Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210667.roa
File: AS210667.roa (raw, json)
Hash identifier: ezec6mJF8962d8bF/KGoaNLUF1ZPOd0sCYqslgYlCNU=
Subject key identifier: 1A:6C:57:78:C6:2F:C5:04:85:B2:EA:58:70:00:48:72:14:26:84:F0
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 25172619B8A474C135A7CB22296DFEEB24672303
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210667.roa
Signing time: Thu 03 Jul 2025 15:52:00 +0000
ROA not before: Thu 03 Jul 2025 15:47:00 +0000
ROA not after: Thu 02 Jul 2026 15:52:00 +0000
asID: 210667
IP address blocks: 89.39.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:17:26:19:b8:a4:74:c1:35:a7:cb:22:29:6d:fe:eb:24:67:23:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:00 2025 GMT
Not After : Jul 2 15:52:00 2026 GMT
Subject: CN=1A6C5778C62FC50485B2EA5870004872142684F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:52:03:d6:a4:82:41:3c:99:70:12:51:93:23:
77:aa:e9:48:db:42:5e:50:9a:9f:ae:8b:89:86:90:
f1:9a:89:e2:9d:d1:56:fa:6b:5c:03:9c:70:04:8e:
b0:bc:1c:e5:50:be:89:dd:08:09:33:d2:a0:e6:e9:
d9:73:71:c4:ba:24:06:97:5f:04:c1:04:03:9c:a4:
aa:50:48:8d:9a:e7:3d:53:fa:ef:61:44:4b:d0:e5:
36:0b:73:b3:bf:ca:38:f2:f7:b9:18:97:67:6d:6d:
e5:3e:fb:67:61:f1:0f:6a:9b:50:1d:39:93:5c:76:
2f:3b:9b:1f:51:ef:69:75:4b:4c:51:30:62:aa:37:
81:5f:d6:69:70:54:d2:eb:8e:d0:10:db:83:43:4e:
08:99:fb:8b:ae:d8:a5:04:50:9e:17:89:a9:31:d0:
88:72:8f:55:4e:9d:40:20:d2:83:4e:41:3d:a7:07:
ae:46:13:83:5d:77:98:7b:67:85:2f:e1:4e:de:e7:
ac:9f:be:ae:0a:65:73:01:7e:c8:8d:65:b6:19:15:
2b:61:24:94:b0:34:53:97:7f:8b:01:b3:ae:45:c6:
11:f1:28:a4:ab:de:1b:fb:5d:03:f6:5e:5c:20:6c:
c5:dd:e6:e8:5a:ec:73:a6:be:ff:15:54:e2:67:5d:
af:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6C:57:78:C6:2F:C5:04:85:B2:EA:58:70:00:48:72:14:26:84:F0
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.211.0/24
Signature Algorithm: sha256WithRSAEncryption
87:07:ca:e0:d8:82:2f:72:c1:3e:1e:1e:9e:52:97:46:af:af:
29:ae:16:0f:e7:48:8c:fa:3b:2e:52:d4:3e:36:2b:0d:65:05:
df:92:da:8f:19:50:50:41:76:c1:68:6e:1a:c4:87:92:e2:ef:
41:c5:07:48:4c:41:7e:b2:49:6a:4b:4a:0d:5d:bc:2e:b0:da:
66:5c:a0:8f:97:cc:04:8c:3b:8c:22:8f:cc:14:f5:fa:70:35:
85:13:4c:32:2a:74:12:71:0a:14:7d:47:b0:f5:55:a3:41:90:
72:28:30:bf:ca:82:b2:b2:c5:7b:25:33:84:6a:8e:af:6f:92:
b3:3e:d4:f9:e3:34:65:54:46:40:20:f3:cf:97:88:60:33:f5:
a5:8c:7b:b7:48:47:e6:c7:59:03:dd:a8:10:81:35:d8:d8:5c:
02:24:38:f9:3d:cf:9b:55:d0:0e:57:da:9a:2c:ad:ec:5b:21:
08:bf:9f:23:fe:1f:51:4c:42:1e:60:c0:48:95:d0:64:d3:87:
ee:21:0e:38:64:d8:13:53:d7:59:79:da:c1:25:4a:03:d0:cd:
20:4b:f7:39:89:0d:a7:9c:e7:ac:c3:d3:52:6b:a6:f9:4d:39:
97:5e:f5:b1:30:9e:cf:c6:3d:c6:ac:94:62:e7:38:25:32:50:
db:99:4d:ac
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUJRcmGbikdME1p8siKW3+6yRnIwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDBaFw0yNjA3MDIxNTUyMDBaMDMxMTAvBgNV
BAMTKDFBNkM1Nzc4QzYyRkM1MDQ4NUIyRUE1ODcwMDA0ODcyMTQyNjg0RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkUgPWpIJBPJlwElGTI3eq6Ujb
Ql5Qmp+ui4mGkPGaieKd0Vb6a1wDnHAEjrC8HOVQvondCAkz0qDm6dlzccS6JAaX
XwTBBAOcpKpQSI2a5z1T+u9hREvQ5TYLc7O/yjjy97kYl2dtbeU++2dh8Q9qm1Ad
OZNcdi87mx9R72l1S0xRMGKqN4Ff1mlwVNLrjtAQ24NDTgiZ+4uu2KUEUJ4Xiakx
0Ihyj1VOnUAg0oNOQT2nB65GE4Ndd5h7Z4Uv4U7e56yfvq4KZXMBfsiNZbYZFSth
JJSwNFOXf4sBs65FxhHxKKSr3hv7XQP2XlwgbMXd5uha7HOmvv8VVOJnXa+3AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUGmxXeMYvxQSFsupYcABIchQmhPAwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEwNjY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAWSfTMA0GCSqGSIb3DQEBCwUAA4IBAQCHB8rg2IIv
csE+Hh6eUpdGr68prhYP50iM+jsuUtQ+NisNZQXfktqPGVBQQXbBaG4axIeS4u9B
xQdITEF+sklqS0oNXbwusNpmXKCPl8wEjDuMIo/MFPX6cDWFE0wyKnQScQoUfUew
9VWjQZByKDC/yoKyssV7JTOEao6vb5KzPtT54zRlVEZAIPPPl4hgM/WljHu3SEfm
x1kD3agQgTXY2FwCJDj5Pc+bVdAOV9qaLK3sWyEIv58j/h9RTEIeYMBIldBk04fu
IQ44ZNgTU9dZedrBJUoD0M0gS/c5iQ2nnOesw9NSa6b5TTmXXvWxMJ7Pxj3GrJRi
5zglMlDbmU2s
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:15:14 2025 by rpki-client