Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210825.roa
File: AS210825.roa (raw, json)
Hash identifier: kmWU7OGRUtjLFnF21cYvxqCh3ma7b6LXEnRV6lEdqL0=
Subject key identifier: 55:CA:38:9B:99:82:BA:76:A0:9F:EB:E6:41:19:4A:5D:E7:C1:AD:DD
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 5A6BA40EEE82ACFBAC784CEC6A3F1604763E2D8A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210825.roa
Signing time: Tue 05 Nov 2024 03:40:07 +0000
ROA not before: Tue 05 Nov 2024 03:35:07 +0000
ROA not after: Tue 04 Nov 2025 03:40:07 +0000
asID: 210825
IP address blocks: 2a06:a005:5a1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:6b:a4:0e:ee:82:ac:fb:ac:78:4c:ec:6a:3f:16:04:76:3e:2d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:07 2024 GMT
Not After : Nov 4 03:40:07 2025 GMT
Subject: CN=55CA389B9982BA76A09FEBE641194A5DE7C1ADDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:51:37:a6:3e:8b:e9:83:f5:b2:05:a8:47:62:
16:da:82:ba:03:4d:06:a7:36:95:b2:fa:0d:d7:20:
1e:63:f8:17:87:a2:33:ef:6b:93:f2:44:00:96:df:
5c:88:ad:87:43:94:47:ce:2c:c1:69:ba:6d:a3:ca:
43:a5:5a:37:74:7b:c8:1a:c7:4b:d9:85:98:3c:fa:
04:3e:ae:9b:18:91:06:4a:46:6f:30:4e:13:f5:84:
b4:7f:f1:2d:5e:b2:2a:cb:33:94:38:07:a0:c0:7e:
a2:e8:77:8a:c9:0e:1b:bf:30:f2:15:d6:49:81:98:
92:74:60:02:0b:e4:6d:63:61:83:91:0e:26:8f:ed:
0c:a7:4d:48:07:14:98:09:24:2d:d5:7c:bd:e8:ba:
6a:d1:16:d1:6f:6e:13:05:2c:7c:5c:dc:48:0e:fb:
cb:78:e3:cc:36:ef:7a:45:29:6c:cf:cf:60:fc:08:
9f:03:cd:c4:92:8e:ef:a7:c7:de:e8:38:a2:74:04:
b2:c0:92:23:70:a8:92:f0:87:12:b3:28:75:ce:78:
0a:76:5c:8a:c1:54:b3:4c:1e:15:0b:2b:29:bd:e0:
e5:58:88:c5:af:df:9b:13:a6:d8:60:d2:02:f3:6f:
b8:5c:b1:eb:e8:7c:28:e6:18:e5:85:94:d1:6d:1c:
51:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:CA:38:9B:99:82:BA:76:A0:9F:EB:E6:41:19:4A:5D:E7:C1:AD:DD
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210825.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5a1::/48
Signature Algorithm: sha256WithRSAEncryption
1c:d1:cd:34:c7:c4:0a:0e:11:c4:81:50:e1:a8:0d:c7:7c:61:
92:8e:20:87:07:9e:45:e6:5e:f6:fc:e1:38:a4:df:32:13:1d:
6b:29:8d:09:0e:43:16:8f:22:6c:cd:f6:ba:a3:b2:e4:b6:17:
a9:dc:33:b0:09:8c:36:44:f2:41:db:a9:b5:55:26:ec:a8:46:
23:af:b4:52:e1:ed:45:50:6e:0a:0c:e2:ce:a8:70:ab:3e:ea:
10:15:85:b1:cc:15:09:5c:a6:be:64:95:3a:72:0f:31:96:6b:
e7:80:ba:7c:43:77:5b:2d:fe:a0:ed:47:07:f9:2e:18:bf:8a:
46:3d:bf:8b:41:a3:f0:37:dc:5a:2a:11:07:69:04:57:b6:6f:
ac:c0:ab:dd:46:04:89:9c:e0:95:40:40:8e:a1:70:60:d5:85:
2d:f1:a5:c5:93:5d:1c:2a:3f:e5:53:19:8f:a6:c5:b3:b4:96:
e4:0a:9c:fa:bc:bc:e8:7e:2c:33:60:fb:df:e7:72:32:0a:27:
54:ab:f9:09:dc:58:8a:4d:fc:ad:55:0a:aa:fb:89:a8:4c:02:
f7:7d:86:3c:ae:0a:d3:58:94:0c:8c:d2:01:1d:ea:6c:76:84:
74:a4:53:10:cc:34:78:2e:a3:6f:45:c3:00:1b:17:97:a3:99:
2f:44:a3:d8
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUWmukDu6CrPuseEzsaj8WBHY+LYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDdaFw0yNTExMDQwMzQwMDdaMDMxMTAvBgNV
BAMTKDU1Q0EzODlCOTk4MkJBNzZBMDlGRUJFNjQxMTk0QTVERTdDMUFEREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjUTemPovpg/WyBahHYhbagroD
TQanNpWy+g3XIB5j+BeHojPva5PyRACW31yIrYdDlEfOLMFpum2jykOlWjd0e8ga
x0vZhZg8+gQ+rpsYkQZKRm8wThP1hLR/8S1esirLM5Q4B6DAfqLod4rJDhu/MPIV
1kmBmJJ0YAIL5G1jYYORDiaP7QynTUgHFJgJJC3VfL3oumrRFtFvbhMFLHxc3EgO
+8t448w273pFKWzPz2D8CJ8DzcSSju+nx97oOKJ0BLLAkiNwqJLwhxKzKHXOeAp2
XIrBVLNMHhULKym94OVYiMWv35sTpthg0gLzb7hcsevofCjmGOWFlNFtHFEnAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUVco4m5mCunagn+vmQRlKXefBrd0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwODI1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQWhMA0GCSqGSIb3DQEBCwUAA4IBAQAc0c00
x8QKDhHEgVDhqA3HfGGSjiCHB55F5l72/OE4pN8yEx1rKY0JDkMWjyJszfa6o7Lk
thep3DOwCYw2RPJB26m1VSbsqEYjr7RS4e1FUG4KDOLOqHCrPuoQFYWxzBUJXKa+
ZJU6cg8xlmvngLp8Q3dbLf6g7UcH+S4Yv4pGPb+LQaPwN9xaKhEHaQRXtm+swKvd
RgSJnOCVQECOoXBg1YUt8aXFk10cKj/lUxmPpsWztJbkCpz6vLzofiwzYPvf53Iy
CidUq/kJ3FiKTfytVQqq+4moTAL3fYY8rgrTWJQMjNIBHepsdoR0pFMQzDR4LqNv
RcMAGxeXo5kvRKPY
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:04:24 2024 by rpki-client on console-fra.rpki-client.org