Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210888.roa
File: AS210888.roa (raw, json)
Hash identifier: gwLLpieMmDNSVtnVS3Wz1vgvM4U7TEgXTmzeLC8dQ/o=
Subject key identifier: 6C:41:D9:21:92:00:4F:2B:44:03:99:BF:BE:B4:A2:6F:59:AC:57:E0
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 528ABA0DA9BBFEA5AAECB9EF27A816CABF6051B4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210888.roa
Signing time: Tue 05 Nov 2024 03:40:08 +0000
ROA not before: Tue 05 Nov 2024 03:35:08 +0000
ROA not after: Tue 04 Nov 2025 03:40:08 +0000
asID: 210888
IP address blocks: 2a06:a005:4f0::/44 maxlen: 48
2a06:a005:1169::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:8a:ba:0d:a9:bb:fe:a5:aa:ec:b9:ef:27:a8:16:ca:bf:60:51:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:08 2024 GMT
Not After : Nov 4 03:40:08 2025 GMT
Subject: CN=6C41D92192004F2B440399BFBEB4A26F59AC57E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8a:89:b4:9a:5e:b2:3f:2a:90:54:4a:ed:c2:
c0:04:0f:c0:91:5a:ee:fe:74:8d:cf:09:19:9b:14:
dc:14:68:90:2b:23:c2:28:dd:e2:8f:ba:7d:85:f1:
d5:15:8c:b9:08:a6:15:8b:f3:e6:b2:79:7a:1c:6b:
83:ee:90:fd:75:22:28:aa:44:b9:be:6f:fc:74:0d:
e6:1d:9d:f9:99:76:f2:0b:0a:e7:42:15:90:1a:08:
4f:58:ca:ab:b6:fe:a5:c9:a0:43:d1:9a:34:9f:d9:
8b:9e:4e:8d:8e:91:be:f5:8b:d7:65:8f:36:f8:be:
da:4c:01:e0:61:74:88:8d:cd:1b:80:cd:97:d9:d9:
7c:64:65:e1:a5:01:7e:bf:5c:11:d1:91:45:84:44:
03:8f:1a:56:fb:d4:73:b4:47:7d:47:41:7c:d2:a9:
51:d5:5c:ed:4c:e2:2d:c2:a3:fc:dc:0f:d8:d7:35:
b5:b5:7e:a7:9e:71:5c:18:11:73:65:0a:9f:25:3e:
78:69:22:17:3f:3a:b6:35:cc:b7:6f:85:01:dc:fc:
d5:bc:79:a8:f0:1a:32:ec:f2:de:7f:17:26:b8:66:
ec:1f:a3:7b:0b:8e:32:d5:0b:9e:a8:ff:cd:1c:54:
30:2e:85:a9:44:df:07:ba:c4:fe:37:c6:a2:9e:85:
01:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:41:D9:21:92:00:4F:2B:44:03:99:BF:BE:B4:A2:6F:59:AC:57:E0
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210888.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:4f0::/44
2a06:a005:1169::/48
Signature Algorithm: sha256WithRSAEncryption
a5:56:70:04:8a:5d:77:b4:01:88:94:da:41:5f:cc:42:e6:dd:
41:ef:03:b7:bc:ad:09:8a:f9:e6:7d:4c:6e:b0:1d:cb:7d:2c:
2a:5b:ec:62:de:8d:b9:68:12:ec:ef:89:40:1b:10:c2:5d:60:
b1:f3:de:21:f6:f7:70:57:1f:8e:58:cc:ee:72:e7:69:6d:04:
7a:97:10:57:bd:0a:fd:a9:cf:3f:47:c0:0d:15:7e:9d:cd:bc:
01:80:df:bc:11:49:93:18:94:95:4d:aa:2f:b9:8d:03:1d:c8:
d9:d9:41:96:78:be:2c:dc:6d:e0:c3:34:d9:53:8d:97:07:3b:
84:6f:9e:72:e1:c1:79:35:67:0a:ac:dc:dc:d6:4b:9d:57:70:
b3:a5:ad:76:ea:25:28:96:f8:b1:3c:0c:09:0c:2c:5c:f9:56:
eb:84:7e:9b:09:f1:a3:28:fb:4a:93:bd:3b:2c:3f:1d:4c:d3:
f9:38:4f:47:8e:29:96:f7:8c:0e:7c:62:86:5f:58:bb:02:55:
2f:29:10:3a:bc:e9:b9:93:b0:a6:83:48:05:8e:f7:e3:66:2b:
69:08:67:bb:7e:8f:e8:44:d4:68:09:ba:97:8c:46:52:4e:50:
a9:3d:cf:26:68:fe:08:fc:b4:28:42:2e:96:83:fc:42:39:bc:
eb:05:c8:f1
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUUoq6Dam7/qWq7LnvJ6gWyr9gUbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDhaFw0yNTExMDQwMzQwMDhaMDMxMTAvBgNV
BAMTKDZDNDFEOTIxOTIwMDRGMkI0NDAzOTlCRkJFQjRBMjZGNTlBQzU3RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDliom0ml6yPyqQVErtwsAED8CR
Wu7+dI3PCRmbFNwUaJArI8Io3eKPun2F8dUVjLkIphWL8+ayeXoca4PukP11Iiiq
RLm+b/x0DeYdnfmZdvILCudCFZAaCE9Yyqu2/qXJoEPRmjSf2YueTo2Okb71i9dl
jzb4vtpMAeBhdIiNzRuAzZfZ2XxkZeGlAX6/XBHRkUWERAOPGlb71HO0R31HQXzS
qVHVXO1M4i3Co/zcD9jXNbW1fqeecVwYEXNlCp8lPnhpIhc/OrY1zLdvhQHc/NW8
eajwGjLs8t5/Fya4Zuwfo3sLjjLVC56o/80cVDAuhalE3we6xP43xqKehQGvAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUbEHZIZIATytEA5m/vrSib1msV+AwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwODg4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBQTwAwcAKgagBRFpMA0GCSqGSIb3DQEBCwUA
A4IBAQClVnAEil13tAGIlNpBX8xC5t1B7wO3vK0JivnmfUxusB3LfSwqW+xi3o25
aBLs74lAGxDCXWCx894h9vdwVx+OWMzucudpbQR6lxBXvQr9qc8/R8ANFX6dzbwB
gN+8EUmTGJSVTaovuY0DHcjZ2UGWeL4s3G3gwzTZU42XBzuEb55y4cF5NWcKrNzc
1kudV3Czpa126iUolvixPAwJDCxc+VbrhH6bCfGjKPtKk707LD8dTNP5OE9HjimW
94wOfGKGX1i7AlUvKRA6vOm5k7Cmg0gFjvfjZitpCGe7fo/oRNRoCbqXjEZSTlCp
Pc8maP4I/LQoQi6Wg/xCObzrBcjx
-----END CERTIFICATE-----