Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209933.roa
File: AS209933.roa (raw, json)
Hash identifier: ue1L7BsjxYuxVkDQ5Ivad2Bh8SncXZMvnjR+Cah05fI=
Subject key identifier: AA:81:0F:53:7F:FF:1C:61:DF:32:5E:E6:DF:13:B0:1E:CE:D5:69:97
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 35626EE1B7FAED6B6A619EF952A92947912A86C7
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209933.roa
Signing time: Tue 05 Dec 2023 02:44:18 +0000
ROA not before: Tue 05 Dec 2023 02:39:18 +0000
ROA not after: Tue 03 Dec 2024 02:44:18 +0000
asID: 209933
IP address blocks: 2a06:a005:1164::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:62:6e:e1:b7:fa:ed:6b:6a:61:9e:f9:52:a9:29:47:91:2a:86:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:18 2023 GMT
Not After : Dec 3 02:44:18 2024 GMT
Subject: CN=AA810F537FFF1C61DF325EE6DF13B01ECED56997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:13:d5:0f:e4:83:61:25:8a:bb:dc:9f:2b:0a:
45:da:9a:e6:bf:62:40:b9:eb:73:6a:f8:e3:e4:01:
87:ec:b7:a0:c9:a9:34:0b:38:cd:98:47:8c:d6:ae:
dd:cf:6f:13:da:89:d2:ea:be:cd:a3:f2:9c:31:f3:
de:9d:71:e1:de:12:ea:16:b4:e2:b9:0c:7d:d8:a2:
de:ea:e7:7b:a7:a8:e2:c9:46:ca:ad:f4:dd:1e:f6:
14:c8:4c:79:10:d8:fc:be:e5:33:9f:5a:86:de:d3:
ec:3f:f8:bc:91:88:33:35:95:e1:99:20:9f:5b:22:
19:92:0e:b8:82:d3:09:ab:e2:84:0d:a6:21:c7:4a:
5e:43:05:a9:a0:0c:51:97:87:6e:86:ba:24:b3:a3:
27:e5:af:e3:95:50:4a:a1:06:cc:5f:76:f4:43:fb:
11:f6:f0:fd:82:8e:e0:0b:1b:b9:c4:d1:e6:48:b7:
ed:29:68:d7:a7:c6:93:44:4d:90:9c:ba:ee:e5:4e:
25:e6:05:a9:e0:de:86:f8:84:57:79:8f:2f:2a:00:
f9:2f:4c:ef:91:3d:da:58:0f:7f:23:9d:65:eb:94:
a6:4a:da:49:39:d6:c9:a5:1e:cd:c3:fb:34:55:25:
9f:fe:88:f9:3b:88:3b:3b:01:ac:18:19:91:db:0f:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:81:0F:53:7F:FF:1C:61:DF:32:5E:E6:DF:13:B0:1E:CE:D5:69:97
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1164::/48
Signature Algorithm: sha256WithRSAEncryption
55:e8:36:46:b9:35:14:a6:6f:ef:17:c7:83:86:0f:44:dc:a6:
ff:b8:bd:a3:59:dc:03:59:6e:53:54:7e:31:d2:02:51:61:d9:
b1:dd:a4:95:25:c5:f2:5c:de:a4:b2:3d:6f:dd:52:83:95:e0:
15:53:ef:fe:64:e7:2a:57:b0:b9:9a:29:8b:17:1c:52:93:0a:
8d:3b:87:79:00:ec:5d:b6:32:7f:10:d8:c2:cc:a0:0f:48:41:
31:e9:37:14:c9:af:24:fa:df:11:35:31:5e:bd:a6:66:fe:be:
4a:a0:9f:65:6a:ee:10:82:cb:30:30:58:4e:db:a8:ea:85:b1:
13:cc:1c:7f:04:d7:f2:e4:e0:ef:51:f1:18:24:b4:a7:ea:cf:
a8:2d:11:30:49:c6:8c:39:db:27:37:4f:94:a5:44:cb:c5:6a:
89:3b:3d:1d:5f:d9:f4:06:f6:d4:c1:d8:33:e0:e7:c5:66:1e:
c2:e5:fc:2e:f7:c6:02:b3:02:0f:b7:9f:aa:a6:b2:a5:44:58:
b0:07:ae:35:58:13:64:f6:b4:3d:3c:97:f5:98:c4:06:fb:0f:
cc:84:74:61:25:eb:ef:32:20:e4:44:ef:c8:a3:8f:85:40:61:
d8:e5:6c:1d:5f:a9:7c:c6:d9:42:7a:db:f2:93:38:b9:c1:9d:
96:66:30:25
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUNWJu4bf67WtqYZ75UqkpR5EqhscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MThaFw0yNDEyMDMwMjQ0MThaMDMxMTAvBgNV
BAMTKEFBODEwRjUzN0ZGRjFDNjFERjMyNUVFNkRGMTNCMDFFQ0VENTY5OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzE9UP5INhJYq73J8rCkXamua/
YkC563Nq+OPkAYfst6DJqTQLOM2YR4zWrt3PbxPaidLqvs2j8pwx896dceHeEuoW
tOK5DH3Yot7q53unqOLJRsqt9N0e9hTITHkQ2Py+5TOfWobe0+w/+LyRiDM1leGZ
IJ9bIhmSDriC0wmr4oQNpiHHSl5DBamgDFGXh26GuiSzoyflr+OVUEqhBsxfdvRD
+xH28P2CjuALG7nE0eZIt+0paNenxpNETZCcuu7lTiXmBang3ob4hFd5jy8qAPkv
TO+RPdpYD38jnWXrlKZK2kk51smlHs3D+zRVJZ/+iPk7iDs7AawYGZHbD0ElAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUqoEPU3//HGHfMl7m3xOwHs7VaZcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5OTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRFkMA0GCSqGSIb3DQEBCwUAA4IBAQBV6DZG
uTUUpm/vF8eDhg9E3Kb/uL2jWdwDWW5TVH4x0gJRYdmx3aSVJcXyXN6ksj1v3VKD
leAVU+/+ZOcqV7C5mimLFxxSkwqNO4d5AOxdtjJ/ENjCzKAPSEEx6TcUya8k+t8R
NTFevaZm/r5KoJ9lau4QgsswMFhO26jqhbETzBx/BNfy5ODvUfEYJLSn6s+oLREw
ScaMOdsnN0+UpUTLxWqJOz0dX9n0BvbUwdgz4OfFZh7C5fwu98YCswIPt5+qprKl
RFiwB641WBNk9rQ9PJf1mMQG+w/MhHRhJevvMiDkRO/Io4+FQGHY5WwdX6l8xtlC
etvykzi5wZ2WZjAl
-----END CERTIFICATE-----
Generated at Fri May 3 20:32:56 2024 by rpki-client on console-fra.rpki-client.org