Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208679.roa
File: AS208679.roa (raw, json)
Hash identifier: 7lIaealS0nLs3LEGxpAC/ztfvUjHnXrZJQE+NTj3yDo=
Subject key identifier: DB:F2:A6:CE:57:A6:5E:FA:F2:B1:4F:8D:7D:4D:4A:AD:12:51:8A:D8
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 6058A6BCCED9FEA95CD3CFC4036B0097E0632C88
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208679.roa
Signing time: Thu 03 Jul 2025 15:51:40 +0000
ROA not before: Thu 03 Jul 2025 15:46:40 +0000
ROA not after: Thu 02 Jul 2026 15:51:40 +0000
asID: 208679
IP address blocks: 2a06:a005:8d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:58:a6:bc:ce:d9:fe:a9:5c:d3:cf:c4:03:6b:00:97:e0:63:2c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:40 2025 GMT
Not After : Jul 2 15:51:40 2026 GMT
Subject: CN=DBF2A6CE57A65EFAF2B14F8D7D4D4AAD12518AD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:f2:6d:54:3d:b8:c3:70:16:cc:5e:b5:8c:
69:dc:60:90:d3:07:56:fb:b1:1d:1b:30:fd:2b:7b:
7a:df:8b:89:19:12:39:dd:e2:2f:41:70:84:f8:39:
5a:33:a6:93:2d:a7:13:cb:f7:b5:1f:b2:6c:82:2d:
58:f1:9e:8b:77:96:c2:00:9e:39:3c:1a:c1:41:3f:
a2:0c:41:a9:c0:12:e4:44:33:67:02:fb:32:ea:d9:
27:76:d7:21:f8:d3:fb:7c:04:1d:77:c5:2b:68:7c:
58:5d:e7:18:93:bb:e3:a0:7a:4e:97:ae:33:1e:55:
8c:eb:d5:e8:c7:e6:2d:e9:88:49:8f:95:f2:73:92:
62:15:6e:5c:43:f1:31:8b:c5:99:3e:0a:6b:b7:23:
20:33:eb:2b:7e:37:1f:f5:a2:a7:ea:dc:9e:ea:64:
f6:7c:f6:dd:66:10:25:ba:76:c6:46:84:c8:08:06:
29:bb:81:d2:f2:97:aa:c0:4e:f4:a2:a3:0f:69:20:
cc:31:ee:f3:f0:d4:25:83:23:e4:40:37:d3:77:04:
47:99:01:f4:cb:88:5f:7a:b8:2c:dc:cc:7f:90:d1:
29:84:e1:bd:d7:cd:57:e9:46:8e:60:9a:6c:20:80:
55:0c:d7:c0:98:26:62:39:6e:d7:af:9d:21:ba:9f:
e0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F2:A6:CE:57:A6:5E:FA:F2:B1:4F:8D:7D:4D:4A:AD:12:51:8A:D8
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208679.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:8d0::/44
Signature Algorithm: sha256WithRSAEncryption
35:9b:2e:ca:fc:79:ac:aa:a4:41:99:8e:14:9a:00:b3:0c:fb:
3e:7b:2f:49:40:75:9e:2b:8c:c4:cb:29:c8:2f:d7:c8:aa:1a:
fe:95:52:02:67:1e:65:9e:db:cd:d4:06:a9:49:9c:81:e8:61:
5e:26:6b:68:55:41:5d:59:13:84:dc:84:bc:7d:aa:c9:be:a2:
ae:c6:2d:4c:02:cb:a5:bb:4c:46:36:4e:32:d6:6e:4b:be:71:
24:f8:0f:be:8d:25:60:80:b0:30:bd:0e:e4:a2:da:8f:b7:f4:
9b:0f:d4:37:62:03:69:69:7e:4d:08:c3:6c:01:cf:3c:6e:b7:
3a:c4:5c:e4:63:4c:c7:e6:81:41:a8:d2:d2:54:68:3b:57:b3:
aa:9c:46:cc:6c:a3:f7:50:00:12:c9:9c:d9:f8:0e:37:8c:10:
ea:99:71:46:6f:11:3a:bf:b8:68:ea:8a:ad:29:3f:71:65:c6:
2b:38:1d:d6:8e:b3:80:26:89:d7:8c:b2:ca:87:8d:62:19:77:
4e:25:e6:e5:a6:1a:78:23:06:f9:c9:59:62:2a:97:a0:2e:f4:
ff:59:bc:74:86:1c:a2:4e:d7:98:aa:21:c5:f0:aa:21:9e:e1:
7b:80:61:f0:16:78:d9:21:1b:b7:6b:1d:66:7d:91:35:71:4c:
a9:38:5f:a6
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUYFimvM7Z/qlc08/EA2sAl+BjLIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NDBaFw0yNjA3MDIxNTUxNDBaMDMxMTAvBgNV
BAMTKERCRjJBNkNFNTdBNjVFRkFGMkIxNEY4RDdENEQ0QUFEMTI1MThBRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7PPJtVD24w3AWzF61jGncYJDT
B1b7sR0bMP0re3rfi4kZEjnd4i9BcIT4OVozppMtpxPL97UfsmyCLVjxnot3lsIA
njk8GsFBP6IMQanAEuREM2cC+zLq2Sd21yH40/t8BB13xStofFhd5xiTu+Ogek6X
rjMeVYzr1ejH5i3piEmPlfJzkmIVblxD8TGLxZk+Cmu3IyAz6yt+Nx/1oqfq3J7q
ZPZ89t1mECW6dsZGhMgIBim7gdLyl6rATvSiow9pIMwx7vPw1CWDI+RAN9N3BEeZ
AfTLiF96uCzczH+Q0SmE4b3XzVfpRo5gmmwggFUM18CYJmI5btevnSG6n+CRAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU2/KmzlemXvrysU+NfU1KrRJRitgwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA4Njc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQjQMA0GCSqGSIb3DQEBCwUAA4IBAQA1my7K
/HmsqqRBmY4UmgCzDPs+ey9JQHWeK4zEyynIL9fIqhr+lVICZx5lntvN1AapSZyB
6GFeJmtoVUFdWROE3IS8farJvqKuxi1MAsulu0xGNk4y1m5LvnEk+A++jSVggLAw
vQ7kotqPt/SbD9Q3YgNpaX5NCMNsAc88brc6xFzkY0zH5oFBqNLSVGg7V7OqnEbM
bKP3UAASyZzZ+A43jBDqmXFGbxE6v7ho6oqtKT9xZcYrOB3WjrOAJonXjLLKh41i
GXdOJeblphp4Iwb5yVliKpegLvT/Wbx0hhyiTteYqiHF8KohnuF7gGHwFnjZIRu3
ax1mfZE1cUypOF+m
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:05:02 2025 by rpki-client