Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS211431.roa
File: AS211431.roa (raw, json)
Hash identifier: T5LJeES4IrDhoxtg4mUMo/UauNbsYrw/0MqBcaHaVc8=
Subject key identifier: 99:D3:2B:94:8B:79:09:D2:8C:73:99:C9:0F:23:40:A2:2C:AA:95:3A
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 04C47CD4B73DD92704D237A63D56E61BB646CF3A
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS211431.roa
Signing time: Thu 03 Jul 2025 15:52:33 +0000
ROA not before: Thu 03 Jul 2025 15:47:33 +0000
ROA not after: Thu 02 Jul 2026 15:52:33 +0000
asID: 211431
IP address blocks: 81.31.212.0/24 maxlen: 24
2a06:a005:1720::/44 maxlen: 48
2a06:a005:1790::/44 maxlen: 48
2a06:a005:17b0::/44 maxlen: 48
2a06:a005:17c0::/44 maxlen: 48
2a06:a005:17d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:c4:7c:d4:b7:3d:d9:27:04:d2:37:a6:3d:56:e6:1b:b6:46:cf:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:33 2025 GMT
Not After : Jul 2 15:52:33 2026 GMT
Subject: CN=99D32B948B7909D28C7399C90F2340A22CAA953A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:df:2b:7e:a0:78:f4:c6:67:45:57:43:28:e6:
6a:41:72:be:94:3f:fb:e8:1d:72:8b:ba:c7:ba:e8:
c0:46:9d:66:f1:63:af:fc:5c:ed:d5:6e:fa:4d:8f:
4a:8e:9a:62:4c:5a:b6:5f:78:d5:85:67:ee:80:29:
54:56:2a:9b:6c:d4:da:01:45:8c:1f:11:bc:68:26:
88:90:7d:f2:7b:30:0e:b0:f7:0c:9d:d3:8e:e8:ad:
33:7e:03:26:10:de:fd:b0:d3:a9:61:09:52:fc:b2:
c8:78:eb:fb:05:40:77:0b:f4:1a:b6:3f:18:90:8d:
c0:c5:73:8c:7c:1c:a9:54:39:38:5d:60:17:4b:ec:
95:d3:c1:89:e7:44:5d:ec:ee:e6:79:c4:54:f1:78:
56:ad:9f:79:f8:bf:1c:c4:f4:12:7a:f5:2a:c6:b4:
6f:89:bc:c4:c5:20:f6:16:db:23:1d:dd:66:83:25:
1e:47:b1:26:7f:cd:04:89:d5:0c:3f:96:29:53:2d:
55:36:f0:5b:fd:25:f9:b9:2e:fa:9a:9b:ee:13:1a:
49:72:60:a6:da:e8:81:6c:77:7f:70:2e:a2:ec:80:
8d:0f:b8:17:7d:4c:fa:ec:8f:6b:37:4c:32:60:4a:
27:90:16:ff:9e:ba:75:b0:d3:30:37:2a:1f:86:ce:
33:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D3:2B:94:8B:79:09:D2:8C:73:99:C9:0F:23:40:A2:2C:AA:95:3A
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS211431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.212.0/24
IPv6:
2a06:a005:1720::/44
2a06:a005:1790::/44
2a06:a005:17b0::-2a06:a005:17df:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:a8:e9:d8:1c:73:fd:23:d5:4c:f1:aa:d6:60:70:fe:ee:d0:
1a:5b:fa:82:a8:5e:4a:ee:8f:37:9b:f3:37:06:77:29:34:d2:
a1:07:95:4a:bc:4c:86:8a:df:ec:e4:02:31:ee:f2:92:15:a8:
30:e6:d9:02:cf:fc:c3:5b:b5:78:9b:e4:7c:78:0f:c4:20:ac:
56:92:55:b7:50:bc:0f:e6:e7:7b:45:a3:5f:39:a1:60:1a:c4:
3d:45:5c:08:b4:f8:b4:47:2b:60:c3:ea:10:4b:64:4c:f9:d5:
e0:94:34:e4:91:7e:ee:32:18:27:b0:28:37:6a:71:fa:56:55:
b3:ae:b6:24:76:bd:33:87:78:bf:9d:ec:c2:0f:a4:25:66:4b:
b0:af:62:fd:25:75:fe:b8:bc:a1:08:a5:98:7b:6b:67:9e:9a:
fc:6f:53:84:2e:c4:9f:59:0d:36:c9:3e:ff:36:41:1a:a2:2f:
40:72:00:2f:50:1f:dd:d9:c2:8a:af:f7:88:b6:88:52:00:4b:
3e:98:9c:5b:20:92:07:07:18:9a:70:0c:6d:2f:4c:eb:83:86:
f3:a7:e2:4f:2c:fb:36:3e:9b:70:ec:a3:e5:0a:4c:86:42:86:
8e:d6:f1:bb:40:15:b2:ad:9a:4a:ce:de:9f:a5:65:ae:5a:ea:
60:a8:a5:7a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUBMR81Lc92ScE0jemPVbmG7ZGzzowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MzNaFw0yNjA3MDIxNTUyMzNaMDMxMTAvBgNV
BAMTKDk5RDMyQjk0OEI3OTA5RDI4QzczOTlDOTBGMjM0MEEyMkNBQTk1M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx3yt+oHj0xmdFV0Mo5mpBcr6U
P/voHXKLuse66MBGnWbxY6/8XO3VbvpNj0qOmmJMWrZfeNWFZ+6AKVRWKpts1NoB
RYwfEbxoJoiQffJ7MA6w9wyd047orTN+AyYQ3v2w06lhCVL8ssh46/sFQHcL9Bq2
PxiQjcDFc4x8HKlUOThdYBdL7JXTwYnnRF3s7uZ5xFTxeFatn3n4vxzE9BJ69SrG
tG+JvMTFIPYW2yMd3WaDJR5HsSZ/zQSJ1Qw/lilTLVU28Fv9Jfm5Lvqam+4TGkly
YKba6IFsd39wLqLsgI0PuBd9TPrsj2s3TDJgSieQFv+eunWw0zA3Kh+GzjNbAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUmdMrlIt5CdKMc5nJDyNAoiyqlTowHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjExNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUFBwEH
AQH/BD4wPDAMBAIAATAGAwQAUR/UMCwEAgACMCYDBwQqBqAFFyADBwQqBqAFF5Aw
EgMHBCoGoAUXsAMHBSoGoAUXwDANBgkqhkiG9w0BAQsFAAOCAQEAYKjp2Bxz/SPV
TPGq1mBw/u7QGlv6gqheSu6PN5vzNwZ3KTTSoQeVSrxMhorf7OQCMe7ykhWoMObZ
As/8w1u1eJvkfHgPxCCsVpJVt1C8D+bne0WjXzmhYBrEPUVcCLT4tEcrYMPqEEtk
TPnV4JQ05JF+7jIYJ7AoN2px+lZVs662JHa9M4d4v53swg+kJWZLsK9i/SV1/ri8
oQilmHtrZ56a/G9ThC7En1kNNsk+/zZBGqIvQHIAL1Af3dnCiq/3iLaIUgBLPpic
WyCSBwcYmnAMbS9M64OG86fiTyz7Nj6bcOyj5QpMhkKGjtbxu0AVsq2aSs7en6Vl
rlrqYKileg==
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:09:17 2025 by rpki-client