Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211367.roa
File: AS211367.roa (raw, json)
Hash identifier: WFwyAoEZhhIsXm3bx7IXJsTIsZLiJ/3uujn7lf27sgA=
Subject key identifier: 28:D3:77:21:73:2F:21:7B:2A:85:00:ED:FA:9A:B7:E6:2F:10:FF:A6
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 1E6B3605EB8422523E3C45BE692CBA596443EC67
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211367.roa
Signing time: Tue 05 Dec 2023 02:44:12 +0000
ROA not before: Tue 05 Dec 2023 02:39:12 +0000
ROA not after: Tue 03 Dec 2024 02:44:12 +0000
asID: 211367
IP address blocks: 2a06:a005:420::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:6b:36:05:eb:84:22:52:3e:3c:45:be:69:2c:ba:59:64:43:ec:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:12 2023 GMT
Not After : Dec 3 02:44:12 2024 GMT
Subject: CN=28D37721732F217B2A8500EDFA9AB7E62F10FFA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b4:03:ed:17:cf:20:4a:ce:3a:f4:ab:55:d4:
cd:4e:40:a9:51:70:10:e5:75:b9:4c:bf:69:4d:c6:
8e:4d:50:82:b9:1b:c3:90:4b:a3:46:a0:f3:e4:50:
0f:5e:e9:e3:6e:64:0e:57:3d:46:80:84:74:af:eb:
8c:0a:a6:48:1b:9d:63:9f:b7:64:90:47:ac:03:0f:
e5:c8:49:35:b5:20:f8:26:d2:f2:dd:3f:61:ae:3c:
ee:45:a4:86:2f:e2:c7:e9:e8:97:28:a4:f4:92:c8:
5d:1e:c7:e5:fb:f7:92:96:21:f1:67:07:74:a6:71:
0a:ab:60:2f:db:dd:e2:f3:e0:f2:bb:63:1f:7d:49:
36:0c:56:58:db:be:8c:26:39:61:8a:66:09:1a:c6:
62:21:6f:1d:33:fb:ce:08:cd:4d:ad:e1:08:5c:c3:
c3:ce:9a:d1:17:57:f1:1e:aa:52:22:a4:d7:18:84:
97:a9:32:72:a8:fb:2a:92:30:cf:57:d0:63:58:a5:
10:a8:f9:45:61:60:c2:d5:4c:3a:26:82:50:5f:69:
9a:32:32:a0:86:a3:bf:5b:8c:55:b4:ba:e9:32:2a:
32:80:0a:08:93:cf:11:01:08:bc:a6:ca:89:18:4c:
9c:6e:6a:cc:e6:6e:52:a5:08:7f:9c:51:e2:6d:4f:
0a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D3:77:21:73:2F:21:7B:2A:85:00:ED:FA:9A:B7:E6:2F:10:FF:A6
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211367.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:420::/44
Signature Algorithm: sha256WithRSAEncryption
17:9e:b1:21:57:f9:f4:ed:4a:88:d7:55:03:12:5a:1c:46:84:
7e:4c:87:87:52:ae:cd:d7:54:57:f1:af:e2:b2:7c:6b:46:19:
4e:b5:75:d2:34:94:db:7b:97:4f:a9:9b:6e:ed:8e:82:a9:7d:
8a:72:44:bd:2d:41:77:9a:d5:31:d6:ce:96:04:00:4a:df:86:
e2:01:8b:62:d6:2e:92:11:4a:7e:b0:0a:2b:06:d6:a5:d1:1b:
a7:4f:61:8e:83:33:85:93:01:3c:f4:36:cd:2a:dc:c1:51:c7:
08:e8:5f:6a:37:c4:73:65:40:a5:63:04:0c:d4:da:57:a9:e4:
25:2c:cb:69:8e:76:8d:cb:8a:cd:ec:a8:96:a8:e7:2c:50:cc:
f7:d7:32:49:e4:d6:64:6f:e4:b6:8f:19:f9:f1:b4:2b:30:f5:
26:42:43:88:66:c3:67:9b:21:9f:1a:23:7b:f2:5e:0f:59:24:
65:88:c3:b8:c5:9f:d3:03:67:04:ec:32:8a:66:62:0e:61:78:
9c:06:39:b3:d3:a9:d5:af:f7:79:d1:eb:72:8f:64:00:80:87:
67:b1:9a:79:8f:35:4d:3a:fc:cc:80:f6:05:72:cf:d0:02:91:
3c:cc:3d:45:b9:e3:15:7a:a9:fa:4a:5e:18:83:ed:7c:d5:82:
7a:6e:ba:ff
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUHms2BeuEIlI+PEW+aSy6WWRD7GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTJaFw0yNDEyMDMwMjQ0MTJaMDMxMTAvBgNV
BAMTKDI4RDM3NzIxNzMyRjIxN0IyQTg1MDBFREZBOUFCN0U2MkYxMEZGQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbtAPtF88gSs469KtV1M1OQKlR
cBDldblMv2lNxo5NUIK5G8OQS6NGoPPkUA9e6eNuZA5XPUaAhHSv64wKpkgbnWOf
t2SQR6wDD+XISTW1IPgm0vLdP2GuPO5FpIYv4sfp6JcopPSSyF0ex+X795KWIfFn
B3SmcQqrYC/b3eLz4PK7Yx99STYMVljbvowmOWGKZgkaxmIhbx0z+84IzU2t4Qhc
w8POmtEXV/EeqlIipNcYhJepMnKo+yqSMM9X0GNYpRCo+UVhYMLVTDomglBfaZoy
MqCGo79bjFW0uukyKjKACgiTzxEBCLymyokYTJxuaszmblKlCH+cUeJtTwpNAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUKNN3IXMvIXsqhQDt+pq35i8Q/6YwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExMzY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQQgMA0GCSqGSIb3DQEBCwUAA4IBAQAXnrEh
V/n07UqI11UDElocRoR+TIeHUq7N11RX8a/isnxrRhlOtXXSNJTbe5dPqZtu7Y6C
qX2KckS9LUF3mtUx1s6WBABK34biAYti1i6SEUp+sAorBtal0RunT2GOgzOFkwE8
9DbNKtzBUccI6F9qN8RzZUClYwQM1NpXqeQlLMtpjnaNy4rN7KiWqOcsUMz31zJJ
5NZkb+S2jxn58bQrMPUmQkOIZsNnmyGfGiN78l4PWSRliMO4xZ/TA2cE7DKKZmIO
YXicBjmz06nVr/d50etyj2QAgIdnsZp5jzVNOvzMgPYFcs/QApE8zD1FueMVeqn6
Sl4Yg+181YJ6brr/
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:34 2024 by rpki-client on console-ams.rpki-client.org