Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209512.roa
File: AS209512.roa (raw, json)
Hash identifier: QT3P3eUD11a54AEaWAYVpp7dAzZAKNiE5Ia//AerOco=
Subject key identifier: 8B:50:BF:F1:C0:61:C0:60:63:4D:4F:53:D4:53:25:31:DA:9A:62:D0
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 41DCD08F98F30377075C1A2E1693F571C7EE762B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209512.roa
Signing time: Tue 05 Dec 2023 02:44:14 +0000
ROA not before: Tue 05 Dec 2023 02:39:14 +0000
ROA not after: Tue 03 Dec 2024 02:44:14 +0000
asID: 209512
IP address blocks: 2a06:a005:80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:dc:d0:8f:98:f3:03:77:07:5c:1a:2e:16:93:f5:71:c7:ee:76:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:14 2023 GMT
Not After : Dec 3 02:44:14 2024 GMT
Subject: CN=8B50BFF1C061C060634D4F53D4532531DA9A62D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8d:96:2d:ea:b9:8b:04:63:b0:56:bd:27:87:
c0:c8:fe:14:9b:70:49:30:46:b7:8d:03:96:0a:ea:
6c:9a:23:33:57:74:e1:8e:30:a8:a8:3a:dc:00:29:
a3:81:14:fe:e3:da:fc:6c:ac:c9:f7:0d:51:41:bc:
8d:35:d3:c1:3f:c3:e4:44:4e:f9:75:bc:5b:7f:d7:
8c:7d:7f:94:02:c5:15:91:56:12:cd:c0:dc:1a:85:
a9:7a:fe:4f:1c:d5:a5:b6:3d:fb:51:70:36:6d:42:
ab:35:4d:ba:98:70:26:8e:71:52:db:ff:d4:ef:80:
f9:6d:9a:28:4e:68:38:18:75:20:eb:da:59:84:f0:
73:cf:dd:51:f3:79:66:07:83:c3:5e:a3:88:9d:2d:
bc:76:80:4e:c3:94:f7:a6:9d:69:fe:65:64:a6:11:
2b:29:e8:b4:b5:23:36:48:db:74:24:c5:ec:00:6b:
83:fb:d0:23:da:8c:87:57:8d:44:f6:26:07:5d:df:
db:7e:0a:b9:ef:2b:cd:e0:3f:de:0f:a0:65:05:e9:
20:0d:bc:25:77:c2:91:b3:0a:33:d8:4f:44:8d:8e:
28:85:55:79:84:42:c3:10:45:82:bd:ed:c4:30:69:
b2:de:7c:55:95:b2:20:0e:fd:07:ef:06:d4:3e:be:
d5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:50:BF:F1:C0:61:C0:60:63:4D:4F:53:D4:53:25:31:DA:9A:62:D0
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209512.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:80::/44
Signature Algorithm: sha256WithRSAEncryption
4b:4e:c0:96:66:bc:da:61:98:27:0c:9a:84:ef:d5:02:0c:00:
5b:f8:4f:8f:cb:a4:b1:69:5f:9a:d0:24:25:05:32:ea:99:07:
69:1f:01:1c:d0:b4:e6:a3:f3:8d:43:ee:bc:5d:3d:6b:f8:d6:
f0:ab:c2:d4:1e:3b:71:4a:f8:e6:35:4e:9b:de:c2:e5:d4:5f:
56:61:5f:ca:f0:77:4c:e2:77:b4:83:56:40:64:14:ee:f4:28:
7f:c0:18:0c:b4:8c:ad:ed:eb:8b:e5:3f:e4:0e:16:21:36:2e:
91:8b:22:48:df:56:6f:59:c0:ea:ad:a8:ba:8e:e9:9b:7e:ba:
5c:cc:54:4a:50:81:9d:e6:27:ad:a9:c8:7e:6d:2b:c2:41:98:
7f:71:bd:61:cc:e9:44:e3:f6:d1:08:ac:75:2a:60:85:f1:fd:
d0:f7:c2:ff:20:84:8f:73:d7:51:e9:52:c4:21:1d:b7:9d:12:
37:b3:88:99:af:ff:f6:11:17:2e:b9:c5:9f:2e:a0:a1:06:78:
38:1f:f6:f4:cc:b8:59:e1:98:11:10:3f:ee:bd:dd:d1:dd:63:
3f:80:d2:d8:e0:e6:7b:44:3f:e7:c2:ad:37:3a:55:6a:bb:f4:
19:54:f5:2a:f7:7f:d2:11:53:8a:17:01:7b:48:08:50:a3:a3:
2a:3d:74:25
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUQdzQj5jzA3cHXBouFpP1ccfudiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTRaFw0yNDEyMDMwMjQ0MTRaMDMxMTAvBgNV
BAMTKDhCNTBCRkYxQzA2MUMwNjA2MzRENEY1M0Q0NTMyNTMxREE5QTYyRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSjZYt6rmLBGOwVr0nh8DI/hSb
cEkwRreNA5YK6myaIzNXdOGOMKioOtwAKaOBFP7j2vxsrMn3DVFBvI0108E/w+RE
Tvl1vFt/14x9f5QCxRWRVhLNwNwahal6/k8c1aW2PftRcDZtQqs1TbqYcCaOcVLb
/9TvgPltmihOaDgYdSDr2lmE8HPP3VHzeWYHg8Neo4idLbx2gE7DlPemnWn+ZWSm
ESsp6LS1IzZI23QkxewAa4P70CPajIdXjUT2Jgdd39t+CrnvK83gP94PoGUF6SAN
vCV3wpGzCjPYT0SNjiiFVXmEQsMQRYK97cQwabLefFWVsiAO/QfvBtQ+vtUfAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUi1C/8cBhwGBjTU9T1FMlMdqaYtAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5NTEyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQCAMA0GCSqGSIb3DQEBCwUAA4IBAQBLTsCW
ZrzaYZgnDJqE79UCDABb+E+Py6SxaV+a0CQlBTLqmQdpHwEc0LTmo/ONQ+68XT1r
+Nbwq8LUHjtxSvjmNU6b3sLl1F9WYV/K8HdM4ne0g1ZAZBTu9Ch/wBgMtIyt7euL
5T/kDhYhNi6RiyJI31ZvWcDqrai6jumbfrpczFRKUIGd5ietqch+bSvCQZh/cb1h
zOlE4/bRCKx1KmCF8f3Q98L/IISPc9dR6VLEIR23nRI3s4iZr//2ERcuucWfLqCh
Bng4H/b0zLhZ4ZgRED/uvd3R3WM/gNLY4OZ7RD/nwq03OlVqu/QZVPUq93/SEVOK
FwF7SAhQo6MqPXQl
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:34 2024 by rpki-client on console-ams.rpki-client.org