:f2:72:b3:
12:22:de:99:8b:41:7f:e3:6d:05:36:5d:2c:f2:7a:e1:66:ab:
11:3f:21:0a:ab:1a:93:62:80:23:9f:bd:b9:18:36:7b:39:bc:
bf:cd:f2:2d:20:a0:bb:87:a1:33:37:38:db:7c:08:4d:55:49:
95:53:26:40:cf:8d:e0:2e:dc:49:08:89:c8:72:4b:23:56:a1:
6d:af:5d:63:53:d4:14:79:d8:d9:c2:5c:31:44:7c:c6:a5:27:
47:2f:76:0c:62:18:5a:e1:f2:d8:fa:9f:9e:53:3e:e6:25:42:
24:17:94:de:16:a2:8e:c6:28:d4:49:4a:0f:32:3a:7e:b6:c8:
50:56:5e:ab:c8:37:ab:a5:70:75:d9:f3:5b:a6:af:c2:00:1a:
f4:10:9f:52
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUDTIWRpjpljEL4WE7A2wdXj0CPlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKDk2RjEyQzUzOTI5Qzc5QjFBMTJEODVCOEQwQThDMjFCNzM4RjEwMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2G32YsDhPyZJzvcaaW+73of+h
4rTxeTzfG2n18ALCdIOkz+FrPUtlJQIsvyJT6sIlAO25WW7Pv3v+xfDVGJcsQ0wk
DZPvEdHhPZFjadoh4FNBsrDS1ePGiHgxYP5jLTeeZp2Jse9oi6HG7ZAWdW9mabdY
YSUZxrVY1JfFx1TCitkyr/biTjQ7C1BPwS5+DeIUj5MpTRa6nXe1xHOacHl12C9P
r2/OKPfVcoHhbZlE38LOUlyi54URuLvAWLM5a0hYYDA5XSOJkd4OiFtfK436PbI5
TlUxta2knjn1Rkk6gCgpaL6z8+fMnblsLXC+YyIFTvQRhjEDRB1IC93eCqAPAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUlvEsU5KcebGhLYW40KjCG3OPEDkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyNTI4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBR1WMA0GCSqGSIb3DQEBCwUAA4IBAQBsTphi
EH53XbrQyAP9Oz7ytP9TcElpb2/wvCzEKlqOtIcllZb6nNPmH8nIz3NY2jvlYQxp
HgZrioZJAzKUPKqN76mo+c0N8UVqN/NO9hxaFPW4qM0PTxbv6N8voLkQknjqn1q8
edTMLALycrMSIt6Zi0F/420FNl0s8nrhZqsRPyEKqxqTYoAjn725GDZ7Oby/zfIt
IKC7h6EzNzjbfAhNVUmVUyZAz43gLtxJCInIcksjVqFtr11jU9QUedjZwlwxRHzG
pSdHL3YMYhha4fLY+p+eUz7mJUIkF5TeFqKOxijUSUoPMjp+tshQVl6ryDerpXB1
2fNbpq/CABr0EJ9S
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:35 2024 by rpki-client on console-fra.rpki-client.org