Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213215.roa
File: AS213215.roa (raw, json)
Hash identifier: ooSWYWeeX1KE5sS2VZd7awsgOm2aIlrR+MPaFnYlW6k=
Subject key identifier: 16:D9:C8:A5:E9:5B:25:85:A6:38:02:85:3B:AE:37:68:3C:96:20:14
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 0489611E7D224B5AE24FC317445433F55E88AF92
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213215.roa
Signing time: Wed 10 Jan 2024 04:44:21 +0000
ROA not before: Wed 10 Jan 2024 04:39:21 +0000
ROA not after: Wed 08 Jan 2025 04:44:21 +0000
asID: 213215
IP address blocks: 2a06:a005:e60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:89:61:1e:7d:22:4b:5a:e2:4f:c3:17:44:54:33:f5:5e:88:af:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Jan 10 04:39:21 2024 GMT
Not After : Jan 8 04:44:21 2025 GMT
Subject: CN=16D9C8A5E95B2585A63802853BAE37683C962014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f3:17:64:d3:39:03:4c:e3:be:a7:97:07:ba:
1f:39:33:69:83:e3:35:dc:8b:4a:cc:31:94:53:bb:
f9:ce:f5:0e:76:d8:59:8e:83:26:08:47:9f:01:02:
d1:ea:0f:97:e2:bd:fd:e4:07:ed:41:30:5d:33:5e:
c5:ff:60:98:35:20:bf:9b:f7:a2:b7:a4:31:31:13:
a4:93:cf:06:e8:a4:b7:ac:da:20:df:7a:55:ac:d3:
1c:e1:ee:12:7f:d1:04:a8:bf:f6:d2:8e:07:b4:d4:
95:b7:d4:bf:aa:60:f9:4e:1f:25:4d:29:f6:65:48:
c9:64:0c:86:ed:22:60:3d:c1:a9:e4:c2:14:48:3e:
26:6c:08:7f:b3:18:27:1b:0c:f1:f7:8e:da:e3:1a:
7a:b8:af:17:46:7f:36:d5:a6:54:bb:29:23:08:cc:
84:e4:ce:ea:18:1d:bf:3d:90:81:04:f8:8c:47:34:
e3:ad:21:77:63:c5:dd:0f:4a:53:ec:ac:b7:e1:e1:
2f:85:85:43:ea:d9:11:5e:68:27:45:13:86:a8:12:
60:23:ce:5a:da:b5:76:f5:20:dd:4e:50:85:53:bc:
b8:f0:1d:c4:ea:4f:88:cf:6d:d6:8d:ce:86:09:34:
c6:9c:2d:03:0e:5e:ad:c2:77:9f:28:0d:60:bf:2a:
60:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D9:C8:A5:E9:5B:25:85:A6:38:02:85:3B:AE:37:68:3C:96:20:14
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213215.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:e60::/44
Signature Algorithm: sha256WithRSAEncryption
51:c6:3d:33:19:0e:bb:09:17:ce:24:b5:d2:b2:12:36:1b:bd:
1f:30:f5:4f:38:58:cb:70:3e:7f:73:c3:05:a5:fd:5f:e9:a3:
2c:8a:b0:e2:cf:9c:ec:35:41:23:bb:db:5f:0c:93:9b:da:41:
ce:75:dd:7a:15:3c:13:a8:30:01:b5:40:71:6c:b3:dc:90:e6:
d1:3f:1e:e0:bd:10:8b:f8:16:bb:bb:df:b9:2a:5f:1e:9e:a1:
16:db:40:07:69:a2:9f:4c:f0:52:7d:ec:70:83:ae:0b:6a:f6:
e1:15:f8:c5:a7:6d:10:30:ea:4b:a2:db:8a:fe:99:72:eb:a9:
a6:a3:9a:6b:0c:09:e2:e1:ab:cb:c5:e5:c6:f8:2f:3c:ce:c5:
44:50:22:8d:11:d1:67:7e:f1:bf:ac:dc:d4:97:0c:46:b5:4d:
c8:6e:6b:59:ab:57:6b:d1:72:78:9a:19:cb:d5:cd:b4:ad:b9:
af:f8:4b:56:c7:42:be:c0:85:40:98:58:5d:ca:db:53:cb:fc:
cc:14:70:86:23:45:1b:12:39:9b:b6:4f:3d:3a:72:98:68:5d:
37:94:61:63:7a:ba:bc:ac:11:58:73:79:5f:c2:7d:a5:f4:cd:
7c:87:7c:d3:22:c0:65:7c:70:f8:ff:98:47:45:ce:91:06:84:
80:d9:d8:8a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUBIlhHn0iS1riT8MXRFQz9V6Ir5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMTAwNDM5MjFaFw0yNTAxMDgwNDQ0MjFaMDMxMTAvBgNV
BAMTKDE2RDlDOEE1RTk1QjI1ODVBNjM4MDI4NTNCQUUzNzY4M0M5NjIwMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY8xdk0zkDTOO+p5cHuh85M2mD
4zXci0rMMZRTu/nO9Q522FmOgyYIR58BAtHqD5fivf3kB+1BMF0zXsX/YJg1IL+b
96K3pDExE6STzwbopLes2iDfelWs0xzh7hJ/0QSov/bSjge01JW31L+qYPlOHyVN
KfZlSMlkDIbtImA9wankwhRIPiZsCH+zGCcbDPH3jtrjGnq4rxdGfzbVplS7KSMI
zITkzuoYHb89kIEE+IxHNOOtIXdjxd0PSlPsrLfh4S+FhUPq2RFeaCdFE4aoEmAj
zlratXb1IN1OUIVTvLjwHcTqT4jPbdaNzoYJNMacLQMOXq3Cd58oDWC/KmAlAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUFtnIpelbJYWmOAKFO643aDyWIBQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEzMjE1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQ5gMA0GCSqGSIb3DQEBCwUAA4IBAQBRxj0z
GQ67CRfOJLXSshI2G70fMPVPOFjLcD5/c8MFpf1f6aMsirDiz5zsNUEju9tfDJOb
2kHOdd16FTwTqDABtUBxbLPckObRPx7gvRCL+Ba7u9+5Kl8enqEW20AHaaKfTPBS
fexwg64LavbhFfjFp20QMOpLotuK/ply66mmo5prDAni4avLxeXG+C88zsVEUCKN
EdFnfvG/rNzUlwxGtU3IbmtZq1dr0XJ4mhnL1c20rbmv+EtWx0K+wIVAmFhdyttT
y/zMFHCGI0UbEjmbtk89OnKYaF03lGFjerq8rBFYc3lfwn2l9M18h3zTIsBlfHD4
/5hHRc6RBoSA2diK
-----END CERTIFICATE-----
Generated at Sat May 4 12:12:18 2024 by rpki-client on console-ams.rpki-client.org