Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213312.roa
File: AS213312.roa (raw, json)
Hash identifier: lZqvyvyiPmoRkky57GX2DGriZ9nzQwnZY2r+meY7Ox8=
Subject key identifier: EC:A9:2B:6E:9F:7E:F3:FA:6E:D5:B2:1B:59:3D:2A:34:05:FC:E0:42
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 6D9D729474D4D4FC04AA3265D817F867E264871F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213312.roa
Signing time: Tue 05 Dec 2023 02:44:17 +0000
ROA not before: Tue 05 Dec 2023 02:39:17 +0000
ROA not after: Tue 03 Dec 2024 02:44:17 +0000
asID: 213312
IP address blocks: 2a06:a005:620::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:9d:72:94:74:d4:d4:fc:04:aa:32:65:d8:17:f8:67:e2:64:87:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:17 2023 GMT
Not After : Dec 3 02:44:17 2024 GMT
Subject: CN=ECA92B6E9F7EF3FA6ED5B21B593D2A3405FCE042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b9:f4:06:ce:b2:0e:a1:ef:c5:3f:cc:1f:70:
0e:f9:9e:27:14:58:14:b4:dd:99:75:5f:61:e2:e3:
67:12:bd:a1:d0:aa:70:6f:c2:e6:4b:15:9f:b7:1f:
c2:86:92:0d:bc:3e:f6:fc:30:7b:15:79:dc:31:12:
79:64:60:a9:f4:05:27:1f:96:b1:b2:66:94:a1:fe:
f3:42:a9:2c:68:fa:77:1b:18:c0:28:e7:3c:95:3f:
e4:52:2e:d9:51:47:a2:36:e5:f1:06:63:cf:3c:87:
bb:ab:52:5d:01:97:2a:00:16:21:ce:cb:f4:fb:52:
cc:e0:48:0f:a4:b2:85:90:25:fa:85:bf:5b:1d:58:
e0:48:c2:79:84:fe:c6:b2:24:0c:a3:10:34:7f:ca:
12:d3:c4:25:5b:e8:6c:04:f3:f8:63:c7:d7:47:61:
8a:b1:84:5c:c6:85:fa:6d:4b:90:b6:fc:f3:93:2c:
7d:f4:7c:12:85:14:2d:4f:d0:d6:13:a1:86:ee:5d:
61:ac:b6:eb:ae:d4:3a:8d:1d:1d:66:c2:2d:f4:ae:
18:4d:f7:44:6b:47:21:48:50:17:49:22:5d:81:f4:
d6:e6:b6:74:96:68:9e:2b:c7:de:8c:c2:40:2c:d5:
dc:13:37:d3:aa:8c:20:f1:ab:3c:b7:6f:03:31:5f:
1d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A9:2B:6E:9F:7E:F3:FA:6E:D5:B2:1B:59:3D:2A:34:05:FC:E0:42
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213312.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:620::/44
Signature Algorithm: sha256WithRSAEncryption
44:a7:0f:0b:bb:86:48:71:90:c7:19:ed:c9:30:62:9a:9e:29:
cc:3c:02:ce:85:4a:c2:87:8e:66:63:3a:8d:14:ce:5e:22:44:
74:1f:30:62:5e:cc:e7:e9:71:e2:b2:5e:ad:ef:16:b4:e7:74:
a6:a5:e6:5c:b2:55:e1:83:4c:8e:02:b4:5b:c0:88:cc:cf:a3:
7e:21:19:ff:46:e9:c4:3c:d2:4b:9b:7b:56:30:8a:a7:7c:65:
ff:fe:c0:ff:13:ed:a3:b9:68:16:a8:5b:86:03:8a:93:3a:56:
15:4e:5b:58:71:5e:be:49:00:66:61:19:a6:c2:a8:6d:4b:d1:
cc:35:fb:6d:51:ef:43:a9:f7:f7:5f:5a:14:e4:67:4f:23:be:
3e:84:79:f8:e4:bf:4c:90:3f:e6:a0:58:d1:e9:35:ad:12:c7:
3c:b7:5a:82:ee:9a:26:61:82:e7:b3:40:66:b0:09:c9:50:a2:
fd:01:84:de:d9:a6:1b:e0:11:f8:f5:49:c5:d4:75:07:d7:99:
ae:c5:45:cc:30:bd:f2:9b:82:54:27:7c:45:d6:8f:94:63:31:
0e:ac:7c:06:ae:0a:58:89:0a:d6:7d:5b:d6:c8:98:dc:b1:13:
ef:86:f5:04:75:d7:ff:2e:46:29:93:a6:e9:9d:2a:19:30:6a:
e3:9d:31:2b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbZ1ylHTU1PwEqjJl2Bf4Z+Jkhx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTdaFw0yNDEyMDMwMjQ0MTdaMDMxMTAvBgNV
BAMTKEVDQTkyQjZFOUY3RUYzRkE2RUQ1QjIxQjU5M0QyQTM0MDVGQ0UwNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvufQGzrIOoe/FP8wfcA75nicU
WBS03Zl1X2Hi42cSvaHQqnBvwuZLFZ+3H8KGkg28Pvb8MHsVedwxEnlkYKn0BScf
lrGyZpSh/vNCqSxo+ncbGMAo5zyVP+RSLtlRR6I25fEGY888h7urUl0BlyoAFiHO
y/T7UszgSA+ksoWQJfqFv1sdWOBIwnmE/sayJAyjEDR/yhLTxCVb6GwE8/hjx9dH
YYqxhFzGhfptS5C2/POTLH30fBKFFC1P0NYToYbuXWGstuuu1DqNHR1mwi30rhhN
90RrRyFIUBdJIl2B9NbmtnSWaJ4rx96MwkAs1dwTN9OqjCDxqzy3bwMxXx2xAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU7Kkrbp9+8/pu1bIbWT0qNAX84EIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEzMzEyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQYgMA0GCSqGSIb3DQEBCwUAA4IBAQBEpw8L
u4ZIcZDHGe3JMGKaninMPALOhUrCh45mYzqNFM5eIkR0HzBiXszn6XHisl6t7xa0
53SmpeZcslXhg0yOArRbwIjMz6N+IRn/RunEPNJLm3tWMIqnfGX//sD/E+2juWgW
qFuGA4qTOlYVTltYcV6+SQBmYRmmwqhtS9HMNfttUe9Dqff3X1oU5GdPI74+hHn4
5L9MkD/moFjR6TWtEsc8t1qC7pomYYLns0BmsAnJUKL9AYTe2aYb4BH49UnF1HUH
15muxUXMML3ym4JUJ3xF1o+UYzEOrHwGrgpYiQrWfVvWyJjcsRPvhvUEddf/LkYp
k6bpnSoZMGrjnTEr
-----END CERTIFICATE-----
Generated at Sat May 4 12:13:13 2024 by rpki-client on console-fra.rpki-client.org