Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204069.roa
File: AS204069.roa (raw, json)
Hash identifier: ll018zo3xzWAEMcXE2AsLo7pUmEOm8eHJiI2XAYnlKk=
Subject key identifier: 58:5C:82:30:C6:0D:6F:2C:10:CD:EE:EE:4C:40:AE:F5:E4:88:C9:43
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 2EFF62D293E704678671C37EC25BEBEAA917A4B5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204069.roa
Signing time: Tue 05 Nov 2024 03:40:07 +0000
ROA not before: Tue 05 Nov 2024 03:35:07 +0000
ROA not after: Tue 04 Nov 2025 03:40:07 +0000
asID: 204069
IP address blocks: 2a06:a005:a14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ff:62:d2:93:e7:04:67:86:71:c3:7e:c2:5b:eb:ea:a9:17:a4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:07 2024 GMT
Not After : Nov 4 03:40:07 2025 GMT
Subject: CN=585C8230C60D6F2C10CDEEEE4C40AEF5E488C943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:ed:c2:dc:b7:97:f8:8f:e7:19:1a:43:33:
f4:3e:a7:ec:dd:d3:91:a8:8e:e6:02:10:ba:04:1d:
71:b5:69:ba:83:d3:d8:d1:76:50:0f:53:14:04:ee:
b0:78:99:3e:74:cb:93:c1:78:79:a1:8b:d7:47:c0:
bf:ae:b2:d1:f1:95:62:ff:49:dc:2b:3a:dc:ec:e3:
02:a4:30:a9:c7:0f:16:6f:d1:4c:ac:d8:b0:7a:25:
6b:3d:30:e1:42:e9:66:76:bc:5e:9c:4c:f6:5f:2c:
51:55:62:6c:87:7d:59:2f:78:41:a4:c6:ee:7e:04:
9f:ed:9c:af:12:2f:ff:34:b3:b5:63:8f:bc:66:c8:
6c:df:73:34:57:d8:e9:e8:a4:bd:b9:f1:92:fe:d6:
1a:c2:39:49:99:06:6c:14:3c:d8:0e:be:7c:f5:f4:
68:29:68:3a:8f:a4:c5:c6:bb:49:77:30:d5:fa:0a:
ec:85:63:52:fd:b2:89:da:2b:d2:45:be:ab:d5:b7:
e3:fd:fd:06:f6:ed:14:2a:1b:fa:a6:70:2e:d1:67:
c6:37:80:58:05:0e:70:c0:68:fa:76:81:f0:db:f1:
e5:9e:39:6c:56:b1:d2:d3:28:11:7e:21:e1:04:1a:
bd:47:66:e2:1c:fb:0a:6f:81:82:80:df:e7:dc:f0:
7e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5C:82:30:C6:0D:6F:2C:10:CD:EE:EE:4C:40:AE:F5:E4:88:C9:43
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204069.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a14::/48
Signature Algorithm: sha256WithRSAEncryption
b3:d5:a7:5e:44:a2:1e:f8:0a:fe:ed:66:0c:07:e7:cd:f9:b8:
d2:7a:91:be:85:11:90:71:48:81:c0:bb:4b:4e:a9:3e:9f:53:
dd:0c:34:16:cd:23:c5:78:97:19:10:6e:c5:e4:4e:fa:1d:e5:
39:88:59:f5:25:2d:ac:cc:5e:42:36:eb:76:62:e6:e7:6a:87:
c4:bc:5f:b1:1a:5e:28:f8:7e:b5:0e:a7:cc:b4:13:eb:6d:6c:
8e:2a:ea:c7:38:35:45:0e:b2:82:da:a4:89:ba:3e:b1:b5:73:
d3:08:31:de:e7:4c:d2:5a:d0:94:2a:60:16:8e:48:08:2a:8c:
d6:d1:63:c1:b7:47:b4:e1:a9:50:be:21:b4:76:f8:a1:cb:6d:
d1:cd:9b:df:a5:dd:34:39:b1:8c:c2:71:6d:2f:22:fb:c2:c8:
39:96:8e:bf:b3:20:cf:73:8d:6d:04:bc:d8:87:dc:66:fd:5e:
ff:0c:cd:fb:4c:ff:68:ce:da:b1:5b:e3:15:ed:e6:7a:94:1a:
84:b2:dd:d5:55:e2:0d:86:f7:0a:4a:a2:33:60:dd:e6:58:be:
38:38:47:a2:8a:24:ac:31:ed:48:5b:55:c4:86:4b:75:bc:59:
3f:ed:4c:6b:9b:e0:15:3e:f1:14:1b:dd:ec:d6:f6:8f:bf:40:
e9:1f:e6:b9
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIULv9i0pPnBGeGccN+wlvr6qkXpLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDdaFw0yNTExMDQwMzQwMDdaMDMxMTAvBgNV
BAMTKDU4NUM4MjMwQzYwRDZGMkMxMENERUVFRTRDNDBBRUY1RTQ4OEM5NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwV+3C3LeX+I/nGRpDM/Q+p+zd
05GojuYCELoEHXG1abqD09jRdlAPUxQE7rB4mT50y5PBeHmhi9dHwL+ustHxlWL/
SdwrOtzs4wKkMKnHDxZv0Uys2LB6JWs9MOFC6WZ2vF6cTPZfLFFVYmyHfVkveEGk
xu5+BJ/tnK8SL/80s7Vjj7xmyGzfczRX2OnopL258ZL+1hrCOUmZBmwUPNgOvnz1
9GgpaDqPpMXGu0l3MNX6CuyFY1L9sonaK9JFvqvVt+P9/Qb27RQqG/qmcC7RZ8Y3
gFgFDnDAaPp2gfDb8eWeOWxWsdLTKBF+IeEEGr1HZuIc+wpvgYKA3+fc8H5fAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUWFyCMMYNbywQze7uTECu9eSIyUMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0MDY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoUMA0GCSqGSIb3DQEBCwUAA4IBAQCz1ade
RKIe+Ar+7WYMB+fN+bjSepG+hRGQcUiBwLtLTqk+n1PdDDQWzSPFeJcZEG7F5E76
HeU5iFn1JS2szF5CNut2YubnaofEvF+xGl4o+H61DqfMtBPrbWyOKurHODVFDrKC
2qSJuj6xtXPTCDHe50zSWtCUKmAWjkgIKozW0WPBt0e04alQviG0dvihy23RzZvf
pd00ObGMwnFtLyL7wsg5lo6/syDPc41tBLzYh9xm/V7/DM37TP9oztqxW+MV7eZ6
lBqEst3VVeINhvcKSqIzYN3mWL44OEeiiiSsMe1IW1XEhkt1vFk/7Uxrm+AVPvEU
G93s1vaPv0DpH+a5
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:10 2024 by rpki-client on console-ams.rpki-client.org