Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209709.roa
File: AS209709.roa (raw, json)
Hash identifier: KfwEH97QFbXGMk0hQA4Tqy2TYjvMdrI6whkmCnDEMok=
Subject key identifier: 06:A1:72:CF:43:29:C0:6C:FB:45:A7:B1:26:49:0C:74:AF:7A:D4:1C
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4EF1093D585354A9204012EDB31E71C0A44577A4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209709.roa
Signing time: Mon 25 Sep 2023 15:01:16 +0000
ROA not before: Mon 25 Sep 2023 14:56:16 +0000
ROA not after: Mon 23 Sep 2024 15:01:16 +0000
asID: 209709
IP address blocks: 185.236.212.0/24 maxlen: 24
185.236.213.0/24 maxlen: 24
185.236.214.0/24 maxlen: 24
185.236.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:f1:09:3d:58:53:54:a9:20:40:12:ed:b3:1e:71:c0:a4:45:77:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Sep 25 14:56:16 2023 GMT
Not After : Sep 23 15:01:16 2024 GMT
Subject: CN=06A172CF4329C06CFB45A7B126490C74AF7AD41C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3a:81:16:04:b1:04:7a:f0:7d:2a:17:8d:30:
16:fc:bd:02:44:47:fe:5b:5a:0a:88:c3:82:e6:78:
5f:e5:ce:09:e1:dc:50:bf:59:4f:0f:a6:68:64:5f:
90:4f:ec:62:ce:47:a9:4b:d3:2e:78:c9:cd:6e:54:
3f:8d:66:f9:2c:79:e5:74:b0:0d:5b:2d:d6:1d:6d:
a4:ed:2e:b4:85:b1:6b:07:b0:f8:1d:8d:a3:92:d3:
2a:86:7e:0b:5f:ce:90:52:79:6e:62:da:be:60:fe:
09:b3:80:0f:31:10:af:7f:d8:bb:48:73:76:4c:eb:
bb:c1:b5:0f:90:20:27:b6:bc:66:4a:f7:25:24:f7:
40:fc:5b:2c:47:d9:c8:45:90:13:5c:a5:2b:1d:aa:
b5:47:3a:6a:60:28:72:c7:71:30:5f:4d:2d:f9:15:
11:98:38:b5:c0:d1:9f:b7:35:c5:09:55:8c:92:ba:
a2:26:15:65:d4:f9:14:dd:93:94:0f:25:52:12:50:
0d:b3:48:15:18:fc:c3:2e:21:43:6a:0f:ac:9f:ea:
b6:15:23:c8:9f:f7:01:29:ec:17:cc:8e:72:85:61:
85:d1:88:36:21:0a:aa:cf:d8:da:45:a6:47:9f:6b:
d2:9b:d8:31:ee:b5:0d:d9:aa:7b:57:61:b8:d5:69:
bd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A1:72:CF:43:29:C0:6C:FB:45:A7:B1:26:49:0C:74:AF:7A:D4:1C
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209709.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.212.0/22
Signature Algorithm: sha256WithRSAEncryption
79:6c:8c:07:e0:53:32:e6:73:60:b8:f5:e9:66:3b:35:7e:2d:
86:ca:c2:f6:1a:97:d0:23:fc:df:fe:15:86:90:10:0e:46:41:
86:ac:b1:5a:82:cf:d8:68:e9:30:aa:ef:0d:8f:36:c9:92:ec:
49:18:3a:6a:6a:c8:90:83:fc:0f:4e:8a:a3:b3:52:5f:44:1a:
a0:8d:f9:9f:31:0d:02:c6:03:95:32:86:aa:27:e4:a0:f2:bc:
f3:33:db:f7:ba:84:db:d8:4b:a4:f2:64:7f:13:79:7d:76:0c:
7f:54:50:c8:12:6e:64:84:a0:6d:b7:ac:98:b5:bf:54:65:58:
92:cf:7a:73:30:e6:e9:d2:5b:8a:95:05:3b:41:f7:7e:e2:da:
82:c7:04:20:44:a4:99:d1:f5:99:a9:86:fc:78:d9:af:20:59:
5d:b0:b7:b1:29:6c:a5:a2:8c:9e:a5:c2:24:cb:5d:cd:d5:d8:
ae:f9:84:5e:23:ef:83:b9:97:e4:4b:69:23:2c:56:d2:8b:ea:
57:f5:02:1f:c2:21:04:48:30:c1:ce:e5:38:bd:ac:65:ba:8c:
6a:4c:57:fa:d3:3d:57:5e:62:63:a5:c7:b6:77:dc:07:7a:e3:
3a:51:4d:e7:29:90:7e:00:61:d6:83:ba:3c:4e:d3:75:93:e1:
a8:f8:39:ad
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUTvEJPVhTVKkgQBLtsx5xwKRFd6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzA5MjUxNDU2MTZaFw0yNDA5MjMxNTAxMTZaMDMxMTAvBgNV
BAMTKDA2QTE3MkNGNDMyOUMwNkNGQjQ1QTdCMTI2NDkwQzc0QUY3QUQ0MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrOoEWBLEEevB9KheNMBb8vQJE
R/5bWgqIw4LmeF/lzgnh3FC/WU8PpmhkX5BP7GLOR6lL0y54yc1uVD+NZvkseeV0
sA1bLdYdbaTtLrSFsWsHsPgdjaOS0yqGfgtfzpBSeW5i2r5g/gmzgA8xEK9/2LtI
c3ZM67vBtQ+QICe2vGZK9yUk90D8WyxH2chFkBNcpSsdqrVHOmpgKHLHcTBfTS35
FRGYOLXA0Z+3NcUJVYySuqImFWXU+RTdk5QPJVISUA2zSBUY/MMuIUNqD6yf6rYV
I8if9wEp7BfMjnKFYYXRiDYhCqrP2NpFpkefa9Kb2DHutQ3ZqntXYbjVab1pAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUBqFyz0MpwGz7RaexJkkMdK961BwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5NzA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCuezUMA0GCSqGSIb3DQEBCwUAA4IBAQB5bIwH4FMy
5nNguPXpZjs1fi2GysL2GpfQI/zf/hWGkBAORkGGrLFags/YaOkwqu8NjzbJkuxJ
GDpqasiQg/wPToqjs1JfRBqgjfmfMQ0CxgOVMoaqJ+Sg8rzzM9v3uoTb2Euk8mR/
E3l9dgx/VFDIEm5khKBtt6yYtb9UZViSz3pzMObp0luKlQU7Qfd+4tqCxwQgRKSZ
0fWZqYb8eNmvIFldsLexKWylooyepcIky13N1diu+YReI++DuZfkS2kjLFbSi+pX
9QIfwiEESDDBzuU4vaxluoxqTFf60z1XXmJjpce2d9wHeuM6UU3nKZB+AGHWg7o8
TtN1k+Go+Dmt
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:13 2024 by rpki-client on console-fra.rpki-client.org