Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210667.roa
File: AS210667.roa (raw, json)
Hash identifier: +tlacCWu/3pw0xj8gnYtoSiURu3/WQ1qovtuNIb0RCA=
Subject key identifier: 30:B7:09:8E:E6:E6:40:D3:8C:CC:02:7F:3C:78:68:B4:A8:F0:D5:37
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0B7579FB536D96BB20BC69027F6D45A9B3004915
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210667.roa
Signing time: Fri 13 Dec 2024 02:56:30 +0000
ROA not before: Fri 13 Dec 2024 02:51:30 +0000
ROA not after: Fri 12 Dec 2025 02:56:30 +0000
asID: 210667
IP address blocks: 89.39.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:75:79:fb:53:6d:96:bb:20:bc:69:02:7f:6d:45:a9:b3:00:49:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 13 02:51:30 2024 GMT
Not After : Dec 12 02:56:30 2025 GMT
Subject: CN=30B7098EE6E640D38CCC027F3C7868B4A8F0D537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:bb:d5:be:5a:a4:db:75:93:34:3e:17:09:
2e:fb:5c:82:3b:dd:fd:0c:51:c8:cb:36:ad:62:30:
0f:8e:d9:e2:f6:54:ab:a1:67:6d:b9:3a:65:5f:d3:
24:38:c4:c7:17:55:e1:f0:1f:82:2b:48:03:ef:7e:
79:27:93:25:21:8e:1e:c1:2c:75:32:7b:87:c5:5a:
4f:ff:97:29:9b:f5:dd:c7:59:86:15:45:b2:d9:cb:
d2:1b:fa:76:ea:a9:25:f6:25:1d:a1:ef:a6:70:70:
7d:c7:8d:af:9b:cd:37:22:93:5e:0e:f6:47:3e:2b:
87:02:5e:f6:4f:d2:ff:5a:f0:c2:27:66:d4:aa:47:
a2:bf:a9:37:12:e8:62:71:e7:70:f3:29:c8:5c:e8:
39:db:d2:fe:c6:85:6b:1d:fe:9c:0f:8f:a3:d3:4d:
02:b5:4a:7e:d7:1a:9f:75:c1:19:df:81:4c:68:3f:
ad:8f:70:b4:74:ee:3d:5f:7f:6f:1b:dd:da:14:0b:
ed:da:e9:52:9e:d7:86:2b:3a:ce:ce:66:9c:09:8c:
7f:80:c8:b1:f7:44:54:81:da:54:66:cc:10:1c:1a:
37:07:72:c6:1e:99:cf:33:8a:46:59:fc:40:4f:10:
73:c5:93:01:d4:cf:b5:52:06:2f:ed:b6:dd:d7:88:
7a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B7:09:8E:E6:E6:40:D3:8C:CC:02:7F:3C:78:68:B4:A8:F0:D5:37
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.211.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:30:a2:e2:32:18:e3:05:47:e9:e9:53:d7:58:46:f3:f9:2b:
0f:82:c1:3c:84:df:62:ac:d8:bb:00:0e:4a:a7:6a:c2:d3:81:
10:13:d8:a0:5b:60:ea:bc:b3:e3:97:80:62:f4:07:34:b7:54:
eb:e5:15:03:55:59:aa:7d:b4:34:34:f8:0d:41:ff:ce:29:fe:
45:26:f2:19:43:14:c0:6d:4b:ee:83:c2:30:db:d1:49:94:ae:
ab:4d:60:2a:b3:95:74:53:aa:b9:64:65:45:cd:67:4f:56:b3:
78:4d:39:a1:07:10:6f:98:2e:29:c1:53:9d:ec:05:00:43:d9:
70:db:75:ee:c3:79:c5:9b:dc:f4:ae:1a:b2:0c:8e:ed:a1:93:
13:45:b2:d8:a4:1b:a9:90:89:c4:88:6e:bb:3b:8e:71:24:19:
cb:77:30:f6:bf:be:e3:85:ab:b6:7a:af:12:33:bf:91:62:a9:
15:25:3d:26:09:ec:95:26:ce:1c:2f:81:33:a3:86:ae:3d:7c:
91:ad:cc:62:8a:b8:7d:08:99:fd:24:79:26:57:26:4f:2d:fb:
dc:19:07:e2:1d:42:f6:b4:de:2e:b9:83:50:a7:e2:ae:50:24:
75:06:ac:74:e5:4b:24:73:c5:01:0d:b4:6b:2b:f9:2f:9c:29:
2e:68:09:b4
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUC3V5+1NtlrsgvGkCf21FqbMASRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMzBaFw0yNTEyMTIwMjU2MzBaMDMxMTAvBgNV
BAMTKDMwQjcwOThFRTZFNjQwRDM4Q0NDMDI3RjNDNzg2OEI0QThGMEQ1MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4VrvVvlqk23WTND4XCS77XII7
3f0MUcjLNq1iMA+O2eL2VKuhZ225OmVf0yQ4xMcXVeHwH4IrSAPvfnknkyUhjh7B
LHUye4fFWk//lymb9d3HWYYVRbLZy9Ib+nbqqSX2JR2h76ZwcH3Hja+bzTcik14O
9kc+K4cCXvZP0v9a8MInZtSqR6K/qTcS6GJx53DzKchc6Dnb0v7GhWsd/pwPj6PT
TQK1Sn7XGp91wRnfgUxoP62PcLR07j1ff28b3doUC+3a6VKe14YrOs7OZpwJjH+A
yLH3RFSB2lRmzBAcGjcHcsYemc8zikZZ/EBPEHPFkwHUz7VSBi/ttt3XiHozAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUMLcJjubmQNOMzAJ/PHhotKjw1TcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwNjY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAWSfTMA0GCSqGSIb3DQEBCwUAA4IBAQA9MKLiMhjj
BUfp6VPXWEbz+SsPgsE8hN9irNi7AA5Kp2rC04EQE9igW2DqvLPjl4Bi9Ac0t1Tr
5RUDVVmqfbQ0NPgNQf/OKf5FJvIZQxTAbUvug8Iw29FJlK6rTWAqs5V0U6q5ZGVF
zWdPVrN4TTmhBxBvmC4pwVOd7AUAQ9lw23Xuw3nFm9z0rhqyDI7toZMTRbLYpBup
kInEiG67O45xJBnLdzD2v77jhau2eq8SM7+RYqkVJT0mCeyVJs4cL4Ezo4auPXyR
rcxiirh9CJn9JHkmVyZPLfvcGQfiHUL2tN4uuYNQp+KuUCR1Bqx05Uskc8UBDbRr
K/kvnCkuaAm0
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:40:20 2025 by rpki-client