Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211571.roa
File: AS211571.roa (raw, json)
Hash identifier: AkTCLHsQ2t/8JxDqAOLXzXz3g2mok3ae4y0eHDSTb8I=
Subject key identifier: 49:FF:72:49:E3:CC:D1:91:D7:EB:4B:19:EF:A6:D9:B7:C0:E1:62:B8
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 55AC971A4410B839064F282FEAFDCDAB1F081E12
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211571.roa
Signing time: Fri 13 Dec 2024 02:56:30 +0000
ROA not before: Fri 13 Dec 2024 02:51:30 +0000
ROA not after: Fri 12 Dec 2025 02:56:30 +0000
asID: 211571
IP address blocks: 2a06:a005:9c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:ac:97:1a:44:10:b8:39:06:4f:28:2f:ea:fd:cd:ab:1f:08:1e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 13 02:51:30 2024 GMT
Not After : Dec 12 02:56:30 2025 GMT
Subject: CN=49FF7249E3CCD191D7EB4B19EFA6D9B7C0E162B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:10:52:21:0b:2c:39:9d:90:9d:a7:31:37:fc:
d4:7a:84:13:45:18:70:42:33:c3:5a:9b:cd:53:32:
19:76:67:cd:0a:b8:91:87:b1:51:f8:f3:6b:e4:15:
71:8f:ef:ce:ce:a1:30:a9:21:79:66:de:c9:a6:90:
e5:fb:20:0e:1c:ee:83:de:b2:1a:67:01:96:4f:b4:
36:ff:3e:0a:77:ad:26:51:aa:d7:56:2d:1d:de:b9:
2d:11:0d:25:d3:0c:2d:20:3b:8f:11:87:b8:58:f5:
39:f6:93:35:0b:d3:ad:fd:54:0c:09:fb:cf:fd:01:
31:5e:55:c0:f6:9c:c2:bd:a1:2e:4c:35:44:86:39:
45:2a:1d:52:16:46:c4:43:2f:06:d0:7d:85:83:f8:
92:9f:d7:4c:17:a4:bf:0d:6b:50:52:84:4c:3f:23:
ab:16:b7:8c:36:28:67:17:5e:02:6e:3a:64:f5:69:
c0:3b:82:13:fa:09:93:e4:72:58:27:95:2f:0c:ed:
df:6b:98:0c:b9:54:38:cf:40:d7:5b:82:fb:ad:e5:
e8:12:54:4f:45:4f:98:d2:90:7f:4d:e3:5a:88:8e:
95:59:2c:4c:35:84:c6:0b:a2:d5:7f:1e:0a:7a:e1:
e0:13:bc:30:45:ab:14:52:33:36:0b:8a:f9:66:c9:
6b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FF:72:49:E3:CC:D1:91:D7:EB:4B:19:EF:A6:D9:B7:C0:E1:62:B8
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211571.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:9c0::/44
Signature Algorithm: sha256WithRSAEncryption
37:73:13:42:99:f3:2b:59:d6:44:ce:21:87:92:ab:67:62:0c:
c1:c7:49:dc:79:03:8d:c7:00:e9:22:b8:78:74:e0:8c:23:1b:
1f:55:c0:2d:73:17:d2:c8:41:29:1d:d8:61:60:53:10:64:5d:
c7:94:eb:78:5a:ab:ac:dc:e8:ff:65:5f:f4:d5:90:5d:3c:ed:
40:05:02:f9:44:da:f6:23:9e:76:88:48:3a:45:63:a5:32:74:
8f:0d:48:fb:09:09:f4:da:c5:d1:8d:fc:3a:58:89:11:ff:66:
44:02:4d:77:61:27:93:eb:1b:99:44:a2:9b:52:60:3c:2e:94:
f3:06:1c:f3:c7:61:19:63:98:65:4b:5b:d9:c0:e1:b7:ff:fa:
9b:18:2b:6a:d6:b6:b2:24:a5:07:8b:c6:c1:97:1a:57:eb:9e:
70:86:93:b2:ee:17:ad:65:8f:6f:fa:92:45:7a:74:31:48:e7:
fb:c7:37:47:b7:c4:79:eb:ae:ba:e3:0b:cd:00:b1:0d:99:b1:
86:c1:ff:7c:08:e4:0f:51:11:ec:6e:37:87:f6:5a:97:ae:c6:
c1:3b:f4:30:3f:a1:5d:d4:4b:33:7c:c9:48:06:48:d8:a8:88:
ff:49:8b:03:b9:b6:71:a4:c4:75:f7:78:de:23:8a:8d:0a:21:
d4:6a:13:52
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUVayXGkQQuDkGTygv6v3Nqx8IHhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMzBaFw0yNTEyMTIwMjU2MzBaMDMxMTAvBgNV
BAMTKDQ5RkY3MjQ5RTNDQ0QxOTFEN0VCNEIxOUVGQTZEOUI3QzBFMTYyQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHEFIhCyw5nZCdpzE3/NR6hBNF
GHBCM8Nam81TMhl2Z80KuJGHsVH482vkFXGP787OoTCpIXlm3smmkOX7IA4c7oPe
shpnAZZPtDb/Pgp3rSZRqtdWLR3euS0RDSXTDC0gO48Rh7hY9Tn2kzUL0639VAwJ
+8/9ATFeVcD2nMK9oS5MNUSGOUUqHVIWRsRDLwbQfYWD+JKf10wXpL8Na1BShEw/
I6sWt4w2KGcXXgJuOmT1acA7ghP6CZPkclgnlS8M7d9rmAy5VDjPQNdbgvut5egS
VE9FT5jSkH9N41qIjpVZLEw1hMYLotV/Hgp64eATvDBFqxRSMzYLivlmyWt5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUSf9ySePM0ZHX60sZ76bZt8DhYrgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNTcxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQnAMA0GCSqGSIb3DQEBCwUAA4IBAQA3cxNC
mfMrWdZEziGHkqtnYgzBx0nceQONxwDpIrh4dOCMIxsfVcAtcxfSyEEpHdhhYFMQ
ZF3HlOt4Wqus3Oj/ZV/01ZBdPO1ABQL5RNr2I552iEg6RWOlMnSPDUj7CQn02sXR
jfw6WIkR/2ZEAk13YSeT6xuZRKKbUmA8LpTzBhzzx2EZY5hlS1vZwOG3//qbGCtq
1rayJKUHi8bBlxpX655whpOy7hetZY9v+pJFenQxSOf7xzdHt8R566664wvNALEN
mbGGwf98COQPURHsbjeH9lqXrsbBO/QwP6Fd1EszfMlIBkjYqIj/SYsDubZxpMR1
93jeI4qNCiHUahNS
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:40:22 2025 by rpki-client