Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210758.roa
File: AS210758.roa (raw, json)
Hash identifier: LpicLuJ9a6ef9RabTwq/ufRUYUYRS8yT5vbi/Bqhh7A=
Subject key identifier: 36:94:DB:6D:93:92:05:D6:53:AF:C7:C4:43:D4:D5:66:89:7E:5A:88
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0A8146411AD85FE625FC41401F6CC7C52E6B8C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210758.roa
Signing time: Tue 05 Dec 2023 02:44:20 +0000
ROA not before: Tue 05 Dec 2023 02:39:20 +0000
ROA not after: Tue 03 Dec 2024 02:44:20 +0000
asID: 210758
IP address blocks: 2a06:a005:5a9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:81:46:41:1a:d8:5f:e6:25:fc:41:40:1f:6c:c7:c5:2e:6b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:20 2023 GMT
Not After : Dec 3 02:44:20 2024 GMT
Subject: CN=3694DB6D939205D653AFC7C443D4D566897E5A88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:21:71:eb:df:e6:d3:10:72:67:3c:9a:f1:2f:
27:72:dc:0d:8a:3e:ed:6b:7b:bc:7a:f2:84:0d:43:
d2:de:9b:e1:73:58:ac:b0:b4:a2:fe:49:09:30:94:
1f:b1:23:5c:57:c7:fa:9f:ff:9c:9d:69:dc:6f:90:
5f:58:eb:64:e1:fe:c9:55:24:36:8b:79:ca:e9:68:
88:c1:39:87:06:a0:0a:08:9c:cb:56:5a:a2:06:ce:
f1:7b:ac:c2:b0:72:a7:6d:d8:01:a3:55:2c:45:52:
7f:4a:01:17:6b:91:91:88:56:7e:2d:00:59:be:6f:
19:86:b8:68:b4:ae:ef:07:96:af:9b:6d:3d:b5:fd:
ad:5d:11:41:58:75:3c:60:5d:ea:73:12:f5:84:cd:
26:0c:fb:96:6d:2d:01:bc:ce:28:da:41:e7:f8:de:
83:fc:9c:35:7e:ba:9c:e3:ca:49:c6:3f:97:2d:bb:
6d:bd:37:76:6b:f1:ca:58:e4:e8:49:d8:f3:9d:2f:
b8:b8:92:aa:4b:17:96:25:ab:4b:1b:65:60:84:95:
b7:96:e8:92:39:69:b7:4c:d7:7a:f5:cf:d7:df:29:
ad:53:96:27:fa:69:13:6d:47:20:f0:0b:c5:a8:2a:
85:11:54:77:85:77:bb:9f:21:fd:2b:10:32:59:09:
77:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:94:DB:6D:93:92:05:D6:53:AF:C7:C4:43:D4:D5:66:89:7E:5A:88
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210758.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5a9::/48
Signature Algorithm: sha256WithRSAEncryption
bd:c6:a1:62:f4:1b:e0:49:69:e5:86:3a:98:e1:a9:7a:91:db:
ff:8d:95:6b:6a:7a:db:e1:7d:58:00:d7:30:89:90:30:66:bb:
11:ea:ac:e4:23:d8:4d:7e:10:da:29:f0:00:bf:21:19:78:73:
c6:04:50:b7:1d:23:87:92:5b:bf:38:b2:03:e4:be:ea:86:20:
ca:d9:9d:13:82:10:84:d1:33:59:40:95:e2:8d:79:53:0d:e8:
b1:de:50:37:13:79:b4:75:a8:11:2c:fa:27:cb:4a:9f:1a:81:
09:c1:4f:3d:0c:b7:9b:ab:b2:88:4a:de:6e:f1:34:6b:9b:68:
3d:8d:81:51:04:89:c1:83:7f:1d:1c:bf:c1:d8:3d:9e:b8:9f:
c2:4b:69:7d:fb:fc:b2:94:7c:e2:24:90:c0:d5:9c:57:83:5c:
cd:39:74:2d:2f:80:da:17:26:ef:f5:0d:c8:8b:5d:5d:ac:5e:
d2:e5:e8:b0:fe:81:71:58:6e:65:18:65:10:1c:40:c7:8f:65:
51:34:e6:f9:ce:38:8f:6f:05:d7:d3:19:1c:93:88:f3:c6:08:
20:36:d2:d0:33:5f:a1:13:72:ed:26:ef:e8:98:f4:f9:e0:e6:
03:bc:d0:c0:d5:b7:3d:a3:6a:98:e4:0c:da:2b:d9:2c:75:d4:
d1:fe:32:8a
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgITCoFGQRrYX+Yl/EFAH2zHxS5rjDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg3OTk0MzhmMWIxNzYyYWVlZjhhMzVjZjRlNmNiYWU5NzY5
OWJkMDIwMB4XDTIzMTIwNTAyMzkyMFoXDTI0MTIwMzAyNDQyMFowMzExMC8GA1UE
AxMoMzY5NERCNkQ5MzkyMDVENjUzQUZDN0M0NDNENEQ1NjY4OTdFNUE4ODCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKohcevf5tMQcmc8mvEvJ3LcDYo+
7Wt7vHryhA1D0t6b4XNYrLC0ov5JCTCUH7EjXFfH+p//nJ1p3G+QX1jrZOH+yVUk
Not5yuloiME5hwagCgicy1ZaogbO8XuswrByp23YAaNVLEVSf0oBF2uRkYhWfi0A
Wb5vGYa4aLSu7weWr5ttPbX9rV0RQVh1PGBd6nMS9YTNJgz7lm0tAbzOKNpB5/je
g/ycNX66nOPKScY/ly27bb03dmvxyljk6EnY850vuLiSqksXliWrSxtlYISVt5bo
kjlpt0zXevXP198prVOWJ/ppE21HIPALxagqhRFUd4V3u58h/SsQMlkJdysCAwEA
AaOCAfIwggHuMB0GA1UdDgQWBBQ2lNttk5IF1lOvx8RD1NVmiX5aiDAfBgNVHSME
GDAWgBR5lDjxsXYq7vijXPTmy66XaZvQIDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud
HwR+MHwweqB4oHaGdHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9y
eS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yLzc5OTQzOEYxQjE3
NjJBRUVGOEEzNUNGNEU2Q0JBRTk3Njk5QkQwMjAuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lWlE0OGJGMkt1NzRvMXowNXN1dWwybWIwQ0EuY2VyMHAGCCsGAQUF
BwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9y
ZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1YzkxYmUzZjlkLzIvQVMy
MTA3NTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFBakwDQYJKoZIhvcNAQELBQADggEBAL3GoWL0
G+BJaeWGOpjhqXqR2/+NlWtqetvhfVgA1zCJkDBmuxHqrOQj2E1+ENop8AC/IRl4
c8YEULcdI4eSW784sgPkvuqGIMrZnROCEITRM1lAleKNeVMN6LHeUDcTebR1qBEs
+ifLSp8agQnBTz0Mt5ursohK3m7xNGubaD2NgVEEicGDfx0cv8HYPZ64n8JLaX37
/LKUfOIkkMDVnFeDXM05dC0vgNoXJu/1DciLXV2sXtLl6LD+gXFYbmUYZRAcQMeP
ZVE05vnOOI9vBdfTGRyTiPPGCCA20tAzX6ETcu0m7+iY9Png5gO80MDVtz2japjk
DNor2Sx11NH+Moo=
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:34 2024 by rpki-client on console-ams.rpki-client.org