Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203852.roa
File: AS203852.roa (raw, json)
Hash identifier: 2f6jth2YhYYKHXjrBKNhwwG0Qmptl2Nf/Xcct+dhj7Q=
Subject key identifier: D0:68:59:8E:04:10:2C:66:9A:93:59:B0:74:AD:FF:05:92:37:CE:79
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 42F0D7535BB2EAE75F55809FBAF5270533CE6F2B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203852.roa
Signing time: Mon 25 Dec 2023 03:44:21 +0000
ROA not before: Mon 25 Dec 2023 03:39:21 +0000
ROA not after: Mon 23 Dec 2024 03:44:21 +0000
asID: 203852
IP address blocks: 2a06:a005:1910::/44 maxlen: 48
2a06:a005:21a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:f0:d7:53:5b:b2:ea:e7:5f:55:80:9f:ba:f5:27:05:33:ce:6f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 25 03:39:21 2023 GMT
Not After : Dec 23 03:44:21 2024 GMT
Subject: CN=D068598E04102C669A9359B074ADFF059237CE79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:96:f6:dc:f3:de:be:d7:79:fd:6d:d9:f1:e1:
a7:f2:e5:02:51:4a:ec:ec:36:2e:24:07:49:3e:ca:
af:10:c5:39:fc:9f:e9:40:1d:39:4a:69:1e:f9:04:
98:9f:34:20:a4:3c:a5:d7:0b:79:fe:9e:cc:96:7b:
c4:1b:0e:57:78:3b:dd:9c:15:13:fb:83:97:fd:58:
8e:de:41:84:f2:37:4c:97:71:2d:0b:42:c5:65:0b:
76:85:45:33:94:c6:33:c4:de:94:d5:a1:3f:d0:41:
26:a0:df:17:e3:95:04:6a:3f:fe:71:eb:fb:b4:97:
30:f2:21:1b:e9:ea:7b:fa:b3:2b:69:8b:f1:56:ff:
fb:26:d3:75:c0:ac:d6:71:9f:2b:5c:03:2a:48:0d:
92:9e:4a:7a:cd:0d:78:ac:74:d6:78:6f:54:d7:e5:
c2:1d:87:26:bd:b9:da:da:09:2c:3f:c2:82:5e:48:
90:31:dd:5d:36:2f:ae:7c:0a:83:74:f7:56:3b:12:
34:1d:1e:14:0d:a7:09:26:75:7a:2e:37:fb:f3:ed:
f4:2f:68:bc:ad:09:8a:34:25:4a:ce:46:97:77:ea:
3e:23:72:4e:d5:82:5a:72:02:91:03:4b:95:73:8c:
43:c3:66:f7:ba:64:e2:69:74:ac:a4:6c:76:e9:87:
15:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:68:59:8E:04:10:2C:66:9A:93:59:B0:74:AD:FF:05:92:37:CE:79
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203852.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1910::/44
2a06:a005:21a0::/44
Signature Algorithm: sha256WithRSAEncryption
44:57:f5:2f:be:0c:05:1a:46:2c:21:e0:5f:8f:5e:37:7e:73:
f7:e6:df:df:9a:0d:06:c1:79:38:57:13:4c:ea:e4:a6:59:48:
0b:b9:b0:cb:75:83:b3:9d:6a:63:e4:61:cf:e1:54:65:e2:d3:
1e:4a:dd:08:ed:fb:6d:37:0a:9b:07:8c:c7:38:96:eb:54:bb:
98:4f:ac:48:43:9e:76:a6:fc:cd:f2:92:1d:d3:a9:05:71:73:
69:10:3c:ad:1c:29:b3:62:85:8d:c9:79:fb:6d:5d:b5:0b:e7:
bf:c3:57:97:f1:c2:2a:fd:0f:77:c5:64:a0:2f:90:83:51:13:
29:0c:76:c2:18:93:c0:c7:1b:5c:2f:bc:ec:66:dd:cb:18:41:
41:a5:4d:e3:d7:2e:58:e7:82:ac:c1:44:81:41:13:60:6f:e9:
02:7f:8c:40:c1:92:53:02:b5:d7:f8:1c:80:c0:2b:b3:7e:8f:
a2:7f:19:c7:98:05:7a:50:06:0e:3f:d0:3c:6c:83:56:f9:9e:
22:8d:5b:ad:a7:4f:35:f0:d1:32:53:6a:49:8d:87:a7:4d:ae:
62:f5:11:53:58:8a:f3:de:95:24:c5:52:6e:06:a7:10:63:bf:
b3:e9:35:79:83:57:24:0a:e6:ac:c9:38:9e:01:68:21:5e:13:
89:ab:f9:5c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUQvDXU1uy6udfVYCfuvUnBTPObyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMjUwMzM5MjFaFw0yNDEyMjMwMzQ0MjFaMDMxMTAvBgNV
BAMTKEQwNjg1OThFMDQxMDJDNjY5QTkzNTlCMDc0QURGRjA1OTIzN0NFNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzlvbc896+13n9bdnx4afy5QJR
SuzsNi4kB0k+yq8QxTn8n+lAHTlKaR75BJifNCCkPKXXC3n+nsyWe8QbDld4O92c
FRP7g5f9WI7eQYTyN0yXcS0LQsVlC3aFRTOUxjPE3pTVoT/QQSag3xfjlQRqP/5x
6/u0lzDyIRvp6nv6sytpi/FW//sm03XArNZxnytcAypIDZKeSnrNDXisdNZ4b1TX
5cIdhya9udraCSw/woJeSJAx3V02L658CoN091Y7EjQdHhQNpwkmdXouN/vz7fQv
aLytCYo0JUrORpd36j4jck7VglpyApEDS5VzjEPDZve6ZOJpdKykbHbphxWTAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU0GhZjgQQLGaak1mwdK3/BZI3znkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzODUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBRkQAwcEKgagBSGgMA0GCSqGSIb3DQEBCwUA
A4IBAQBEV/UvvgwFGkYsIeBfj143fnP35t/fmg0GwXk4VxNM6uSmWUgLubDLdYOz
nWpj5GHP4VRl4tMeSt0I7fttNwqbB4zHOJbrVLuYT6xIQ552pvzN8pId06kFcXNp
EDytHCmzYoWNyXn7bV21C+e/w1eX8cIq/Q93xWSgL5CDURMpDHbCGJPAxxtcL7zs
Zt3LGEFBpU3j1y5Y54KswUSBQRNgb+kCf4xAwZJTArXX+ByAwCuzfo+ifxnHmAV6
UAYOP9A8bINW+Z4ijVutp0818NEyU2pJjYenTa5i9RFTWIrz3pUkxVJuBqcQY7+z
6TV5g1ckCuasyTieAWghXhOJq/lc
-----END CERTIFICATE-----
Generated at Fri May 3 20:32:56 2024 by rpki-client on console-fra.rpki-client.org