Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203145.roa
File: AS203145.roa (raw, json)
Hash identifier: DZHoSdEQjfAjMaNuynooERDIDg+VIFw/GpAvyjQYpDc=
Subject key identifier: C1:04:50:49:FB:EC:88:58:E7:05:81:C7:94:9B:50:FE:20:E3:DE:EC
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 127397F2DE4EF4DD4C38EB9E84BD08BA6356891C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203145.roa
Signing time: Tue 05 Nov 2024 03:40:03 +0000
ROA not before: Tue 05 Nov 2024 03:35:03 +0000
ROA not after: Tue 04 Nov 2025 03:40:03 +0000
asID: 203145
IP address blocks: 2a06:a005:a0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:73:97:f2:de:4e:f4:dd:4c:38:eb:9e:84:bd:08:ba:63:56:89:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:03 2024 GMT
Not After : Nov 4 03:40:03 2025 GMT
Subject: CN=C1045049FBEC8858E70581C7949B50FE20E3DEEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fd:e2:cf:e6:b5:37:43:35:2a:a7:f3:ca:2f:
09:fd:8d:7e:c5:3a:7d:61:9d:aa:6e:3d:d5:d2:83:
f6:e5:53:2e:80:db:f8:0c:1e:1f:cc:8b:ec:02:fc:
5b:2d:62:ca:f1:5b:b0:9d:03:f0:e7:fb:d1:67:70:
20:b9:d8:40:fc:37:9f:4d:11:51:3d:02:1a:7f:91:
94:00:6b:93:20:14:a4:b7:3d:c1:0d:6b:1e:30:93:
13:50:ce:3d:8d:0d:15:c3:d0:c2:a8:dc:0e:62:8b:
60:e1:08:db:39:49:61:a9:8d:9c:2f:eb:10:2c:71:
da:c8:fe:1f:d6:91:78:1d:07:6d:97:d5:c5:aa:9b:
a0:37:f7:89:fd:51:7d:77:a6:0c:53:fe:8c:1d:1c:
9f:d6:db:2b:d2:4e:69:c0:de:06:66:94:54:e7:c6:
18:b4:ea:a3:1f:55:d5:bc:6a:c2:7c:dc:18:df:b1:
41:70:84:bb:d2:74:0c:f5:4e:0d:df:47:1c:23:97:
c2:37:a6:1d:5a:93:79:ad:7f:41:ef:91:73:cb:d5:
db:27:63:d9:a6:17:e6:b3:23:db:38:4b:af:64:37:
49:59:93:9d:36:57:c3:25:45:10:68:16:b9:87:58:
a0:32:f7:0d:fc:8f:3d:db:b1:93:c0:7d:79:ac:9f:
28:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:04:50:49:FB:EC:88:58:E7:05:81:C7:94:9B:50:FE:20:E3:DE:EC
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203145.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a0f::/48
Signature Algorithm: sha256WithRSAEncryption
28:ae:70:f3:db:e3:97:89:e4:88:a1:2e:f0:28:ae:26:32:60:
a6:f8:89:d8:75:3a:17:4e:28:70:50:1c:8e:67:31:33:bd:3d:
69:45:4c:5d:e9:e4:e3:13:70:e5:86:d2:81:f1:80:c5:ba:27:
62:4c:56:c0:62:9a:9c:15:d7:53:32:ac:3e:fe:9b:b4:9d:09:
38:9f:7a:ea:60:44:23:73:ba:9f:f5:f4:81:2c:66:c8:51:8e:
c6:f5:c4:4c:29:cd:a7:4b:49:1f:44:23:4b:b7:5d:79:c7:0b:
1b:45:12:aa:13:6f:15:51:bd:f4:34:fb:81:b2:e4:3f:39:53:
6e:5d:42:fc:24:62:a9:18:c7:1e:88:e5:7b:62:8d:51:0d:12:
94:f5:cd:9f:a4:57:7b:40:75:21:65:4e:a4:07:bb:a9:79:38:
ef:8f:d4:fa:72:4b:cd:41:af:6c:7c:a9:f0:81:cb:4b:31:06:
66:dd:6d:e0:f2:2c:c7:e8:d5:d6:5d:22:5b:46:db:78:28:c9:
0d:93:91:73:d7:51:ab:59:c3:dd:09:86:eb:89:37:45:db:91:
b6:66:78:56:4c:ce:19:35:ac:5c:ba:5a:f5:7a:3a:7e:4e:44:
1c:50:f7:39:e9:54:79:cb:e8:10:db:4c:3f:ce:d5:f5:ea:51:
15:3a:b3:4a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEnOX8t5O9N1MOOuehL0IumNWiRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKEMxMDQ1MDQ5RkJFQzg4NThFNzA1ODFDNzk0OUI1MEZFMjBFM0RFRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN/eLP5rU3QzUqp/PKLwn9jX7F
On1hnapuPdXSg/blUy6A2/gMHh/Mi+wC/FstYsrxW7CdA/Dn+9FncCC52ED8N59N
EVE9Ahp/kZQAa5MgFKS3PcENax4wkxNQzj2NDRXD0MKo3A5ii2DhCNs5SWGpjZwv
6xAscdrI/h/WkXgdB22X1cWqm6A394n9UX13pgxT/owdHJ/W2yvSTmnA3gZmlFTn
xhi06qMfVdW8asJ83BjfsUFwhLvSdAz1Tg3fRxwjl8I3ph1ak3mtf0HvkXPL1dsn
Y9mmF+azI9s4S69kN0lZk502V8MlRRBoFrmHWKAy9w38jz3bsZPAfXmsnyjVAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUwQRQSfvsiFjnBYHHlJtQ/iDj3uwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzMTQ1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoPMA0GCSqGSIb3DQEBCwUAA4IBAQAornDz
2+OXieSIoS7wKK4mMmCm+InYdToXTihwUByOZzEzvT1pRUxd6eTjE3DlhtKB8YDF
uidiTFbAYpqcFddTMqw+/pu0nQk4n3rqYEQjc7qf9fSBLGbIUY7G9cRMKc2nS0kf
RCNLt115xwsbRRKqE28VUb30NPuBsuQ/OVNuXUL8JGKpGMceiOV7Yo1RDRKU9c2f
pFd7QHUhZU6kB7upeTjvj9T6ckvNQa9sfKnwgctLMQZm3W3g8izH6NXWXSJbRtt4
KMkNk5Fz11GrWcPdCYbriTdF25G2ZnhWTM4ZNaxculr1ejp+TkQcUPc56VR5y+gQ
20w/ztX16lEVOrNK
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:35 2024 by rpki-client on console-fra.rpki-client.org