Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204474.roa
File: AS204474.roa (raw, json)
Hash identifier: 2Oe/7ay22dx5k+5lDjkD1tbC9vOC4T9n7udv5W5axbg=
Subject key identifier: 3A:F6:43:AC:5B:72:11:FB:97:7E:F9:73:2B:E8:03:5B:F4:A1:A6:F7
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3CE46E5FB0E23AE6D5F52B6EDD4D796026F8130F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204474.roa
Signing time: Tue 05 Dec 2023 02:44:17 +0000
ROA not before: Tue 05 Dec 2023 02:39:17 +0000
ROA not after: Tue 03 Dec 2024 02:44:17 +0000
asID: 204474
IP address blocks: 2a06:a005:1cf0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e4:6e:5f:b0:e2:3a:e6:d5:f5:2b:6e:dd:4d:79:60:26:f8:13:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:17 2023 GMT
Not After : Dec 3 02:44:17 2024 GMT
Subject: CN=3AF643AC5B7211FB977EF9732BE8035BF4A1A6F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:15:cc:b7:f0:0e:51:82:a6:ec:4b:96:dc:ee:
f1:6f:c0:e6:06:cc:48:66:0d:c3:96:5a:94:9d:86:
62:56:2a:13:39:2e:61:99:ea:22:bf:9d:00:7f:50:
52:6e:aa:93:e3:1a:10:58:5f:51:cc:2e:1f:e8:be:
2f:50:04:f9:bc:76:c0:0b:7e:d2:86:84:db:d5:e8:
cc:c7:52:75:4e:63:92:68:87:8f:d4:13:19:58:21:
77:2b:94:e5:a9:cd:08:dd:33:6f:ea:89:c5:98:cf:
55:39:54:bb:49:04:86:67:91:43:53:4c:ee:dd:2a:
21:c0:cb:7b:dd:7e:b4:ab:a9:c6:ee:c7:7e:a5:09:
8c:a6:03:45:d5:da:73:e3:ba:af:1a:d4:b0:54:3e:
c7:d6:cb:c3:bf:24:4f:8a:1d:f1:ef:70:76:b5:29:
8b:1a:07:14:f4:9f:9a:d0:63:53:20:3f:a7:d4:df:
ef:e3:f8:a2:f5:99:05:56:d0:61:0c:d0:85:1b:26:
1c:fd:b7:88:24:16:44:8b:f3:fc:c0:67:e2:68:ec:
cb:79:78:86:7c:a3:6d:85:db:63:22:ec:dd:36:e8:
79:a7:17:e0:49:a0:e0:0d:9d:d2:02:96:12:d2:88:
bb:6a:c1:fb:8c:e9:63:66:b5:5c:48:8c:3b:d0:81:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F6:43:AC:5B:72:11:FB:97:7E:F9:73:2B:E8:03:5B:F4:A1:A6:F7
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204474.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1cf0::/44
Signature Algorithm: sha256WithRSAEncryption
4c:15:64:e3:09:5d:77:de:5a:71:58:13:99:1f:79:0e:4c:fe:
b2:a7:cc:e9:82:51:64:e9:88:1a:fc:f4:f7:c9:ce:48:1e:65:
49:32:02:99:2e:4e:34:9d:1a:e0:d3:18:38:96:3d:94:3c:49:
6d:ba:db:48:61:6c:46:5e:d3:83:ca:07:fb:d4:43:ca:4a:6a:
ab:05:af:3e:0b:67:84:7d:95:c8:0a:bf:1a:a6:ab:6f:99:14:
d8:f0:e3:19:97:c3:d7:09:26:0d:8b:2e:8d:8c:e0:7e:97:32:
f5:80:e6:7b:94:14:fb:7c:d3:55:63:ba:32:e7:e9:d7:dc:55:
a3:17:fb:bc:e8:0f:01:b7:7a:24:ac:25:b8:bf:43:b3:3f:d1:
a1:aa:15:84:2b:7c:53:93:8c:37:e1:be:e9:c0:89:fc:7f:f5:
4c:84:5e:be:69:1c:e8:fc:a3:b9:7b:c5:0e:88:ed:06:52:63:
4d:c9:8b:e4:97:b8:ed:8d:87:b0:76:e0:60:21:58:0a:ba:36:
a9:e5:47:7f:fe:96:ae:6f:aa:85:dc:71:1c:ec:f2:2c:51:91:
83:39:e3:03:80:48:fa:fa:17:02:a0:51:2f:e9:27:87:c3:2b:
3e:df:fb:5e:17:3b:81:5f:ab:a5:75:5c:4f:d0:4e:6c:d0:ea:
97:b5:3d:74
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUPORuX7DiOubV9Stu3U15YCb4Ew8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTdaFw0yNDEyMDMwMjQ0MTdaMDMxMTAvBgNV
BAMTKDNBRjY0M0FDNUI3MjExRkI5NzdFRjk3MzJCRTgwMzVCRjRBMUE2RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Fcy38A5RgqbsS5bc7vFvwOYG
zEhmDcOWWpSdhmJWKhM5LmGZ6iK/nQB/UFJuqpPjGhBYX1HMLh/ovi9QBPm8dsAL
ftKGhNvV6MzHUnVOY5Joh4/UExlYIXcrlOWpzQjdM2/qicWYz1U5VLtJBIZnkUNT
TO7dKiHAy3vdfrSrqcbux36lCYymA0XV2nPjuq8a1LBUPsfWy8O/JE+KHfHvcHa1
KYsaBxT0n5rQY1MgP6fU3+/j+KL1mQVW0GEM0IUbJhz9t4gkFkSL8/zAZ+Jo7Mt5
eIZ8o22F22Mi7N026HmnF+BJoOANndIClhLSiLtqwfuM6WNmtVxIjDvQgVIDAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUOvZDrFtyEfuXfvlzK+gDW/ShpvcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0NDc0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRzwMA0GCSqGSIb3DQEBCwUAA4IBAQBMFWTj
CV133lpxWBOZH3kOTP6yp8zpglFk6Yga/PT3yc5IHmVJMgKZLk40nRrg0xg4lj2U
PEltuttIYWxGXtODygf71EPKSmqrBa8+C2eEfZXICr8apqtvmRTY8OMZl8PXCSYN
iy6NjOB+lzL1gOZ7lBT7fNNVY7oy5+nX3FWjF/u86A8Bt3okrCW4v0OzP9GhqhWE
K3xTk4w34b7pwIn8f/VMhF6+aRzo/KO5e8UOiO0GUmNNyYvkl7jtjYewduBgIVgK
ujap5Ud//paub6qF3HEc7PIsUZGDOeMDgEj6+hcCoFEv6SeHwys+3/teFzuBX6ul
dVxP0E5s0OqXtT10
-----END CERTIFICATE-----
Generated at Fri May 3 20:32:56 2024 by rpki-client on console-fra.rpki-client.org