Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203145.roa
File: AS203145.roa (raw, json)
Hash identifier: k1UkOuV3SdIZy624uXD81nOGqI037zQz8LOKMamkbNo=
Subject key identifier: DD:A3:F7:87:00:15:40:D1:6A:5B:DE:17:4D:35:78:C7:44:CF:DA:63
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 69104587D7647FCA042E7CFA0CC999040662DA86
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203145.roa
Signing time: Tue 05 Dec 2023 02:44:17 +0000
ROA not before: Tue 05 Dec 2023 02:39:17 +0000
ROA not after: Tue 03 Dec 2024 02:44:17 +0000
asID: 203145
IP address blocks: 2a06:a005:a0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:10:45:87:d7:64:7f:ca:04:2e:7c:fa:0c:c9:99:04:06:62:da:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:17 2023 GMT
Not After : Dec 3 02:44:17 2024 GMT
Subject: CN=DDA3F787001540D16A5BDE174D3578C744CFDA63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ae:4d:6f:86:00:b6:f0:b3:58:7b:6b:45:fb:
73:ff:f4:db:4e:51:20:55:11:75:4b:a1:c5:b4:23:
58:c0:9c:e1:7d:0f:61:45:e1:d2:a1:a2:3a:4d:99:
32:48:d3:86:10:90:68:d9:3d:3b:fb:4b:89:95:06:
72:85:df:3b:29:e4:1c:f5:cc:ae:22:c3:af:3e:0c:
ad:f0:d0:ef:d6:2b:a6:bf:94:1a:03:75:c4:2e:ac:
68:c4:13:04:b4:be:8d:5b:a6:c7:85:21:2f:56:2b:
7e:eb:04:79:19:68:0d:ee:e2:2e:7b:33:52:4e:5c:
73:65:99:17:99:42:11:59:ec:79:75:4a:a8:05:12:
51:38:71:62:ea:c2:10:e6:4f:c0:bb:41:87:b5:57:
5f:e4:30:6d:d9:80:da:cf:77:e4:d6:81:46:e6:4e:
99:4d:b0:00:85:70:13:9d:66:0a:fa:b5:62:0b:cd:
55:51:4a:cf:d9:fa:5a:90:0e:9b:9d:bf:ff:68:e3:
61:c6:d9:e2:f8:a3:eb:53:db:d9:7c:be:45:19:90:
60:e5:97:f1:69:ae:c8:87:54:a8:d6:6a:e1:23:f8:
4e:42:6a:7e:ee:68:d0:c7:5e:38:6d:75:6b:32:7c:
48:26:c6:ff:d9:81:ec:c8:82:05:14:02:6a:1e:f4:
ac:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A3:F7:87:00:15:40:D1:6A:5B:DE:17:4D:35:78:C7:44:CF:DA:63
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203145.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a0f::/48
Signature Algorithm: sha256WithRSAEncryption
72:2a:44:69:f5:d6:c9:36:8c:99:1f:62:6b:58:35:36:bc:b0:
52:3e:8e:f1:45:a9:91:a3:88:39:fe:3e:10:6f:12:4c:ca:c2:
d5:8b:63:8a:7e:54:fd:74:e8:d4:69:9c:f6:4d:3b:0c:fb:5d:
cf:da:a9:04:1c:a3:ce:84:82:c3:7b:d6:97:01:81:d2:d0:e8:
9e:a2:f0:39:0b:9f:44:a4:64:82:e3:04:b2:db:1e:b3:5f:02:
d2:de:5b:49:a5:e4:fd:56:77:bc:19:c5:c7:02:a8:dd:3f:98:
80:c8:47:62:0e:86:e1:6b:16:9c:e8:c7:3d:be:7a:0c:8e:01:
e2:79:d3:60:82:46:0b:c3:31:8a:05:f5:3e:11:14:e5:9a:33:
5d:c9:75:9f:df:9b:d5:aa:16:6f:a3:ff:2b:26:b4:43:73:4d:
f2:56:0e:c7:cb:45:5c:a0:6d:40:b7:89:55:bc:ce:71:f6:da:
3a:20:6d:8d:e5:7c:66:9e:27:0a:33:6b:79:fc:a1:93:c4:f4:
ff:fe:e8:c0:75:52:fb:51:cb:86:3e:0b:77:b1:98:78:cc:e2:
1f:4c:62:9e:af:d7:fe:2f:be:25:58:c4:6b:e6:01:9f:05:b4:
30:f6:53:9a:a9:c2:1c:2d:e6:dd:f4:c0:6d:d6:93:3b:81:bb:
08:9a:17:21
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUaRBFh9dkf8oELnz6DMmZBAZi2oYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTdaFw0yNDEyMDMwMjQ0MTdaMDMxMTAvBgNV
BAMTKEREQTNGNzg3MDAxNTQwRDE2QTVCREUxNzREMzU3OEM3NDRDRkRBNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4rk1vhgC28LNYe2tF+3P/9NtO
USBVEXVLocW0I1jAnOF9D2FF4dKhojpNmTJI04YQkGjZPTv7S4mVBnKF3zsp5Bz1
zK4iw68+DK3w0O/WK6a/lBoDdcQurGjEEwS0vo1bpseFIS9WK37rBHkZaA3u4i57
M1JOXHNlmReZQhFZ7Hl1SqgFElE4cWLqwhDmT8C7QYe1V1/kMG3ZgNrPd+TWgUbm
TplNsACFcBOdZgr6tWILzVVRSs/Z+lqQDpudv/9o42HG2eL4o+tT29l8vkUZkGDl
l/FprsiHVKjWauEj+E5Can7uaNDHXjhtdWsyfEgmxv/ZgezIggUUAmoe9KwjAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU3aP3hwAVQNFqW94XTTV4x0TP2mMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzMTQ1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoPMA0GCSqGSIb3DQEBCwUAA4IBAQByKkRp
9dbJNoyZH2JrWDU2vLBSPo7xRamRo4g5/j4QbxJMysLVi2OKflT9dOjUaZz2TTsM
+13P2qkEHKPOhILDe9aXAYHS0OieovA5C59EpGSC4wSy2x6zXwLS3ltJpeT9Vne8
GcXHAqjdP5iAyEdiDobhaxac6Mc9vnoMjgHiedNggkYLwzGKBfU+ERTlmjNdyXWf
35vVqhZvo/8rJrRDc03yVg7Hy0VcoG1At4lVvM5x9to6IG2N5XxmnicKM2t5/KGT
xPT//ujAdVL7UcuGPgt3sZh4zOIfTGKer9f+L74lWMRr5gGfBbQw9lOaqcIcLebd
9MBt1pM7gbsImhch
-----END CERTIFICATE-----
Generated at Sat May 4 12:12:18 2024 by rpki-client on console-ams.rpki-client.org