Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211495.roa
File: AS211495.roa (raw, json)
Hash identifier: dvUHi4TbeISOfkYX+ZF/KdGGxYl9GuuOGkeLczogY4I=
Subject key identifier: 4A:19:76:47:DA:19:4B:22:E5:29:CA:CD:EE:28:21:BE:91:41:82:E6
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4294FD89C28331E5D01B5EBCE2AAF2EBD875F8B1
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211495.roa
Signing time: Tue 05 Nov 2024 03:40:00 +0000
ROA not before: Tue 05 Nov 2024 03:35:00 +0000
ROA not after: Tue 04 Nov 2025 03:40:00 +0000
asID: 211495
IP address blocks: 2a06:a005:6b0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:94:fd:89:c2:83:31:e5:d0:1b:5e:bc:e2:aa:f2:eb:d8:75:f8:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:00 2024 GMT
Not After : Nov 4 03:40:00 2025 GMT
Subject: CN=4A197647DA194B22E529CACDEE2821BE914182E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5a:15:a6:d6:08:8c:b4:e7:e6:4c:05:0f:d1:
2d:ac:34:d7:a9:81:8e:87:e1:55:ac:99:c8:b1:81:
35:34:70:7e:b1:b1:5d:31:27:d4:46:a9:21:3f:fb:
60:4c:f0:90:41:55:16:9f:2c:0f:45:82:78:8f:81:
30:30:ea:63:81:a0:5e:46:eb:0e:b7:6d:81:5a:b7:
aa:13:bf:a4:7b:35:56:e9:4e:d9:31:87:1f:a5:dd:
3a:c3:a4:14:48:9b:b8:ee:61:b7:86:8b:c7:c6:f2:
9e:06:7c:02:64:3c:50:40:ea:db:06:87:15:1c:9a:
a9:89:24:f4:98:64:52:4b:4f:ca:31:69:a3:b2:c9:
51:69:78:94:7f:87:70:d8:e2:dd:e5:f4:97:89:1a:
53:b1:bc:2c:b8:5a:fc:4b:1b:cd:05:35:f2:ee:f1:
05:c9:50:6b:cb:4d:10:d9:a3:dc:26:50:ed:aa:70:
49:de:30:75:b2:c1:9d:e3:98:19:12:a6:8b:99:46:
cf:c8:02:52:9e:2e:e4:11:57:c3:5b:2e:60:a5:b2:
28:82:a9:cf:48:d4:b3:f7:66:c5:53:e9:16:95:07:
e1:23:15:d1:ff:05:7a:9c:bc:26:d7:fc:ad:4d:0f:
ba:6a:b2:e3:2b:20:24:77:af:eb:e2:de:48:8b:f4:
db:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:19:76:47:DA:19:4B:22:E5:29:CA:CD:EE:28:21:BE:91:41:82:E6
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211495.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:6b0::/44
Signature Algorithm: sha256WithRSAEncryption
b1:e2:5d:85:87:bf:6e:27:27:44:94:9b:6a:12:3f:3e:06:94:
9f:42:e0:b4:37:e2:6a:fb:1a:2f:96:4f:dd:3b:f6:eb:b7:91:
29:2e:6f:39:f5:d2:89:2b:64:da:dc:9c:0b:eb:62:b0:d6:29:
a5:4b:fb:d5:80:fc:6f:49:6f:65:88:64:e4:c6:e7:44:59:9e:
9a:0b:56:bd:1c:4f:39:e3:ff:a3:26:86:6b:98:7b:9a:7c:79:
7e:d9:ab:91:ba:5f:4c:a3:43:01:46:de:28:d9:25:c4:4c:c4:
2b:22:77:59:32:5c:ec:1d:2a:7a:54:7f:40:b5:64:a0:c1:a6:
46:8c:f6:e9:13:62:c5:75:6b:6b:87:cb:85:f7:de:0c:e9:3e:
71:3a:53:42:ce:a2:1e:c0:84:79:a7:2a:fa:7b:5a:6f:2e:63:
f2:4d:3a:f9:b9:97:57:fb:08:ce:63:1d:37:a5:43:c1:2e:5b:
1e:5f:68:c1:7a:fa:34:7c:35:82:1c:b7:e1:b5:de:da:c1:9a:
4b:38:7f:47:c9:a5:5d:13:16:b4:7b:6a:3e:51:83:f8:f2:18:
34:4d:29:c0:38:56:b1:4b:71:b9:f9:c9:62:39:dc:e1:2e:1f:
2a:88:74:fa:f8:e0:4f:43:a4:1b:31:ba:df:8a:e9:24:83:47:
70:0b:2c:d0
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUQpT9icKDMeXQG1684qry69h1+LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDBaFw0yNTExMDQwMzQwMDBaMDMxMTAvBgNV
BAMTKDRBMTk3NjQ3REExOTRCMjJFNTI5Q0FDREVFMjgyMUJFOTE0MTgyRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAWhWm1giMtOfmTAUP0S2sNNep
gY6H4VWsmcixgTU0cH6xsV0xJ9RGqSE/+2BM8JBBVRafLA9FgniPgTAw6mOBoF5G
6w63bYFat6oTv6R7NVbpTtkxhx+l3TrDpBRIm7juYbeGi8fG8p4GfAJkPFBA6tsG
hxUcmqmJJPSYZFJLT8oxaaOyyVFpeJR/h3DY4t3l9JeJGlOxvCy4WvxLG80FNfLu
8QXJUGvLTRDZo9wmUO2qcEneMHWywZ3jmBkSpouZRs/IAlKeLuQRV8NbLmClsiiC
qc9I1LP3ZsVT6RaVB+EjFdH/BXqcvCbX/K1ND7pqsuMrICR3r+vi3kiL9NtJAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUShl2R9oZSyLlKcrN7ighvpFBguYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNDk1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQawMA0GCSqGSIb3DQEBCwUAA4IBAQCx4l2F
h79uJydElJtqEj8+BpSfQuC0N+Jq+xovlk/dO/brt5EpLm859dKJK2Ta3JwL62Kw
1imlS/vVgPxvSW9liGTkxudEWZ6aC1a9HE854/+jJoZrmHuafHl+2auRul9Mo0MB
Rt4o2SXETMQrIndZMlzsHSp6VH9AtWSgwaZGjPbpE2LFdWtrh8uF994M6T5xOlNC
zqIewIR5pyr6e1pvLmPyTTr5uZdX+wjOYx03pUPBLlseX2jBevo0fDWCHLfhtd7a
wZpLOH9HyaVdExa0e2o+UYP48hg0TSnAOFaxS3G5+cliOdzhLh8qiHT6+OBPQ6Qb
Mbrfiukkg0dwCyzQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:41:26 2025 by rpki-client