Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212900.roa
File: AS212900.roa (raw, json)
Hash identifier: 7HSIwjjqwzzPOzH2YqpPu4aNKyAzpSPErLkTOP5kbQw=
Subject key identifier: E4:86:0F:88:10:3B:BE:D7:4C:86:97:65:92:C7:24:70:10:5E:E8:81
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 11E2F354036D8BCFCC2DC8EA37F31E280CE8ECC0
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212900.roa
Signing time: Fri 22 Nov 2024 19:40:12 +0000
ROA not before: Fri 22 Nov 2024 19:35:12 +0000
ROA not after: Fri 21 Nov 2025 19:40:12 +0000
asID: 212900
IP address blocks: 2a06:a005:ba9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:e2:f3:54:03:6d:8b:cf:cc:2d:c8:ea:37:f3:1e:28:0c:e8:ec:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 22 19:35:12 2024 GMT
Not After : Nov 21 19:40:12 2025 GMT
Subject: CN=E4860F88103BBED74C86976592C72470105EE881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:81:50:56:2d:6f:7c:29:db:e8:e4:24:1e:e7:
2a:48:f2:e9:99:42:1d:28:f9:db:bd:05:76:01:0a:
0c:e2:6a:67:5e:df:14:7e:3e:52:00:a0:e6:65:65:
9e:d0:6e:7d:77:1d:ed:61:2a:b0:63:44:7f:6a:77:
cc:36:c8:21:42:ec:f7:7f:e5:69:a6:66:5e:72:d8:
3e:34:83:68:e7:af:ab:a2:8e:aa:1b:c7:87:b3:08:
18:5d:99:87:0f:61:ab:1e:8d:47:2f:53:c9:64:72:
09:11:46:ed:a9:e6:f8:8d:c0:c2:31:fb:8a:f7:30:
46:c3:79:14:d7:a8:ae:7a:cb:c4:ee:b0:25:38:24:
e9:ae:b4:df:47:29:75:1b:eb:66:bd:75:15:f0:e0:
7f:bb:b6:1e:a1:40:90:9a:15:56:05:a0:a4:c3:b2:
d4:a9:a0:6a:4c:d1:4e:15:31:76:46:f4:88:60:5b:
36:80:cf:83:6c:77:c7:67:7e:24:7a:12:2f:72:e8:
3a:2f:e5:37:4e:6e:8d:26:07:ca:11:f3:5a:fe:65:
d2:5e:c1:b0:15:e7:d2:c4:5e:d2:63:24:34:77:77:
d5:ee:bb:fe:ed:de:df:95:27:ea:e7:35:0f:d6:25:
41:6f:1c:26:30:60:cf:00:17:6f:e0:a9:57:03:b4:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:86:0F:88:10:3B:BE:D7:4C:86:97:65:92:C7:24:70:10:5E:E8:81
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212900.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:ba9::/48
Signature Algorithm: sha256WithRSAEncryption
8e:89:dd:d7:e7:fe:54:a2:c2:1d:20:3c:74:1f:2e:10:cd:29:
29:d0:be:9d:cb:b0:3c:8d:19:fa:3e:36:87:46:a9:25:8e:60:
b9:c7:43:cf:04:46:85:74:00:20:5c:0d:1a:c0:68:bf:98:08:
2a:0a:76:21:bf:b3:ec:78:3c:c5:0f:5f:a1:00:c5:77:65:7c:
7a:8d:e8:20:b1:87:2f:92:50:bf:f5:8c:bc:a4:e3:6a:4e:a2:
12:72:06:fa:6f:12:f4:4e:cc:1e:95:0c:9c:19:af:74:96:8c:
c5:94:cb:b9:c7:fa:b0:4a:3e:3c:10:da:f7:4a:7d:71:f1:26:
24:db:fc:fa:a3:fd:1d:12:55:cc:ec:cd:ec:58:4e:d2:2f:9e:
61:91:2a:8b:5b:d0:e1:6f:18:71:f3:d2:f2:cb:18:c4:f4:eb:
1c:88:29:ec:6d:23:ee:34:60:65:9d:c3:77:7e:bc:18:ba:b4:
da:02:6c:be:db:99:f5:38:d7:aa:0a:f3:33:f7:17:0c:d8:13:
3f:d7:18:59:ca:3a:9f:7e:f5:1c:c2:7e:d6:5e:76:8f:42:60:
40:88:8f:49:42:5b:2c:f8:e0:64:04:5d:ae:a8:50:77:af:76:
c9:ab:7d:e6:33:fa:ad:67:32:77:01:e2:a2:1d:c5:b8:d8:33:
23:5b:78:2d
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEeLzVANti8/MLcjqN/MeKAzo7MAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMjIxOTM1MTJaFw0yNTExMjExOTQwMTJaMDMxMTAvBgNV
BAMTKEU0ODYwRjg4MTAzQkJFRDc0Qzg2OTc2NTkyQzcyNDcwMTA1RUU4ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDggVBWLW98Kdvo5CQe5ypI8umZ
Qh0o+du9BXYBCgziamde3xR+PlIAoOZlZZ7Qbn13He1hKrBjRH9qd8w2yCFC7Pd/
5WmmZl5y2D40g2jnr6uijqobx4ezCBhdmYcPYasejUcvU8lkcgkRRu2p5viNwMIx
+4r3MEbDeRTXqK56y8TusCU4JOmutN9HKXUb62a9dRXw4H+7th6hQJCaFVYFoKTD
stSpoGpM0U4VMXZG9IhgWzaAz4Nsd8dnfiR6Ei9y6Dov5TdObo0mB8oR81r+ZdJe
wbAV59LEXtJjJDR3d9Xuu/7t3t+VJ+rnNQ/WJUFvHCYwYM8AF2/gqVcDtIPDAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU5IYPiBA7vtdMhpdlksckcBBe6IEwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyOTAwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQupMA0GCSqGSIb3DQEBCwUAA4IBAQCOid3X
5/5UosIdIDx0Hy4QzSkp0L6dy7A8jRn6PjaHRqkljmC5x0PPBEaFdAAgXA0awGi/
mAgqCnYhv7PseDzFD1+hAMV3ZXx6jeggsYcvklC/9Yy8pONqTqIScgb6bxL0Tswe
lQycGa90lozFlMu5x/qwSj48ENr3Sn1x8SYk2/z6o/0dElXM7M3sWE7SL55hkSqL
W9Dhbxhx89LyyxjE9OsciCnsbSPuNGBlncN3frwYurTaAmy+25n1ONeqCvMz9xcM
2BM/1xhZyjqffvUcwn7WXnaPQmBAiI9JQlss+OBkBF2uqFB3r3bJq33mM/qtZzJ3
AeKiHcW42DMjW3gt
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:12 2024 by rpki-client on console-ams.rpki-client.org