Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203323.roa
File: AS203323.roa (raw, json)
Hash identifier: 6bRq/TVFRI1xIxj1s0EpXtIZgRwMfZ6KWMmcGpmAQ8s=
Subject key identifier: D7:00:FC:B4:52:07:02:2E:6C:1F:32:31:54:18:3C:7A:50:8D:FD:88
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 1FC380C0D0A2D4DF71FA025E050096BEC6694AF2
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203323.roa
Signing time: Tue 05 Nov 2024 03:40:08 +0000
ROA not before: Tue 05 Nov 2024 03:35:08 +0000
ROA not after: Tue 04 Nov 2025 03:40:08 +0000
asID: 203323
IP address blocks: 2a06:a005:21c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:c3:80:c0:d0:a2:d4:df:71:fa:02:5e:05:00:96:be:c6:69:4a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:08 2024 GMT
Not After : Nov 4 03:40:08 2025 GMT
Subject: CN=D700FCB45207022E6C1F323154183C7A508DFD88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ed:b3:af:70:a4:a2:37:bb:13:83:ac:d6:01:
7d:5b:2c:b0:6c:6a:40:06:5b:b2:eb:fe:74:d3:a3:
7d:44:69:24:44:c5:be:ca:75:96:f8:b5:bf:a8:9d:
bb:44:6a:47:2a:7b:b2:04:21:cf:40:c9:74:b3:f8:
d5:e4:6e:e8:55:d5:66:20:31:b7:c7:55:da:1b:dc:
d0:f3:29:48:0f:59:c6:ac:df:16:15:80:fd:c9:18:
c0:b0:91:6e:29:a1:28:96:3b:b8:ce:ce:22:e2:e5:
3c:a0:a2:51:f4:d6:22:a2:a3:c2:6b:4c:f7:df:ff:
39:fb:33:67:51:72:34:57:31:e3:df:0a:d3:70:c1:
57:e0:dd:65:a2:50:79:85:eb:62:20:94:6e:a7:dd:
ec:5f:f4:c8:07:9d:43:54:94:86:5a:15:d5:25:0f:
0c:85:16:dd:49:93:f8:04:e5:b2:15:23:de:3d:ea:
7a:16:8a:3d:36:45:bc:23:18:27:73:96:a0:b6:95:
9b:9f:5c:ec:64:fb:52:d7:7a:7b:3f:5d:f8:de:19:
d5:25:7d:e0:d1:23:ac:87:c4:21:ae:41:d6:e5:67:
7d:3b:d5:e0:31:9f:c7:c1:87:91:1c:97:db:fe:e5:
d4:a7:b1:84:32:23:57:36:4f:a7:96:89:18:b5:27:
fa:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:00:FC:B4:52:07:02:2E:6C:1F:32:31:54:18:3C:7A:50:8D:FD:88
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203323.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:21c0::/44
Signature Algorithm: sha256WithRSAEncryption
51:77:b9:c7:b9:91:f8:c0:05:44:da:c7:c2:d5:cf:04:f2:47:
24:77:ff:10:f8:39:65:8b:32:fd:b3:30:4a:ce:b4:d1:37:48:
8e:95:3f:34:07:f7:fc:84:08:ae:2f:45:42:89:38:f7:e4:b4:
e5:2f:fe:f1:6a:50:30:c5:19:f9:df:96:2e:59:ea:6d:eb:3c:
b6:2b:e0:13:ec:dd:ac:8f:48:6a:aa:46:7c:6f:7a:2b:bb:28:
29:ff:fd:45:84:c8:15:eb:0d:34:90:85:b6:9c:7c:13:a2:76:
ec:08:9b:6c:76:42:b1:5d:d3:75:03:c0:bc:bb:74:0d:b9:b6:
de:22:44:94:43:65:e2:29:2c:45:91:df:d1:d7:75:bc:78:6f:
f8:d1:24:37:d8:6f:21:33:32:8c:12:9b:6e:90:95:bf:cb:a3:
ba:5c:96:0e:75:a7:52:9f:6d:5d:f3:5b:87:f2:ef:17:f3:53:
b8:8e:85:34:7a:b9:93:d1:e3:3c:6a:71:8f:5d:4e:82:c9:24:
e1:98:9c:96:26:d4:b8:d6:8f:0c:41:40:cd:9d:f1:48:4e:e8:
86:49:d1:0a:5b:f7:4d:f0:d1:1c:db:78:c6:f1:23:2b:e4:2b:
e2:36:02:5d:75:e5:16:16:69:f6:d4:2a:af:73:d0:42:fc:60:
ba:56:59:4e
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUH8OAwNCi1N9x+gJeBQCWvsZpSvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDhaFw0yNTExMDQwMzQwMDhaMDMxMTAvBgNV
BAMTKEQ3MDBGQ0I0NTIwNzAyMkU2QzFGMzIzMTU0MTgzQzdBNTA4REZEODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC27bOvcKSiN7sTg6zWAX1bLLBs
akAGW7Lr/nTTo31EaSRExb7KdZb4tb+onbtEakcqe7IEIc9AyXSz+NXkbuhV1WYg
MbfHVdob3NDzKUgPWcas3xYVgP3JGMCwkW4poSiWO7jOziLi5TygolH01iKio8Jr
TPff/zn7M2dRcjRXMePfCtNwwVfg3WWiUHmF62IglG6n3exf9MgHnUNUlIZaFdUl
DwyFFt1Jk/gE5bIVI9496noWij02RbwjGCdzlqC2lZufXOxk+1LXens/XfjeGdUl
feDRI6yHxCGuQdblZ3071eAxn8fBh5Ecl9v+5dSnsYQyI1c2T6eWiRi1J/prAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU1wD8tFIHAi5sHzIxVBg8elCN/YgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzMzIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSHAMA0GCSqGSIb3DQEBCwUAA4IBAQBRd7nH
uZH4wAVE2sfC1c8E8kckd/8Q+DllizL9szBKzrTRN0iOlT80B/f8hAiuL0VCiTj3
5LTlL/7xalAwxRn535YuWept6zy2K+AT7N2sj0hqqkZ8b3oruygp//1FhMgV6w00
kIW2nHwTonbsCJtsdkKxXdN1A8C8u3QNubbeIkSUQ2XiKSxFkd/R13W8eG/40SQ3
2G8hMzKMEptukJW/y6O6XJYOdadSn21d81uH8u8X81O4joU0ermT0eM8anGPXU6C
ySThmJyWJtS41o8MQUDNnfFITuiGSdEKW/dN8NEc23jG8SMr5CviNgJddeUWFmn2
1Cqvc9BC/GC6VllO
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:04:23 2024 by rpki-client on console-fra.rpki-client.org