Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209294.roa
File: AS209294.roa (raw, json)
Hash identifier: 6sbBeru5yKGw65cob8qaos5HRE4o+7Fi2KL/hgrGp6Q=
Subject key identifier: 3E:FF:9C:D7:13:F9:C0:74:47:1A:3A:E5:D0:F0:D6:E2:E9:6A:D7:94
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 68A3ABDC2A10D8257A0135CB2927253E67D5F289
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209294.roa
Signing time: Tue 05 Nov 2024 03:40:09 +0000
ROA not before: Tue 05 Nov 2024 03:35:09 +0000
ROA not after: Tue 04 Nov 2025 03:40:09 +0000
asID: 209294
IP address blocks: 2a06:a005:17e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a3:ab:dc:2a:10:d8:25:7a:01:35:cb:29:27:25:3e:67:d5:f2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:09 2024 GMT
Not After : Nov 4 03:40:09 2025 GMT
Subject: CN=3EFF9CD713F9C074471A3AE5D0F0D6E2E96AD794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cf:88:2e:d2:0b:92:af:6a:04:17:ee:f2:3c:
4b:0d:58:b9:f1:67:a3:b6:2d:32:be:28:c9:a8:31:
81:05:50:b9:00:9a:10:aa:0c:ff:71:c4:1d:35:5b:
00:01:82:24:52:d3:19:3f:8f:b7:5c:35:2b:00:9e:
e5:1e:d8:5c:02:31:fc:da:80:70:b7:eb:35:07:01:
f8:fa:4f:0f:f8:0e:4f:b3:ee:b3:82:c4:57:a7:55:
3b:b7:5a:20:48:83:96:2e:42:46:22:a7:29:78:42:
8a:1a:f9:1e:ae:d8:8c:cd:7d:a8:00:1c:8b:27:21:
cb:5f:b3:2d:f1:41:fa:4e:55:06:c1:77:d6:88:dd:
df:d7:0c:3a:1e:e1:9c:55:e8:89:d7:ba:76:47:47:
00:3f:cf:ae:da:15:f9:31:bd:d7:a0:21:72:f7:97:
7b:70:51:7c:88:3e:1a:b9:40:5f:54:df:21:ff:17:
cb:00:a1:d5:c3:bb:2a:8e:83:d7:b8:3c:6a:1a:82:
ca:56:99:07:41:1d:93:7b:0f:91:75:2a:33:bd:99:
41:ac:31:62:1f:d4:14:ca:af:2f:3f:f8:89:c6:0d:
42:7c:8c:1e:9b:4f:ca:17:d9:04:7f:ce:be:e6:e8:
10:a4:b3:62:da:3e:cc:15:ba:f6:2b:d7:c2:a3:fe:
45:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:FF:9C:D7:13:F9:C0:74:47:1A:3A:E5:D0:F0:D6:E2:E9:6A:D7:94
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209294.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:17e0::/44
Signature Algorithm: sha256WithRSAEncryption
39:b5:dc:12:f5:b9:1c:a7:ef:1d:9f:57:46:6f:d4:d3:37:48:
02:68:1a:36:27:25:f5:5d:38:04:e4:46:4a:b4:ff:28:25:40:
f6:2c:45:7b:45:29:a6:68:60:0c:6a:c7:8f:0e:4d:54:09:e1:
9c:38:ce:44:dd:c6:e6:09:91:5f:e2:e2:4d:35:1b:b2:eb:cd:
86:43:d0:1b:fa:f1:f9:7c:66:2d:f4:b3:d6:b2:ac:ba:af:18:
34:e3:7e:e3:9e:d2:ab:8e:02:ea:90:ce:a2:30:df:0e:4e:a8:
a0:1c:5e:fc:4c:5e:b5:bc:1e:89:29:74:59:e8:72:73:62:cc:
d0:13:81:49:74:52:4f:ef:e9:04:9f:f5:f3:20:d9:22:62:ce:
8f:06:98:9f:62:0c:9c:2f:9a:19:f8:c5:99:9d:da:db:0a:79:
35:b9:c3:c2:76:59:fa:f9:5e:42:5f:43:58:83:45:de:12:67:
5c:2a:a6:c7:01:89:4f:8b:c6:6b:4a:e1:da:c5:f7:da:28:1c:
37:b3:18:f5:bf:8f:8d:7d:85:b1:66:d5:80:1a:12:b8:31:6d:
84:2a:b1:31:1d:1b:16:3b:b8:11:05:55:12:68:72:71:0a:42:
9b:d1:15:b0:71:c0:78:c5:06:cb:5a:13:aa:b5:e3:41:b8:49:
a3:60:9f:7a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUaKOr3CoQ2CV6ATXLKSclPmfV8okwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDlaFw0yNTExMDQwMzQwMDlaMDMxMTAvBgNV
BAMTKDNFRkY5Q0Q3MTNGOUMwNzQ0NzFBM0FFNUQwRjBENkUyRTk2QUQ3OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgz4gu0guSr2oEF+7yPEsNWLnx
Z6O2LTK+KMmoMYEFULkAmhCqDP9xxB01WwABgiRS0xk/j7dcNSsAnuUe2FwCMfza
gHC36zUHAfj6Tw/4Dk+z7rOCxFenVTu3WiBIg5YuQkYipyl4Qooa+R6u2IzNfagA
HIsnIctfsy3xQfpOVQbBd9aI3d/XDDoe4ZxV6InXunZHRwA/z67aFfkxvdegIXL3
l3twUXyIPhq5QF9U3yH/F8sAodXDuyqOg9e4PGoagspWmQdBHZN7D5F1KjO9mUGs
MWIf1BTKry8/+InGDUJ8jB6bT8oX2QR/zr7m6BCks2LaPswVuvYr18Kj/kWzAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUPv+c1xP5wHRHGjrl0PDW4ulq15QwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5Mjk0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRfgMA0GCSqGSIb3DQEBCwUAA4IBAQA5tdwS
9bkcp+8dn1dGb9TTN0gCaBo2JyX1XTgE5EZKtP8oJUD2LEV7RSmmaGAMasePDk1U
CeGcOM5E3cbmCZFf4uJNNRuy682GQ9Ab+vH5fGYt9LPWsqy6rxg0437jntKrjgLq
kM6iMN8OTqigHF78TF61vB6JKXRZ6HJzYszQE4FJdFJP7+kEn/XzINkiYs6PBpif
YgycL5oZ+MWZndrbCnk1ucPCdln6+V5CX0NYg0XeEmdcKqbHAYlPi8ZrSuHaxffa
KBw3sxj1v4+NfYWxZtWAGhK4MW2EKrExHRsWO7gRBVUSaHJxCkKb0RWwccB4xQbL
WhOqteNBuEmjYJ96
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:55 2024 by rpki-client on console-ams.rpki-client.org