Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204518.roa
File: AS204518.roa (raw, json)
Hash identifier: cHSE/8HMiIMKocRVhgYw29enqRb3jzTyO3t8Vhl5Q2s=
Subject key identifier: 3C:22:E1:18:77:CC:DF:32:E6:B8:8C:79:8D:B4:B8:FA:1C:29:1F:48
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 6E9B16D9FDCE62140E7E8457374F070FAB50265B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204518.roa
Signing time: Tue 05 Nov 2024 03:40:01 +0000
ROA not before: Tue 05 Nov 2024 03:35:01 +0000
ROA not after: Tue 04 Nov 2025 03:40:01 +0000
asID: 204518
IP address blocks: 2a06:a005:d90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:9b:16:d9:fd:ce:62:14:0e:7e:84:57:37:4f:07:0f:ab:50:26:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:01 2024 GMT
Not After : Nov 4 03:40:01 2025 GMT
Subject: CN=3C22E11877CCDF32E6B88C798DB4B8FA1C291F48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1d:48:9d:b3:7d:71:2c:90:5a:2b:c5:98:3e:
3b:fd:60:79:c0:81:e9:50:43:6e:af:9c:c1:43:ae:
ac:93:39:aa:98:d6:b4:8c:1f:bd:6f:07:71:75:39:
a6:1a:5d:4a:1f:de:e6:b5:f5:a4:2f:bc:e1:d0:e8:
f6:5f:75:53:6c:ab:f9:ad:d7:c9:1b:80:5b:6c:39:
a3:57:0f:4f:ec:93:fd:8e:d4:3d:75:a1:29:22:19:
54:58:98:18:74:b7:d4:81:0a:00:34:14:82:e4:5f:
58:00:02:df:ec:85:dc:cd:22:8f:46:85:bd:3b:23:
57:6d:dd:8c:4c:eb:f4:05:24:b3:3f:97:f7:d5:fd:
f7:b1:1a:12:89:79:f1:0d:b9:39:a5:6b:dd:e7:17:
37:9d:14:a3:2f:fa:e4:5f:2c:46:5c:15:35:a7:75:
53:e0:47:b6:95:a7:43:c4:52:52:45:cd:ca:47:98:
89:4a:50:57:c5:5a:4f:13:27:bd:49:6d:29:f2:3d:
36:80:b1:48:b0:16:2f:db:0e:b6:d7:29:fd:a1:e1:
94:df:38:48:01:d8:29:72:90:17:29:3b:22:72:46:
78:b5:32:40:c9:6b:11:b4:18:f5:0a:14:ff:df:ce:
5d:2e:72:45:0b:c6:01:6c:6f:09:bd:97:3f:dc:3a:
e8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:22:E1:18:77:CC:DF:32:E6:B8:8C:79:8D:B4:B8:FA:1C:29:1F:48
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204518.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d90::/44
Signature Algorithm: sha256WithRSAEncryption
b6:46:60:4a:2c:6b:80:4d:79:e5:4e:8e:23:00:30:e8:6f:91:
3f:ff:48:18:23:64:d3:31:9a:61:74:71:b5:9a:25:56:37:e6:
7b:b8:13:88:d1:0b:5d:f7:73:30:3a:60:0a:75:fc:6c:eb:d9:
65:d3:45:37:35:39:76:b1:f7:99:c2:6f:1a:dc:fb:81:cc:7f:
4a:80:d6:a3:c6:f4:ee:51:1e:8e:b0:0f:d9:84:8a:72:98:b9:
6e:f4:47:63:c8:51:aa:12:d1:a0:7a:f5:fd:8a:46:91:30:fc:
b6:fd:98:25:da:01:fd:26:fe:18:0e:d7:7a:4a:19:2c:c5:99:
bf:7b:dd:10:78:e2:d4:a2:55:6b:2b:11:88:20:44:0b:e6:bc:
e5:94:4b:e2:81:60:77:46:ea:d9:7e:3b:2b:27:ee:b0:39:0c:
a2:d5:c9:7c:db:16:1e:00:f9:76:f1:ea:09:d6:ea:f7:c6:d8:
26:97:e5:74:1e:81:3e:11:85:14:35:a7:48:31:26:d4:db:ce:
19:4f:7d:72:52:4c:79:d8:26:90:fe:bd:48:11:24:5c:19:53:
cf:1f:37:93:6a:3f:4f:29:9c:15:b4:d0:67:a5:59:c7:4c:26:
d1:f2:44:ea:c7:44:03:15:73:84:84:cf:72:0d:fa:53:77:f9:
32:59:eb:65
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbpsW2f3OYhQOfoRXN08HD6tQJlswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDFaFw0yNTExMDQwMzQwMDFaMDMxMTAvBgNV
BAMTKDNDMjJFMTE4NzdDQ0RGMzJFNkI4OEM3OThEQjRCOEZBMUMyOTFGNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChHUids31xLJBaK8WYPjv9YHnA
gelQQ26vnMFDrqyTOaqY1rSMH71vB3F1OaYaXUof3ua19aQvvOHQ6PZfdVNsq/mt
18kbgFtsOaNXD0/sk/2O1D11oSkiGVRYmBh0t9SBCgA0FILkX1gAAt/shdzNIo9G
hb07I1dt3YxM6/QFJLM/l/fV/fexGhKJefENuTmla93nFzedFKMv+uRfLEZcFTWn
dVPgR7aVp0PEUlJFzcpHmIlKUFfFWk8TJ71JbSnyPTaAsUiwFi/bDrbXKf2h4ZTf
OEgB2ClykBcpOyJyRni1MkDJaxG0GPUKFP/fzl0uckULxgFsbwm9lz/cOuj7AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUPCLhGHfM3zLmuIx5jbS4+hwpH0gwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0NTE4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQ2QMA0GCSqGSIb3DQEBCwUAA4IBAQC2RmBK
LGuATXnlTo4jADDob5E//0gYI2TTMZphdHG1miVWN+Z7uBOI0Qtd93MwOmAKdfxs
69ll00U3NTl2sfeZwm8a3PuBzH9KgNajxvTuUR6OsA/ZhIpymLlu9EdjyFGqEtGg
evX9ikaRMPy2/Zgl2gH9Jv4YDtd6ShksxZm/e90QeOLUolVrKxGIIEQL5rzllEvi
gWB3RurZfjsrJ+6wOQyi1cl82xYeAPl28eoJ1ur3xtgml+V0HoE+EYUUNadIMSbU
284ZT31yUkx52CaQ/r1IESRcGVPPHzeTaj9PKZwVtNBnpVnHTCbR8kTqx0QDFXOE
hM9yDfpTd/kyWetl
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:54 2024 by rpki-client on console-ams.rpki-client.org