Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203458.roa
File: AS203458.roa (raw, json)
Hash identifier: /oHQHcejDXXxzb/vQzg/DyBJgKftmu8RFIGfKUtbNFk=
Subject key identifier: 04:67:C4:19:CC:CF:9F:24:C9:67:44:85:20:45:DD:29:A0:3F:16:8E
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0836A846575974D7C86E8D4858B13F1AC0094495
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203458.roa
Signing time: Tue 05 Dec 2023 02:44:14 +0000
ROA not before: Tue 05 Dec 2023 02:39:14 +0000
ROA not after: Tue 03 Dec 2024 02:44:14 +0000
asID: 203458
IP address blocks: 2a06:a005:1871::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:36:a8:46:57:59:74:d7:c8:6e:8d:48:58:b1:3f:1a:c0:09:44:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:14 2023 GMT
Not After : Dec 3 02:44:14 2024 GMT
Subject: CN=0467C419CCCF9F24C96744852045DD29A03F168E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b3:eb:0e:9d:c3:19:81:be:43:3f:82:87:67:
5b:c6:0e:40:88:aa:ba:b3:e9:ce:32:cb:98:3f:d4:
98:29:c7:92:c2:20:1a:2b:89:63:0b:aa:6f:46:ef:
36:73:ca:2f:82:60:0d:47:d8:ab:ec:6f:8e:b0:32:
e1:61:40:11:7f:f8:90:d0:3d:7b:c0:10:31:9d:5e:
64:97:22:50:75:d2:3e:f8:a7:a8:01:cb:0a:0f:d9:
9d:ca:c0:41:13:1f:28:b1:af:1b:a2:6c:c7:dc:92:
fe:8e:dd:a5:36:1f:6b:00:91:1a:b7:42:e9:10:4b:
8c:fd:50:b0:1b:f6:41:c1:03:e7:61:e6:db:85:e0:
3f:12:e4:23:2c:aa:47:63:09:78:1c:af:6b:85:34:
92:3e:ff:61:77:6e:ea:15:2d:1c:cc:96:87:a7:29:
ef:34:c7:27:a7:22:51:0e:32:14:1c:ac:02:56:c9:
6b:54:bf:ca:14:60:af:a4:1a:d8:49:fd:f2:00:c4:
46:12:6e:4a:f0:99:eb:a1:c9:68:65:3a:a9:60:22:
77:ba:86:87:75:ed:e6:fe:df:11:a0:53:af:87:cc:
f4:94:2c:42:de:0f:e4:da:46:cc:4a:42:2c:d5:cc:
b4:75:2f:b1:2c:d8:b2:fd:85:a4:ad:5d:09:d0:b3:
56:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:67:C4:19:CC:CF:9F:24:C9:67:44:85:20:45:DD:29:A0:3F:16:8E
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203458.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1871::/48
Signature Algorithm: sha256WithRSAEncryption
d0:61:c6:e4:39:e3:ce:fd:b2:62:7b:18:80:cc:33:8a:bb:47:
95:28:12:5c:7d:ca:04:80:6d:41:26:4f:97:c3:81:76:e8:fc:
fd:da:6f:4f:ac:c5:d5:e4:0a:89:5e:4a:f3:7e:34:6b:55:02:
df:1a:99:7d:d6:03:f8:d1:23:87:ab:d1:d8:72:45:98:3e:1d:
63:d6:a0:b7:90:2f:d8:ea:e7:ef:f9:c6:6c:08:66:60:95:f3:
21:a2:6c:d0:f7:4d:5f:d9:62:66:96:9c:fa:de:81:00:91:cb:
09:3c:8a:04:1c:03:37:d9:a2:7b:38:a8:46:05:66:00:06:48:
99:df:c8:1b:4d:dc:40:da:10:bf:65:35:5a:7b:38:64:ef:d3:
07:fb:d5:9d:64:14:92:79:95:e5:3c:e6:af:d2:8b:dc:43:57:
da:57:c0:be:1f:8b:05:c4:04:51:2f:e9:fe:ce:eb:7d:3a:6b:
15:f0:91:34:a8:68:f3:2d:91:88:f8:97:d0:0e:82:20:99:51:
54:a4:c4:83:af:32:7c:61:ee:fb:c2:26:20:c0:e0:69:1d:57:
99:88:25:10:87:8e:16:85:73:f4:cf:d9:4a:e3:97:29:fe:65:
64:98:94:87:5e:17:56:76:5d:63:f2:e5:ea:3a:4a:c5:c7:63:
c1:1b:cd:c7
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUCDaoRldZdNfIbo1IWLE/GsAJRJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTRaFw0yNDEyMDMwMjQ0MTRaMDMxMTAvBgNV
BAMTKDA0NjdDNDE5Q0NDRjlGMjRDOTY3NDQ4NTIwNDVERDI5QTAzRjE2OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUs+sOncMZgb5DP4KHZ1vGDkCI
qrqz6c4yy5g/1Jgpx5LCIBoriWMLqm9G7zZzyi+CYA1H2Kvsb46wMuFhQBF/+JDQ
PXvAEDGdXmSXIlB10j74p6gBywoP2Z3KwEETHyixrxuibMfckv6O3aU2H2sAkRq3
QukQS4z9ULAb9kHBA+dh5tuF4D8S5CMsqkdjCXgcr2uFNJI+/2F3buoVLRzMloen
Ke80xyenIlEOMhQcrAJWyWtUv8oUYK+kGthJ/fIAxEYSbkrwmeuhyWhlOqlgIne6
hod17eb+3xGgU6+HzPSULELeD+TaRsxKQizVzLR1L7Es2LL9haStXQnQs1YBAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUBGfEGczPnyTJZ0SFIEXdKaA/Fo4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzNDU4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRhxMA0GCSqGSIb3DQEBCwUAA4IBAQDQYcbk
OePO/bJiexiAzDOKu0eVKBJcfcoEgG1BJk+Xw4F26Pz92m9PrMXV5AqJXkrzfjRr
VQLfGpl91gP40SOHq9HYckWYPh1j1qC3kC/Y6ufv+cZsCGZglfMhomzQ901f2WJm
lpz63oEAkcsJPIoEHAM32aJ7OKhGBWYABkiZ38gbTdxA2hC/ZTVaezhk79MH+9Wd
ZBSSeZXlPOav0ovcQ1faV8C+H4sFxARRL+n+zut9OmsV8JE0qGjzLZGI+JfQDoIg
mVFUpMSDrzJ8Ye77wiYgwOBpHVeZiCUQh44WhXP0z9lK45cp/mVkmJSHXhdWdl1j
8uXqOkrFx2PBG83H
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:12 2024 by rpki-client on console-fra.rpki-client.org