Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204914.roa
File: AS204914.roa (raw, json)
Hash identifier: 6RkP1v6mYaIDVzFv7qmo8yN/jlZMu/TCIikFt0lsUsE=
Subject key identifier: E9:02:9F:44:D9:BB:B1:97:A0:BB:0C:59:FE:65:FF:2D:50:4C:D2:60
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 441B0CB033A0038FB16F32B49B0AF9B86835A5A7
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204914.roa
Signing time: Tue 05 Nov 2024 03:40:10 +0000
ROA not before: Tue 05 Nov 2024 03:35:10 +0000
ROA not after: Tue 04 Nov 2025 03:40:10 +0000
asID: 204914
IP address blocks: 2a06:a005:d24::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:1b:0c:b0:33:a0:03:8f:b1:6f:32:b4:9b:0a:f9:b8:68:35:a5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:10 2024 GMT
Not After : Nov 4 03:40:10 2025 GMT
Subject: CN=E9029F44D9BBB197A0BB0C59FE65FF2D504CD260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a1:33:08:90:06:38:d1:47:f8:5f:e7:97:f0:
d9:17:b4:f9:32:cf:f0:76:81:1b:d3:56:c1:09:1e:
4c:29:7e:32:85:67:06:05:da:af:b1:f1:6f:42:ec:
eb:ae:e4:03:b2:42:ca:35:25:96:d6:ee:fb:97:78:
13:8b:82:55:91:5a:a2:b5:36:73:b5:c0:d9:24:f7:
e0:2c:eb:ef:94:bc:df:3e:49:72:df:54:bb:bc:8c:
c4:9c:24:60:8b:48:bb:2c:9b:54:6b:82:2d:39:ca:
d2:61:0e:ca:ad:a2:c5:cf:7c:58:2e:9b:a6:49:9b:
cd:c1:05:bd:90:cb:88:ba:c2:d9:d2:70:70:54:b9:
7d:16:fc:93:3a:fe:11:dc:11:c0:24:07:3b:35:ff:
69:f1:f1:99:8a:46:7f:14:df:a2:7e:18:0f:b1:9a:
47:db:df:8e:a2:d5:0b:8a:b6:ec:13:89:8d:9f:e5:
c6:3c:9a:f6:b1:e7:52:f0:a2:ea:7b:9c:f8:4d:d0:
e9:fe:18:d2:90:f3:92:87:56:de:72:79:e7:47:db:
00:ab:fe:07:98:97:d3:39:af:92:f5:c1:de:ab:97:
6e:d5:3e:b7:f4:8d:1c:2c:98:2e:da:9b:eb:0b:e9:
52:23:d6:70:42:6e:e1:58:de:a1:00:4e:90:16:f9:
da:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:02:9F:44:D9:BB:B1:97:A0:BB:0C:59:FE:65:FF:2D:50:4C:D2:60
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d24::/48
Signature Algorithm: sha256WithRSAEncryption
37:e9:cc:be:4e:a0:37:f9:3a:25:3b:22:4c:64:05:c0:dc:55:
db:7e:4d:ea:dc:b6:f6:93:35:83:46:c2:2a:ac:18:39:c3:c0:
ae:82:7e:eb:bd:a5:0c:1f:fc:66:47:65:4b:9f:45:6f:94:15:
c4:64:7c:8b:e5:fa:7d:eb:4f:ee:10:bb:59:3d:9f:e7:bd:79:
50:79:27:bb:2f:f7:2b:ed:64:c6:53:08:9e:14:15:b2:37:04:
0d:05:0c:39:48:41:b1:22:c5:58:61:82:fe:b3:2a:b4:a2:c3:
01:d1:8a:d5:a4:be:00:30:20:32:f8:e7:91:f7:0d:4d:1a:35:
b2:7c:a4:ff:29:16:c7:b6:01:1b:35:01:dc:93:b2:3d:78:d7:
59:2e:20:12:20:ad:10:4d:0b:90:96:31:1f:1b:71:98:55:3d:
f1:55:e9:34:3d:cb:b4:ce:04:da:2a:60:1e:7f:98:b1:5f:1f:
bc:9d:49:30:35:cf:ca:a0:88:0b:b0:3b:07:90:d5:62:17:43:
19:92:b6:9a:5c:1b:fb:0f:a7:59:c4:dc:1e:3a:de:8a:8d:7c:
5e:8d:b5:4f:b5:b0:26:dc:e9:6c:dd:37:c5:e9:66:64:df:cb:
cb:f6:0c:fd:51:c1:64:d2:aa:31:7f:1c:d5:52:fe:d0:a9:ea:
4d:58:e9:6d
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIURBsMsDOgA4+xbzK0mwr5uGg1pacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MTBaFw0yNTExMDQwMzQwMTBaMDMxMTAvBgNV
BAMTKEU5MDI5RjQ0RDlCQkIxOTdBMEJCMEM1OUZFNjVGRjJENTA0Q0QyNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCoTMIkAY40Uf4X+eX8NkXtPky
z/B2gRvTVsEJHkwpfjKFZwYF2q+x8W9C7Ouu5AOyQso1JZbW7vuXeBOLglWRWqK1
NnO1wNkk9+As6++UvN8+SXLfVLu8jMScJGCLSLssm1Rrgi05ytJhDsqtosXPfFgu
m6ZJm83BBb2Qy4i6wtnScHBUuX0W/JM6/hHcEcAkBzs1/2nx8ZmKRn8U36J+GA+x
mkfb346i1QuKtuwTiY2f5cY8mvax51Lwoup7nPhN0On+GNKQ85KHVt5yeedH2wCr
/geYl9M5r5L1wd6rl27VPrf0jRwsmC7am+sL6VIj1nBCbuFY3qEATpAW+dqdAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU6QKfRNm7sZeguwxZ/mX/LVBM0mAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0OTE0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ0kMA0GCSqGSIb3DQEBCwUAA4IBAQA36cy+
TqA3+TolOyJMZAXA3FXbfk3q3Lb2kzWDRsIqrBg5w8Cugn7rvaUMH/xmR2VLn0Vv
lBXEZHyL5fp960/uELtZPZ/nvXlQeSe7L/cr7WTGUwieFBWyNwQNBQw5SEGxIsVY
YYL+syq0osMB0YrVpL4AMCAy+OeR9w1NGjWyfKT/KRbHtgEbNQHck7I9eNdZLiAS
IK0QTQuQljEfG3GYVT3xVek0Pcu0zgTaKmAef5ixXx+8nUkwNc/KoIgLsDsHkNVi
F0MZkraaXBv7D6dZxNweOt6KjXxejbVPtbAm3Ols3TfF6WZk38vL9gz9UcFk0qox
fxzVUv7QqepNWOlt
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:55 2024 by rpki-client on console-ams.rpki-client.org