Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209512.roa
File: AS209512.roa (raw, json)
Hash identifier: 5SjtGya42OInPKT0w1UdZQErBT2Tlql/08dKQn/wBSw=
Subject key identifier: 42:8A:28:01:2D:9D:9B:11:E7:03:30:C6:7E:10:C2:F6:6C:6D:D9:95
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 11EAA9E2AA6FBBB09539AFA42CB32C1C82CE2A13
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209512.roa
Signing time: Tue 05 Nov 2024 03:40:10 +0000
ROA not before: Tue 05 Nov 2024 03:35:10 +0000
ROA not after: Tue 04 Nov 2025 03:40:10 +0000
asID: 209512
IP address blocks: 2a06:a005:80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 11:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ea:a9:e2:aa:6f:bb:b0:95:39:af:a4:2c:b3:2c:1c:82:ce:2a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:10 2024 GMT
Not After : Nov 4 03:40:10 2025 GMT
Subject: CN=428A28012D9D9B11E70330C67E10C2F66C6DD995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:61:b3:08:0f:20:be:b5:38:46:03:b0:e4:f9:
51:9f:63:6a:6f:78:f8:c3:2a:59:19:7f:8a:12:6c:
6c:45:d6:5a:8b:24:d2:13:c3:5f:ed:7e:b5:62:cf:
9b:05:ee:7d:2f:ae:3e:15:87:0d:4a:61:b2:47:da:
61:f5:76:4a:c8:ac:35:5b:ab:03:f0:36:d4:9c:ed:
c7:05:98:a8:06:4f:de:1a:48:bd:d5:a2:64:c3:59:
0d:78:b5:36:26:dc:af:33:bb:ca:c5:99:cf:00:2d:
88:b9:e0:c3:8d:43:aa:47:e9:f1:73:0d:44:75:0d:
03:06:f1:37:bf:c6:53:18:99:3a:74:38:26:4e:71:
8f:f4:da:15:a9:f0:d0:d1:c3:f9:f9:cd:ff:d1:81:
93:bb:b3:3a:9b:61:28:07:88:a2:e0:4a:48:d2:80:
17:07:b3:6d:d1:34:7f:10:f1:07:0a:39:a7:36:4d:
25:99:f9:4c:f0:9e:9c:e9:9f:9e:01:4f:16:cb:07:
e0:b1:81:c0:85:a8:7d:d8:e0:56:b2:e2:e4:a9:cc:
a1:13:af:34:7b:8b:93:c1:eb:b1:e0:f6:c2:a8:02:
55:97:58:21:3b:62:8a:04:31:8b:38:07:02:2e:5a:
cc:30:cc:ef:5c:45:bc:28:db:0c:e6:0b:5c:d3:b7:
20:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8A:28:01:2D:9D:9B:11:E7:03:30:C6:7E:10:C2:F6:6C:6D:D9:95
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209512.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:80::/44
Signature Algorithm: sha256WithRSAEncryption
aa:90:3c:db:35:f5:47:ff:97:2a:19:70:3a:73:a9:cc:cc:c0:
8c:f6:ec:e6:5b:ff:d0:8f:eb:6b:6b:8a:f7:a4:18:89:72:64:
73:dc:df:54:05:ae:e3:d4:2f:0b:ee:7e:b2:72:56:07:a7:d4:
9d:3f:2b:a1:59:a2:14:ec:18:92:58:0d:c2:72:f3:20:08:22:
f3:28:01:ee:b9:88:5a:03:9d:f0:13:e1:22:e5:09:a8:bd:78:
b8:d9:11:6a:71:bb:33:78:9f:19:58:41:99:83:9c:9a:48:eb:
bb:a1:0c:ee:2c:0a:a0:2d:a9:4f:37:01:68:00:0c:c1:63:e5:
58:41:f0:09:54:a6:0d:15:fa:0a:52:a9:9a:e6:96:9d:c6:1c:
aa:f4:2c:b7:e0:79:5d:87:e4:cd:5a:5c:75:81:21:c3:8d:86:
b7:5f:74:fd:e8:d5:2b:fb:c6:e4:e6:33:da:cd:a3:40:7b:26:
95:29:12:78:6f:51:f3:b1:69:ae:f6:7d:11:35:7f:28:db:58:
2b:4a:3a:f9:65:15:6f:5b:45:63:de:be:6b:db:c3:bc:f3:ba:
eb:c6:b7:c5:c1:d7:06:f0:08:93:a1:cc:da:4c:65:8f:a6:0a:
eb:3a:dd:8f:c7:e0:b5:51:b2:7f:ff:10:fc:a6:f8:35:68:5f:
10:ae:0c:d4
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEeqp4qpvu7CVOa+kLLMsHILOKhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MTBaFw0yNTExMDQwMzQwMTBaMDMxMTAvBgNV
BAMTKDQyOEEyODAxMkQ5RDlCMTFFNzAzMzBDNjdFMTBDMkY2NkM2REQ5OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6YbMIDyC+tThGA7Dk+VGfY2pv
ePjDKlkZf4oSbGxF1lqLJNITw1/tfrViz5sF7n0vrj4Vhw1KYbJH2mH1dkrIrDVb
qwPwNtSc7ccFmKgGT94aSL3VomTDWQ14tTYm3K8zu8rFmc8ALYi54MONQ6pH6fFz
DUR1DQMG8Te/xlMYmTp0OCZOcY/02hWp8NDRw/n5zf/RgZO7szqbYSgHiKLgSkjS
gBcHs23RNH8Q8QcKOac2TSWZ+Uzwnpzpn54BTxbLB+CxgcCFqH3Y4Fay4uSpzKET
rzR7i5PB67Hg9sKoAlWXWCE7YooEMYs4BwIuWswwzO9cRbwo2wzmC1zTtyDfAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUQoooAS2dmxHnAzDGfhDC9mxt2ZUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5NTEyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQCAMA0GCSqGSIb3DQEBCwUAA4IBAQCqkDzb
NfVH/5cqGXA6c6nMzMCM9uzmW//Qj+tra4r3pBiJcmRz3N9UBa7j1C8L7n6yclYH
p9SdPyuhWaIU7BiSWA3CcvMgCCLzKAHuuYhaA53wE+Ei5QmovXi42RFqcbszeJ8Z
WEGZg5yaSOu7oQzuLAqgLalPNwFoAAzBY+VYQfAJVKYNFfoKUqma5padxhyq9Cy3
4Hldh+TNWlx1gSHDjYa3X3T96NUr+8bk5jPazaNAeyaVKRJ4b1HzsWmu9n0RNX8o
21grSjr5ZRVvW0Vj3r5r28O887rrxrfFwdcG8AiToczaTGWPpgrrOt2Px+C1UbJ/
/xD8pvg1aF8QrgzU
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:35 2025 by rpki-client