Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210023.roa
File: AS210023.roa (raw, json)
Hash identifier: S68HqLrCLHpShzoponM4KH1+SUuoquIFuvIjQmCI5Nk=
Subject key identifier: 34:61:54:40:4B:F9:2A:0F:8E:8D:F7:CB:DE:EC:05:18:63:C4:54:DF
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 2842B2F7081756103C54C6758868EF76AB426A15
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210023.roa
Signing time: Tue 05 Nov 2024 03:40:09 +0000
ROA not before: Tue 05 Nov 2024 03:35:09 +0000
ROA not after: Tue 04 Nov 2025 03:40:09 +0000
asID: 210023
IP address blocks: 2a06:a005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:42:b2:f7:08:17:56:10:3c:54:c6:75:88:68:ef:76:ab:42:6a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:09 2024 GMT
Not After : Nov 4 03:40:09 2025 GMT
Subject: CN=346154404BF92A0F8E8DF7CBDEEC051863C454DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d0:52:25:7b:85:e1:32:d1:cc:ce:18:5f:3d:
0e:67:50:77:87:cd:25:f5:d4:47:34:82:e7:3d:6e:
ff:95:9a:76:1e:50:aa:64:0d:14:1f:c8:f8:29:6b:
cd:93:18:aa:d3:cd:dc:33:ad:3b:ef:09:ef:c5:a1:
b5:9c:2c:0a:dd:9a:2a:72:36:b6:06:54:a8:16:dd:
a0:21:0a:a5:fd:be:56:09:e4:0c:1a:6d:4f:b1:22:
ca:ac:1b:a7:5c:c6:e1:13:24:23:57:c9:b8:b3:60:
ca:af:cf:cc:5f:1c:bd:c4:8e:9c:b0:db:cc:92:b8:
40:95:f9:00:be:3f:e6:d6:df:5a:90:28:35:c3:17:
dc:34:1f:10:c5:41:f8:db:b5:c6:09:68:7d:f1:03:
f5:ff:86:ff:47:ae:a0:e2:36:2c:23:81:42:06:f2:
b4:e1:53:1f:fd:e2:32:8b:00:50:47:a6:6f:a0:ad:
38:10:e7:53:9b:79:22:e0:73:e0:61:a2:c7:29:9a:
2e:76:2d:63:7c:fb:cc:db:96:43:03:1a:71:71:70:
50:78:44:67:79:42:8d:89:e2:b7:40:cd:5b:40:1b:
8f:27:94:ea:51:70:17:f7:ee:ed:cc:f2:18:e5:2c:
77:f7:87:ff:14:28:24:c8:ea:53:88:35:3d:5d:b4:
e6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:61:54:40:4B:F9:2A:0F:8E:8D:F7:CB:DE:EC:05:18:63:C4:54:DF
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210023.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005::/48
Signature Algorithm: sha256WithRSAEncryption
52:01:ee:85:d2:60:60:e4:d9:4c:98:57:42:81:f4:2c:c5:18:
20:80:1b:95:f2:f2:6a:93:47:0f:8e:ba:64:90:57:2e:3f:05:
d4:3a:b3:c0:5f:53:61:13:4c:5f:ba:5b:8b:ee:fd:cb:92:38:
9a:e7:ef:e7:ec:be:dc:70:69:4b:32:58:3c:f6:86:74:88:53:
67:d9:6a:9c:2b:7e:9b:e9:cb:b4:92:b2:e5:54:4f:1c:9f:d6:
a4:6a:eb:a1:0c:7e:01:ea:7e:26:ad:e6:f7:16:d9:c0:09:21:
77:72:0d:4d:45:06:be:40:0a:e2:b5:c7:29:c3:82:33:aa:82:
a3:00:ac:03:cd:f4:9a:4e:90:d1:3d:ec:0e:db:67:19:b7:c1:
6f:d6:1f:1a:47:4d:62:16:15:0e:53:b6:3e:a9:dd:9b:7c:04:
38:bd:ef:45:78:4f:7f:15:f2:e6:96:eb:39:88:b2:df:86:0a:
dc:01:d2:30:07:6d:b3:4b:74:3b:53:0f:dc:96:ae:94:b2:47:
8b:32:bf:99:80:f8:9b:dc:39:bc:f6:13:35:0d:c7:e9:ee:19:
79:ab:6b:9b:55:37:64:a5:59:30:46:21:28:01:b7:59:88:6c:
6e:25:48:2e:f8:38:87:f9:72:2c:41:91:46:75:95:09:d2:b4:
15:f4:a6:5b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUKEKy9wgXVhA8VMZ1iGjvdqtCahUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDlaFw0yNTExMDQwMzQwMDlaMDMxMTAvBgNV
BAMTKDM0NjE1NDQwNEJGOTJBMEY4RThERjdDQkRFRUMwNTE4NjNDNDU0REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn0FIle4XhMtHMzhhfPQ5nUHeH
zSX11Ec0guc9bv+VmnYeUKpkDRQfyPgpa82TGKrTzdwzrTvvCe/FobWcLArdmipy
NrYGVKgW3aAhCqX9vlYJ5AwabU+xIsqsG6dcxuETJCNXybizYMqvz8xfHL3Ejpyw
28ySuECV+QC+P+bW31qQKDXDF9w0HxDFQfjbtcYJaH3xA/X/hv9HrqDiNiwjgUIG
8rThUx/94jKLAFBHpm+grTgQ51ObeSLgc+Bhoscpmi52LWN8+8zblkMDGnFxcFB4
RGd5Qo2J4rdAzVtAG48nlOpRcBf37u3M8hjlLHf3h/8UKCTI6lOINT1dtOarAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUNGFUQEv5Kg+OjffL3uwFGGPEVN8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwMDIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBSAe6F
0mBg5NlMmFdCgfQsxRgggBuV8vJqk0cPjrpkkFcuPwXUOrPAX1NhE0xfuluL7v3L
kjia5+/n7L7ccGlLMlg89oZ0iFNn2WqcK36b6cu0krLlVE8cn9akauuhDH4B6n4m
reb3FtnACSF3cg1NRQa+QAritccpw4IzqoKjAKwDzfSaTpDRPewO22cZt8Fv1h8a
R01iFhUOU7Y+qd2bfAQ4ve9FeE9/FfLmlus5iLLfhgrcAdIwB22zS3Q7Uw/clq6U
skeLMr+ZgPib3Dm89hM1Dcfp7hl5q2ubVTdkpVkwRiEoAbdZiGxuJUgu+DiH+XIs
QZFGdZUJ0rQV9KZb
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:11 2024 by rpki-client on console-ams.rpki-client.org