Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
File: AS208679.roa (raw, json)
Hash identifier: 0aiwGntqvoOisBKmLa7z1mxfPJMs75XZqK/5G5wXJ8I=
Subject key identifier: 75:CF:91:F3:3A:57:08:17:ED:46:74:00:98:85:9E:54:6F:71:91:F2
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 1E5E8DD7BE27CF40330907D6B780E72F3E50CF3C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
Signing time: Fri 13 Dec 2024 02:56:29 +0000
ROA not before: Fri 13 Dec 2024 02:51:29 +0000
ROA not after: Fri 12 Dec 2025 02:56:29 +0000
asID: 208679
IP address blocks: 2a06:a005:8d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:5e:8d:d7:be:27:cf:40:33:09:07:d6:b7:80:e7:2f:3e:50:cf:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 13 02:51:29 2024 GMT
Not After : Dec 12 02:56:29 2025 GMT
Subject: CN=75CF91F33A570817ED46740098859E546F7191F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:57:4b:91:d8:df:ee:b3:77:cd:8d:20:ab:
68:41:ed:e2:36:a6:07:57:7e:46:31:ae:df:d2:c5:
4b:64:eb:92:d4:56:5d:c9:0d:8f:28:19:c8:b7:5b:
73:14:a7:36:74:4f:e3:53:14:12:90:15:26:07:fb:
1c:1a:1d:6f:df:46:1e:eb:3e:93:f1:47:8a:c8:8d:
13:e5:72:41:4d:5a:c9:b3:b7:4b:e4:96:9c:2a:80:
88:5d:e0:6d:eb:4c:45:39:0d:bb:a0:36:b5:d0:b3:
0b:57:5b:25:33:3a:48:04:0f:66:45:ae:ec:f7:70:
3a:4d:99:c9:40:79:81:74:ab:56:90:1e:be:49:49:
d3:f6:2e:95:5e:e5:d9:f2:36:8a:48:0b:1a:bc:18:
cc:b4:2a:65:7d:2a:cd:49:b5:40:2c:9d:37:7e:43:
48:cb:14:75:f2:99:93:38:d6:ca:57:c0:cd:36:8b:
71:d1:ed:d1:9a:08:d8:b1:dd:d2:09:e5:0b:c0:69:
db:34:a4:4e:dc:9f:93:df:3d:84:ba:03:fc:3b:98:
73:ba:9b:06:00:fb:2f:2c:48:e0:d8:e2:42:e0:17:
2e:48:c2:72:e4:33:78:31:07:d7:95:0d:97:83:f5:
7e:58:44:8b:c7:ec:86:7d:8a:6c:3c:3c:22:10:2b:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CF:91:F3:3A:57:08:17:ED:46:74:00:98:85:9E:54:6F:71:91:F2
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:8d0::/44
Signature Algorithm: sha256WithRSAEncryption
4e:f3:2e:5d:7f:69:6f:09:8d:f1:c1:e8:eb:ed:1e:10:c1:da:
59:26:95:a6:69:1e:36:90:4f:ca:64:e7:13:30:a4:a6:fb:46:
cf:4e:19:b0:8e:eb:63:1e:95:d2:9a:75:80:48:74:51:f8:90:
52:17:8e:92:a1:12:09:47:9f:ab:af:87:39:fe:35:5c:18:09:
81:37:c7:7d:de:1d:64:95:67:7f:e1:d5:d3:24:93:3c:6c:19:
45:be:60:1a:83:61:73:af:ef:33:83:38:3a:55:7e:5b:6b:1c:
47:d3:58:64:cc:43:c9:c4:eb:d6:66:d4:39:fb:73:c2:e0:c0:
17:e8:25:7e:55:e3:07:55:56:f9:69:7f:9e:dc:50:cd:40:50:
83:d3:53:e3:e7:0f:5b:08:30:dd:3b:ec:32:d2:b0:c0:78:05:
0f:a7:3d:2a:44:88:63:2b:51:37:6e:34:3b:c9:b0:19:07:da:
6d:31:d9:19:10:65:cf:6d:01:19:12:63:ab:52:cc:21:7b:8d:
96:fc:62:26:8a:23:09:c6:e9:89:12:71:88:37:60:2b:58:aa:
6c:62:31:5f:10:0b:92:23:a6:d5:c2:7c:a6:c2:22:6e:f2:63:
58:16:33:c0:1f:e0:0d:72:14:a6:1c:c0:2e:ae:03:98:ec:f8:
52:8f:6a:3b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUHl6N174nz0AzCQfWt4DnLz5QzzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMjlaFw0yNTEyMTIwMjU2MjlaMDMxMTAvBgNV
BAMTKDc1Q0Y5MUYzM0E1NzA4MTdFRDQ2NzQwMDk4ODU5RTU0NkY3MTkxRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/v1dLkdjf7rN3zY0gq2hB7eI2
pgdXfkYxrt/SxUtk65LUVl3JDY8oGci3W3MUpzZ0T+NTFBKQFSYH+xwaHW/fRh7r
PpPxR4rIjRPlckFNWsmzt0vklpwqgIhd4G3rTEU5DbugNrXQswtXWyUzOkgED2ZF
ruz3cDpNmclAeYF0q1aQHr5JSdP2LpVe5dnyNopICxq8GMy0KmV9Ks1JtUAsnTd+
Q0jLFHXymZM41spXwM02i3HR7dGaCNix3dIJ5QvAads0pE7cn5PfPYS6A/w7mHO6
mwYA+y8sSODY4kLgFy5IwnLkM3gxB9eVDZeD9X5YRIvH7IZ9imw8PCIQK5WBAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUdc+R8zpXCBftRnQAmIWeVG9xkfIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA4Njc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQjQMA0GCSqGSIb3DQEBCwUAA4IBAQBO8y5d
f2lvCY3xwejr7R4QwdpZJpWmaR42kE/KZOcTMKSm+0bPThmwjutjHpXSmnWASHRR
+JBSF46SoRIJR5+rr4c5/jVcGAmBN8d93h1klWd/4dXTJJM8bBlFvmAag2Fzr+8z
gzg6VX5baxxH01hkzEPJxOvWZtQ5+3PC4MAX6CV+VeMHVVb5aX+e3FDNQFCD01Pj
5w9bCDDdO+wy0rDAeAUPpz0qRIhjK1E3bjQ7ybAZB9ptMdkZEGXPbQEZEmOrUswh
e42W/GImiiMJxumJEnGIN2ArWKpsYjFfEAuSI6bVwnymwiJu8mNYFjPAH+ANchSm
HMAurgOY7PhSj2o7
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:40:26 2025 by rpki-client