Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211509.roa
File: AS211509.roa (raw, json)
Hash identifier: 0V/h8/X0UzlftLyG9ottjRqSfdGiJKEg2lbYwR4FXe8=
Subject key identifier: 79:11:24:3B:87:15:E0:AA:15:71:B3:EC:57:7C:13:86:B3:B3:37:54
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 24A02590AAD94C83C226E7F550B032BDC2F38D41
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211509.roa
Signing time: Sat 23 Dec 2023 11:44:21 +0000
ROA not before: Sat 23 Dec 2023 11:39:21 +0000
ROA not after: Sat 21 Dec 2024 11:44:21 +0000
asID: 211509
IP address blocks: 2a06:a005:8::/48 maxlen: 48
2a06:a005:f70::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:a0:25:90:aa:d9:4c:83:c2:26:e7:f5:50:b0:32:bd:c2:f3:8d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 23 11:39:21 2023 GMT
Not After : Dec 21 11:44:21 2024 GMT
Subject: CN=7911243B8715E0AA1571B3EC577C1386B3B33754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ae:71:db:88:0c:10:36:9e:42:05:3e:33:90:
8c:77:15:ad:f4:1a:ae:b8:60:1e:20:27:8c:ab:aa:
c8:0c:d6:1b:34:4d:8e:08:06:48:51:58:96:a3:86:
3e:2a:9e:8f:b1:be:ec:1f:e1:7e:cd:f8:ea:59:97:
70:7a:01:a8:2d:6f:37:20:0c:71:13:79:c4:84:36:
f8:2c:e6:23:16:d8:8f:7d:3e:53:55:27:3c:36:4e:
e1:87:e9:a5:06:d3:ac:3c:4e:d8:f0:91:67:b8:31:
ad:7b:b4:5c:d2:2a:98:a2:33:6a:98:ef:11:da:3d:
1f:08:22:8c:8c:38:2e:c2:ef:31:50:a3:94:f0:80:
20:4f:a4:8b:32:21:69:6e:50:cc:11:f1:de:97:d6:
57:e2:ad:a2:67:7f:f2:7a:05:4f:c3:16:78:db:41:
c8:d2:e8:8a:e8:05:6c:9e:4e:3e:ba:f3:ff:e0:fc:
ae:30:1c:c2:e5:26:8b:88:9a:63:f5:f2:53:e7:85:
8c:df:59:22:be:b4:21:5b:88:8f:16:2c:50:09:ee:
57:79:bc:3f:12:39:1e:48:a2:6e:63:f9:b1:ba:33:
c7:a6:d6:c9:5a:44:e8:7d:51:e8:b3:27:a9:75:e2:
78:1b:e1:31:70:fb:99:63:4c:94:aa:3c:10:9a:79:
48:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:11:24:3B:87:15:E0:AA:15:71:B3:EC:57:7C:13:86:B3:B3:37:54
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:8::/48
2a06:a005:f70::/44
Signature Algorithm: sha256WithRSAEncryption
5d:14:86:40:7d:41:92:67:96:61:43:e4:b0:75:0b:6f:07:23:
7c:08:71:65:04:25:18:40:93:37:98:d6:2a:26:86:20:39:9a:
31:9b:cf:d3:2c:8e:fc:2d:b1:b5:c4:f2:c6:c2:15:d1:ae:fb:
b2:ad:2f:43:8f:ff:ee:12:6d:d0:3e:98:70:fd:7a:5e:b4:9a:
02:84:35:7c:04:22:52:e1:85:48:95:5e:55:91:36:d2:73:da:
50:08:53:32:4d:50:69:1a:01:b1:15:b2:46:c9:a2:e0:d8:52:
27:36:9d:4a:e6:02:cc:fc:18:ff:9d:95:00:ce:ba:17:27:1e:
8c:6b:4c:ce:39:e6:ee:4d:e9:0f:3c:3e:a6:57:57:c6:48:2e:
7f:c5:df:cc:f4:fc:4c:4e:2c:d5:e8:0a:f2:15:73:bd:6b:f7:
ef:04:0f:da:cd:50:f5:c8:9c:2d:8a:63:cd:49:8e:e5:7e:1b:
c1:56:1a:e1:ce:d6:83:6c:70:59:e9:0b:1e:8f:5d:36:d6:97:
03:36:b2:44:6e:d8:b6:03:9a:e4:d3:bf:40:7a:87:d9:84:13:
dc:16:a9:89:83:ef:fc:0f:de:bf:fb:58:9b:7b:db:ae:ef:ac:
51:0f:0f:0c:69:e7:30:d0:07:ac:0c:52:e2:78:ce:65:a2:49:
70:f1:74:57
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUJKAlkKrZTIPCJuf1ULAyvcLzjUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMjMxMTM5MjFaFw0yNDEyMjExMTQ0MjFaMDMxMTAvBgNV
BAMTKDc5MTEyNDNCODcxNUUwQUExNTcxQjNFQzU3N0MxMzg2QjNCMzM3NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKrnHbiAwQNp5CBT4zkIx3Fa30
Gq64YB4gJ4yrqsgM1hs0TY4IBkhRWJajhj4qno+xvuwf4X7N+OpZl3B6Aagtbzcg
DHETecSENvgs5iMW2I99PlNVJzw2TuGH6aUG06w8TtjwkWe4Ma17tFzSKpiiM2qY
7xHaPR8IIoyMOC7C7zFQo5TwgCBPpIsyIWluUMwR8d6X1lfiraJnf/J6BU/DFnjb
QcjS6IroBWyeTj668//g/K4wHMLlJouImmP18lPnhYzfWSK+tCFbiI8WLFAJ7ld5
vD8SOR5Iom5j+bG6M8em1slaROh9UeizJ6l14ngb4TFw+5ljTJSqPBCaeUhPAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUeREkO4cV4KoVcbPsV3wThrOzN1QwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQAIAwcEKgagBQ9wMA0GCSqGSIb3DQEBCwUA
A4IBAQBdFIZAfUGSZ5ZhQ+SwdQtvByN8CHFlBCUYQJM3mNYqJoYgOZoxm8/TLI78
LbG1xPLGwhXRrvuyrS9Dj//uEm3QPphw/XpetJoChDV8BCJS4YVIlV5VkTbSc9pQ
CFMyTVBpGgGxFbJGyaLg2FInNp1K5gLM/Bj/nZUAzroXJx6Ma0zOOebuTekPPD6m
V1fGSC5/xd/M9PxMTizV6AryFXO9a/fvBA/azVD1yJwtimPNSY7lfhvBVhrhztaD
bHBZ6Qsej1021pcDNrJEbti2A5rk079AeofZhBPcFqmJg+/8D96/+1ibe9uu76xR
Dw8Maecw0AesDFLieM5loklw8XRX
-----END CERTIFICATE-----
Generated at Sat May 4 12:12:18 2024 by rpki-client on console-ams.rpki-client.org