Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206533.roa
File: AS206533.roa (raw, json)
Hash identifier: 3tIVl4jh84/bAD9+YFvzIg0+YhUWYE53DrFt0Y5rW4k=
Subject key identifier: 14:C8:FA:97:E5:CA:E1:1D:5C:6A:3A:E8:5C:07:3B:98:27:9A:1D:42
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 383E60AB72E95E73594E0B98B69FD3388FBA77FB
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206533.roa
Signing time: Tue 05 Nov 2024 03:40:06 +0000
ROA not before: Tue 05 Nov 2024 03:35:06 +0000
ROA not after: Tue 04 Nov 2025 03:40:06 +0000
asID: 206533
IP address blocks: 2a06:a005:855::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:3e:60:ab:72:e9:5e:73:59:4e:0b:98:b6:9f:d3:38:8f:ba:77:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:06 2024 GMT
Not After : Nov 4 03:40:06 2025 GMT
Subject: CN=14C8FA97E5CAE11D5C6A3AE85C073B98279A1D42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:f4:55:3f:ae:c6:4f:46:3f:34:d4:68:c9:
23:99:f9:32:5b:e8:57:38:05:3f:b7:a6:e8:a7:6e:
f6:13:5c:fd:4c:14:81:1f:e1:63:5c:57:02:69:15:
15:d3:10:96:37:27:e1:b8:78:96:4c:7e:fe:de:7b:
49:10:fc:2a:e8:c6:ed:da:9d:3e:ac:fc:41:9b:d7:
2b:d4:42:47:94:55:c1:21:42:a5:6a:f2:be:9b:38:
90:34:91:24:93:9d:ad:39:e2:83:31:cb:8f:b2:75:
f1:d3:14:a7:6b:1a:7e:6a:51:5b:19:ff:81:14:3c:
49:53:14:87:b1:fd:e3:4a:5f:8a:ba:fc:f7:b7:7e:
ac:7a:9b:15:20:0e:8a:c4:57:34:2c:c1:eb:3e:63:
23:bd:7f:3e:64:d0:c3:51:a3:f6:7a:03:48:ae:2a:
90:a4:77:e9:58:ad:62:e1:a2:0c:c3:cb:b7:20:d3:
1c:ef:3e:85:a9:4d:9f:40:3e:5a:c0:e9:c7:e2:86:
95:a9:2f:d3:d7:e2:95:1e:b5:e3:58:7f:cc:8a:88:
e0:b6:cf:2a:b5:72:8a:e1:63:35:06:26:3f:ed:3c:
76:4a:7e:9e:3c:0f:b4:c7:61:6d:be:87:c3:59:1e:
3e:9e:03:f1:3a:ba:db:35:99:04:ec:53:d6:d8:71:
f5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C8:FA:97:E5:CA:E1:1D:5C:6A:3A:E8:5C:07:3B:98:27:9A:1D:42
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:855::/48
Signature Algorithm: sha256WithRSAEncryption
cb:cf:2f:ba:54:fd:1a:83:c9:b0:1f:e8:5f:83:53:6a:15:86:
14:72:9c:db:59:e0:99:bb:2d:aa:6f:51:3b:22:0f:45:3b:48:
3c:5e:ce:19:da:f1:77:42:af:3a:fa:92:33:89:9a:75:b9:9b:
89:90:1c:3e:27:c0:b9:30:df:1c:c3:f0:55:d0:24:dd:81:de:
2b:a0:72:bc:1e:29:a8:42:e8:9e:f6:94:a5:20:da:b1:68:1f:
e1:c6:25:ad:94:c3:e2:7d:3b:ee:18:a7:78:a1:07:10:28:9a:
7f:56:83:a6:98:3d:00:da:97:89:97:fc:cf:33:8a:44:de:c7:
73:c8:48:eb:1a:db:7e:3a:41:40:4e:6e:0d:e5:a1:1a:6b:1d:
9e:01:ac:73:7b:15:ce:6a:a7:82:90:35:2d:a4:0b:2c:80:29:
27:3b:0c:09:30:f4:bc:1a:44:f2:d1:c5:b1:e3:20:fb:c0:69:
81:0c:d8:60:65:90:31:65:ab:21:96:a9:6b:67:19:f8:36:db:
51:a6:6e:9d:b5:91:68:5f:e2:4c:33:47:9e:dc:94:2e:98:02:
a0:7f:ba:cd:3e:bc:14:00:d6:c6:bf:2c:1b:55:7b:1b:64:3c:
bf:88:c9:dd:be:c4:38:80:2d:a7:9e:67:2c:e5:b9:f9:6b:35:
4b:10:5e:32
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUOD5gq3LpXnNZTguYtp/TOI+6d/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDZaFw0yNTExMDQwMzQwMDZaMDMxMTAvBgNV
BAMTKDE0QzhGQTk3RTVDQUUxMUQ1QzZBM0FFODVDMDczQjk4Mjc5QTFENDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFe/RVP67GT0Y/NNRoySOZ+TJb
6Fc4BT+3puinbvYTXP1MFIEf4WNcVwJpFRXTEJY3J+G4eJZMfv7ee0kQ/Croxu3a
nT6s/EGb1yvUQkeUVcEhQqVq8r6bOJA0kSSTna054oMxy4+ydfHTFKdrGn5qUVsZ
/4EUPElTFIex/eNKX4q6/Pe3fqx6mxUgDorEVzQswes+YyO9fz5k0MNRo/Z6A0iu
KpCkd+lYrWLhogzDy7cg0xzvPoWpTZ9APlrA6cfihpWpL9PX4pUeteNYf8yKiOC2
zyq1corhYzUGJj/tPHZKfp48D7THYW2+h8NZHj6eA/E6uts1mQTsU9bYcfV/AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUFMj6l+XK4R1cajroXAc7mCeaHUIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA2NTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQhVMA0GCSqGSIb3DQEBCwUAA4IBAQDLzy+6
VP0ag8mwH+hfg1NqFYYUcpzbWeCZuy2qb1E7Ig9FO0g8Xs4Z2vF3Qq86+pIziZp1
uZuJkBw+J8C5MN8cw/BV0CTdgd4roHK8HimoQuie9pSlINqxaB/hxiWtlMPifTvu
GKd4oQcQKJp/VoOmmD0A2peJl/zPM4pE3sdzyEjrGtt+OkFATm4N5aEaax2eAaxz
exXOaqeCkDUtpAssgCknOwwJMPS8GkTy0cWx4yD7wGmBDNhgZZAxZashlqlrZxn4
NttRpm6dtZFoX+JMM0ee3JQumAKgf7rNPrwUANbGvywbVXsbZDy/iMndvsQ4gC2n
nmcs5bn5azVLEF4y
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:36 2024 by rpki-client on console-fra.rpki-client.org