Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211622.roa
File: AS211622.roa (raw, json)
Hash identifier: neMkpTDEEXP2+m8HdA3ICsbVzBHPmo7zLypCj/sniJc=
Subject key identifier: D8:18:9D:43:11:B5:A8:68:35:8C:B7:4F:F4:CB:BE:59:EC:0E:4F:F9
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 2D3B1EA6AADC5DBFBF95F2FA21EBBDB5B95903E4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211622.roa
Signing time: Tue 05 Nov 2024 03:40:00 +0000
ROA not before: Tue 05 Nov 2024 03:35:00 +0000
ROA not after: Tue 04 Nov 2025 03:40:00 +0000
asID: 211622
IP address blocks: 2a06:a005:860::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:3b:1e:a6:aa:dc:5d:bf:bf:95:f2:fa:21:eb:bd:b5:b9:59:03:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:00 2024 GMT
Not After : Nov 4 03:40:00 2025 GMT
Subject: CN=D8189D4311B5A868358CB74FF4CBBE59EC0E4FF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:71:40:ac:64:68:fa:dc:49:f8:79:6f:6c:4c:
49:e3:7f:52:2c:bb:bd:96:7e:f0:5e:c6:d0:0b:b2:
3e:e8:2b:18:da:4f:50:5f:f2:f5:52:56:02:44:97:
76:35:1a:a8:9d:07:88:59:9a:b0:42:98:68:9f:43:
f6:b2:bd:b6:49:3f:50:6c:26:ef:90:ff:74:ca:1b:
ec:ce:18:e9:42:27:e4:f7:aa:c1:aa:e8:fd:a9:97:
2c:7e:d2:7c:7b:55:a5:e7:5e:10:bd:09:df:27:0f:
fb:78:e5:bc:19:0c:e4:eb:b2:39:51:8b:71:95:0d:
33:ab:5e:8c:9c:8e:7c:65:79:4c:85:c9:e8:08:44:
12:63:60:d3:58:79:2c:38:9c:f7:ad:e1:c0:95:3c:
1c:5e:03:d0:c1:57:36:97:bf:a3:2f:97:aa:4b:61:
e6:5f:f7:70:6b:38:ee:17:ef:7a:58:67:17:e6:7a:
88:0d:8f:b0:8f:48:b6:63:e1:97:1a:55:2c:4e:62:
2d:5c:db:e1:60:72:78:8f:66:a0:a6:77:d1:b3:d4:
45:fc:7c:85:05:e6:84:5a:44:d9:11:76:90:3c:11:
bd:d1:0f:e7:5f:32:ca:0a:f8:fb:9b:ac:d5:5b:74:
c9:8c:a0:97:af:35:5e:1e:ae:99:08:26:cc:2e:15:
3a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:18:9D:43:11:B5:A8:68:35:8C:B7:4F:F4:CB:BE:59:EC:0E:4F:F9
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211622.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:860::/44
Signature Algorithm: sha256WithRSAEncryption
1d:64:d1:e6:d9:d7:f1:c0:91:d7:a1:72:21:67:f5:19:c4:20:
11:ae:5b:4f:16:9f:f0:75:37:df:ea:97:b6:b2:52:7e:e5:a0:
74:e1:60:50:de:61:7b:46:b3:db:29:17:fb:5b:ca:62:e2:a0:
81:45:2e:b3:7c:a5:cb:1a:b8:88:5f:42:ee:9a:75:b0:0f:98:
33:39:30:9f:df:91:31:d9:4f:f6:2c:12:ba:dc:fe:d0:90:73:
7a:1b:04:7b:6e:e0:54:17:5c:69:99:1b:da:31:a5:8c:8e:68:
84:59:f8:99:b6:f4:2f:59:01:e2:c8:7b:52:a7:1c:40:bf:5a:
db:29:ea:e1:75:76:11:ec:c4:f2:65:58:15:c3:f4:8d:3b:a1:
11:d6:77:8f:18:cb:4e:d8:31:c6:a2:b8:fe:17:82:f0:c3:b7:
1e:ac:cd:3e:08:d2:6b:b2:b1:4a:81:ef:03:ae:f2:05:2b:2b:
9f:52:fd:79:9c:35:90:7e:49:c5:18:a5:20:60:f1:50:3a:ed:
85:01:fe:fd:ec:5a:3c:bb:f5:2f:11:65:e3:3d:8e:cf:e9:cb:
b8:d8:a5:9c:ac:02:9e:f4:46:33:65:cd:f6:0c:09:4f:ab:6d:
67:95:25:d8:76:99:e1:60:a1:b4:63:13:2e:61:88:fd:3d:77:
05:00:df:47
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIULTsepqrcXb+/lfL6Ieu9tblZA+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDBaFw0yNTExMDQwMzQwMDBaMDMxMTAvBgNV
BAMTKEQ4MTg5RDQzMTFCNUE4NjgzNThDQjc0RkY0Q0JCRTU5RUMwRTRGRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4cUCsZGj63En4eW9sTEnjf1Is
u72WfvBextALsj7oKxjaT1Bf8vVSVgJEl3Y1GqidB4hZmrBCmGifQ/ayvbZJP1Bs
Ju+Q/3TKG+zOGOlCJ+T3qsGq6P2plyx+0nx7VaXnXhC9Cd8nD/t45bwZDOTrsjlR
i3GVDTOrXoycjnxleUyFyegIRBJjYNNYeSw4nPet4cCVPBxeA9DBVzaXv6Mvl6pL
YeZf93BrOO4X73pYZxfmeogNj7CPSLZj4ZcaVSxOYi1c2+FgcniPZqCmd9Gz1EX8
fIUF5oRaRNkRdpA8Eb3RD+dfMsoK+PubrNVbdMmMoJevNV4erpkIJswuFToJAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU2BidQxG1qGg1jLdP9Mu+WewOT/kwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNjIyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQhgMA0GCSqGSIb3DQEBCwUAA4IBAQAdZNHm
2dfxwJHXoXIhZ/UZxCARrltPFp/wdTff6pe2slJ+5aB04WBQ3mF7RrPbKRf7W8pi
4qCBRS6zfKXLGriIX0LumnWwD5gzOTCf35Ex2U/2LBK63P7QkHN6GwR7buBUF1xp
mRvaMaWMjmiEWfiZtvQvWQHiyHtSpxxAv1rbKerhdXYR7MTyZVgVw/SNO6ER1neP
GMtO2DHGorj+F4Lww7cerM0+CNJrsrFKge8DrvIFKyufUv15nDWQfknFGKUgYPFQ
Ou2FAf797Fo8u/UvEWXjPY7P6cu42KWcrAKe9EYzZc32DAlPq21nlSXYdpnhYKG0
YxMuYYj9PXcFAN9H
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:55 2024 by rpki-client on console-ams.rpki-client.org