Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202952.roa
File: AS202952.roa (raw, json)
Hash identifier: pyoj/OUrySoh+hXlOhd0OSiloio8yBkLscPa/BklV5U=
Subject key identifier: 52:C3:DF:F8:4F:96:66:F5:52:29:19:DC:BB:82:81:B2:CF:DA:5E:53
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 61ECCE984C6699286FE2E57F191A200E47B4853D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202952.roa
Signing time: Tue 05 Nov 2024 03:40:09 +0000
ROA not before: Tue 05 Nov 2024 03:35:09 +0000
ROA not after: Tue 04 Nov 2025 03:40:09 +0000
asID: 202952
IP address blocks: 2a06:a005:1b90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:ec:ce:98:4c:66:99:28:6f:e2:e5:7f:19:1a:20:0e:47:b4:85:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:09 2024 GMT
Not After : Nov 4 03:40:09 2025 GMT
Subject: CN=52C3DFF84F9666F5522919DCBB8281B2CFDA5E53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:db:56:88:18:11:21:45:9c:20:2f:07:1b:
6c:17:73:f4:30:e0:41:12:8d:95:db:78:b0:6b:08:
22:45:e1:c2:3a:e8:b6:b9:3a:00:e2:ea:3b:c3:4f:
ad:61:c7:e2:0f:d1:c5:0e:7a:86:10:c3:77:1a:98:
73:af:31:97:0c:e9:21:c0:da:6a:58:ae:3f:01:52:
06:b6:bc:85:a0:59:37:50:c2:88:34:cc:a1:71:cf:
9a:ff:20:24:92:8d:96:62:93:23:bd:04:2e:6a:76:
4f:a1:2e:46:7b:28:93:2d:6d:8a:3b:96:24:37:5d:
3c:76:70:24:6e:38:69:f5:aa:58:98:23:e9:f8:ba:
04:58:d3:ae:8b:b6:19:e9:31:62:c8:41:a1:ff:5b:
1c:35:7e:cd:ab:ab:23:64:c2:57:20:ab:b6:e9:3d:
fc:ba:81:79:db:e1:a4:19:38:a6:85:be:d4:2e:81:
e9:6e:b4:36:79:d9:7a:94:55:7d:1b:52:74:30:24:
45:13:c7:82:42:c8:d0:3e:6f:6a:11:61:f7:8f:64:
55:6e:9a:4d:96:18:df:eb:27:5f:30:24:cf:a2:45:
52:ba:4e:df:e5:b8:3d:dc:db:20:4f:a1:fe:64:56:
c7:23:1d:5c:f6:db:ac:3e:b3:94:ac:e8:1b:f5:8e:
6b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C3:DF:F8:4F:96:66:F5:52:29:19:DC:BB:82:81:B2:CF:DA:5E:53
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202952.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1b90::/44
Signature Algorithm: sha256WithRSAEncryption
89:b9:81:41:0a:ad:04:e5:a3:d5:de:3c:00:48:e9:2e:4a:e9:
33:59:4b:64:d1:6d:94:46:ea:49:5f:dc:21:b5:4a:22:3d:8a:
dc:68:88:50:2b:57:ac:7b:ff:c1:66:38:5e:91:fc:30:f0:70:
a8:33:91:3d:3d:83:34:81:18:68:32:d1:4e:8b:d8:31:ef:de:
7e:a3:a2:0d:cf:e5:85:ce:a5:fd:44:6e:22:a6:15:bf:a3:d7:
fb:ba:ca:11:7b:cf:8e:2e:59:a7:5b:a2:9a:e2:af:66:6b:d1:
23:36:bc:ad:3b:cd:61:5b:cf:40:7e:0c:d0:5d:d7:f8:81:3a:
fd:c5:fe:a5:bf:43:92:89:60:f5:92:3c:4a:10:bf:ec:c2:ed:
43:d0:57:b9:9d:47:e8:39:8f:fd:01:e0:d3:8a:d8:d9:98:e3:
e1:c8:f8:a8:28:ab:62:0f:c7:4b:a8:4b:d5:f0:f0:a5:19:54:
a3:94:3c:7f:28:27:e2:36:c2:ae:ae:a8:8f:ec:77:b0:6e:a2:
10:51:ab:9d:ca:f9:26:e9:a3:5e:47:92:3f:0b:52:5b:20:4d:
03:b1:7a:a1:97:9b:46:d6:39:66:60:13:8d:85:86:25:12:c2:
f5:85:00:5f:84:9f:b8:f5:f8:d3:88:10:02:5d:61:6a:b6:19:
81:be:c1:79
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUYezOmExmmShv4uV/GRogDke0hT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDlaFw0yNTExMDQwMzQwMDlaMDMxMTAvBgNV
BAMTKDUyQzNERkY4NEY5NjY2RjU1MjI5MTlEQ0JCODI4MUIyQ0ZEQTVFNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8mdtWiBgRIUWcIC8HG2wXc/Qw
4EESjZXbeLBrCCJF4cI66La5OgDi6jvDT61hx+IP0cUOeoYQw3camHOvMZcM6SHA
2mpYrj8BUga2vIWgWTdQwog0zKFxz5r/ICSSjZZikyO9BC5qdk+hLkZ7KJMtbYo7
liQ3XTx2cCRuOGn1qliYI+n4ugRY066LthnpMWLIQaH/Wxw1fs2rqyNkwlcgq7bp
Pfy6gXnb4aQZOKaFvtQugelutDZ52XqUVX0bUnQwJEUTx4JCyNA+b2oRYfePZFVu
mk2WGN/rJ18wJM+iRVK6Tt/luD3c2yBPof5kVscjHVz226w+s5Ss6Bv1jmu5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUUsPf+E+WZvVSKRncu4KBss/aXlMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyOTUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRuQMA0GCSqGSIb3DQEBCwUAA4IBAQCJuYFB
Cq0E5aPV3jwASOkuSukzWUtk0W2URupJX9whtUoiPYrcaIhQK1ese//BZjhekfww
8HCoM5E9PYM0gRhoMtFOi9gx795+o6INz+WFzqX9RG4iphW/o9f7usoRe8+OLlmn
W6Ka4q9ma9EjNrytO81hW89AfgzQXdf4gTr9xf6lv0OSiWD1kjxKEL/swu1D0Fe5
nUfoOY/9AeDTitjZmOPhyPioKKtiD8dLqEvV8PClGVSjlDx/KCfiNsKurqiP7Hew
bqIQUaudyvkm6aNeR5I/C1JbIE0DsXqhl5tG1jlmYBONhYYlEsL1hQBfhJ+49fjT
iBACXWFqthmBvsF5
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:10 2024 by rpki-client on console-ams.rpki-client.org