Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209294.roa
File: AS209294.roa (raw, json)
Hash identifier: lT2abk/azW4G224Lh3TEqeeoIK7Fy4oDUGSzCGVby3M=
Subject key identifier: 89:47:1E:A6:43:6E:45:0A:E6:54:B4:63:39:DE:33:7A:F6:02:30:1F
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 2DDD117ED16BDB14C42BE24D4FED215698C812FD
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209294.roa
Signing time: Tue 05 Dec 2023 02:44:13 +0000
ROA not before: Tue 05 Dec 2023 02:39:13 +0000
ROA not after: Tue 03 Dec 2024 02:44:13 +0000
asID: 209294
IP address blocks: 2a06:a005:17e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:dd:11:7e:d1:6b:db:14:c4:2b:e2:4d:4f:ed:21:56:98:c8:12:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:13 2023 GMT
Not After : Dec 3 02:44:13 2024 GMT
Subject: CN=89471EA6436E450AE654B46339DE337AF602301F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d8:ba:95:03:93:24:5a:23:35:fd:50:e0:c2:
9a:f6:ac:1d:6a:03:f9:70:58:2e:63:24:51:e4:b3:
5b:1a:89:d8:84:86:cf:5c:5b:29:d8:fc:4a:e1:c6:
73:70:3e:ab:76:cc:d2:f9:48:0d:2a:c7:36:8a:6c:
dd:99:e7:af:fb:e1:20:5d:6a:d4:05:9e:39:4a:aa:
e0:17:d1:80:de:b1:24:a6:65:64:4b:11:d1:44:6a:
88:46:7d:6a:f5:46:a4:54:78:83:d7:b1:8a:33:15:
93:69:1c:8a:99:09:dc:65:de:5d:77:a8:aa:39:f3:
90:47:67:bf:5b:4d:9a:76:ae:ca:09:2a:af:5c:c3:
b2:0f:45:aa:00:1e:b8:70:94:67:99:01:a0:47:b9:
23:f8:df:fa:37:49:4a:19:12:65:7f:2d:a7:73:77:
09:3c:a2:a3:bc:4b:46:4f:27:a2:21:23:04:ea:4d:
71:84:d0:a9:6e:85:96:18:78:26:e1:f7:dc:08:c1:
92:59:74:f7:ad:b3:f3:da:f3:f3:d2:63:7a:e2:42:
12:b6:7d:10:6f:6e:66:45:5c:7f:76:75:63:d4:23:
b2:db:70:a6:cd:9f:fc:bf:33:68:c0:5e:bd:48:a6:
88:07:3c:a1:c8:c2:fb:0f:0b:f5:70:7b:5a:79:10:
93:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:47:1E:A6:43:6E:45:0A:E6:54:B4:63:39:DE:33:7A:F6:02:30:1F
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209294.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:17e0::/44
Signature Algorithm: sha256WithRSAEncryption
40:11:7e:4e:3f:15:00:b5:66:95:9e:4a:86:1f:5c:95:af:f2:
81:66:97:18:53:56:a8:22:90:5f:79:00:d7:e1:97:0a:80:44:
b7:6d:79:c1:e6:b7:9b:6e:1c:c6:e5:1f:2b:49:62:51:f1:d9:
ec:20:03:76:01:4a:12:c3:6e:8f:85:cb:d0:f8:c3:4c:e0:68:
70:26:e0:da:d9:c0:ad:5d:fc:8a:f2:b7:aa:ee:15:53:0b:93:
04:59:cc:fa:e9:94:de:36:1a:1f:ed:91:9b:05:a6:b3:f0:08:
5b:d8:34:41:51:48:b7:83:56:2f:32:b0:e7:57:e1:ac:a7:3a:
f8:1d:45:c1:0a:33:18:63:52:4c:0b:df:e8:77:a6:f3:3c:67:
e0:06:5b:05:7b:79:98:be:cb:d4:07:1a:65:04:8c:f2:43:b9:
d8:23:86:1e:ac:9c:05:27:71:92:6c:b5:6a:06:59:c5:08:8d:
d0:ce:1e:45:90:a7:b7:f3:a9:e7:11:70:51:3a:e5:e0:82:14:
98:77:fb:01:22:7a:dd:8c:11:79:4d:d4:09:72:6c:e5:08:6b:
32:1e:80:56:50:6d:63:b0:04:41:ee:75:c9:ee:e9:5d:41:cb:
dc:91:45:a7:ba:ae:ad:6e:da:78:44:ea:c8:61:10:be:83:af:
28:34:6f:f1
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIULd0RftFr2xTEK+JNT+0hVpjIEv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKDg5NDcxRUE2NDM2RTQ1MEFFNjU0QjQ2MzM5REUzMzdBRjYwMjMwMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB2LqVA5MkWiM1/VDgwpr2rB1q
A/lwWC5jJFHks1saidiEhs9cWynY/ErhxnNwPqt2zNL5SA0qxzaKbN2Z56/74SBd
atQFnjlKquAX0YDesSSmZWRLEdFEaohGfWr1RqRUeIPXsYozFZNpHIqZCdxl3l13
qKo585BHZ79bTZp2rsoJKq9cw7IPRaoAHrhwlGeZAaBHuSP43/o3SUoZEmV/Ladz
dwk8oqO8S0ZPJ6IhIwTqTXGE0KluhZYYeCbh99wIwZJZdPets/Pa8/PSY3riQhK2
fRBvbmZFXH92dWPUI7LbcKbNn/y/M2jAXr1IpogHPKHIwvsPC/Vwe1p5EJNRAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUiUcepkNuRQrmVLRjOd4zevYCMB8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5Mjk0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRfgMA0GCSqGSIb3DQEBCwUAA4IBAQBAEX5O
PxUAtWaVnkqGH1yVr/KBZpcYU1aoIpBfeQDX4ZcKgES3bXnB5rebbhzG5R8rSWJR
8dnsIAN2AUoSw26PhcvQ+MNM4GhwJuDa2cCtXfyK8req7hVTC5MEWcz66ZTeNhof
7ZGbBaaz8Ahb2DRBUUi3g1YvMrDnV+Gspzr4HUXBCjMYY1JMC9/od6bzPGfgBlsF
e3mYvsvUBxplBIzyQ7nYI4YerJwFJ3GSbLVqBlnFCI3Qzh5FkKe386nnEXBROuXg
ghSYd/sBInrdjBF5TdQJcmzlCGsyHoBWUG1jsARB7nXJ7uldQcvckUWnuq6tbtp4
ROrIYRC+g68oNG/x
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:12 2024 by rpki-client on console-fra.rpki-client.org