Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/TbVD9-XpBk6W0yrlgWh0V-ewBQc.roa
File: TbVD9-XpBk6W0yrlgWh0V-ewBQc.roa (raw, json)
Hash identifier: hCNLIAwnqSjOs2mAP7RsckyeEPf9EBpeIb7Qp4DpJk4=
Subject key identifier: 4D:B5:43:F7:E5:E9:06:4E:96:D3:2A:E5:81:68:74:57:E7:B0:05:07
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 018CC9BC26A4FC1B6D3C02AA8F00C89A15A6
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/TbVD9-XpBk6W0yrlgWh0V-ewBQc.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42431
IP address blocks: 46.233.13.0/24 maxlen: 24
46.233.12.0/24 maxlen: 24
46.233.16.0/24 maxlen: 24
46.233.16.0/21 maxlen: 21
46.233.15.0/24 maxlen: 24
46.233.14.0/24 maxlen: 24
46.233.17.0/24 maxlen: 24
46.233.23.0/24 maxlen: 24
46.233.22.0/24 maxlen: 24
46.233.21.0/24 maxlen: 24
46.233.24.0/24 maxlen: 24
46.233.24.0/23 maxlen: 23
46.233.20.0/24 maxlen: 24
46.233.19.0/24 maxlen: 24
46.233.18.0/24 maxlen: 24
46.233.26.0/24 maxlen: 24
46.233.25.0/24 maxlen: 24
46.233.30.0/24 maxlen: 24
46.233.29.0/24 maxlen: 24
46.233.28.0/22 maxlen: 22
46.233.28.0/24 maxlen: 24
46.233.27.0/24 maxlen: 24
46.233.31.0/24 maxlen: 24
46.233.36.0/23 maxlen: 23
46.233.2.0/24 maxlen: 24
46.233.1.0/24 maxlen: 24
46.233.0.0/19 maxlen: 20
46.233.0.0/24 maxlen: 24
46.233.0.0/21 maxlen: 21
46.233.4.0/24 maxlen: 24
46.233.3.0/24 maxlen: 24
46.233.6.0/24 maxlen: 24
46.233.5.0/24 maxlen: 24
46.233.9.0/24 maxlen: 24
46.233.8.0/24 maxlen: 24
46.233.7.0/24 maxlen: 24
46.233.11.0/24 maxlen: 24
46.233.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:26:a4:fc:1b:6d:3c:02:aa:8f:00:c8:9a:15:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db543f7e5e9064e96d32ae581687457e7b00507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fd:8c:c6:81:e1:c1:48:2d:8d:bf:88:5a:65:
65:6a:f3:50:b8:00:9a:4c:8d:ef:ee:ec:7e:e5:a1:
f6:81:93:5f:d4:14:78:f8:1a:61:ba:4f:7a:86:32:
d0:3a:fe:e0:a8:eb:ba:03:48:1c:6e:59:49:c5:2d:
0c:6d:2c:2e:b1:2d:30:41:92:6f:c3:e8:b6:11:5d:
af:7f:34:a6:39:39:52:57:45:9e:27:8c:db:9a:20:
e6:09:40:b4:8f:fa:6b:9c:aa:22:ec:cf:3d:50:32:
a6:60:1d:45:d1:bc:b8:28:eb:3d:f6:5b:9d:1a:88:
fc:5c:e6:b4:20:87:04:ab:77:62:d6:5e:d3:d4:9d:
65:90:e2:b8:f7:05:8c:70:84:8a:dd:34:a0:8a:51:
03:10:1d:77:ab:2c:01:85:9c:5a:9f:7a:d1:13:f9:
8c:7d:c6:b5:8b:52:d0:9d:c6:99:02:33:e8:3b:8c:
2c:67:43:3a:2d:fe:7e:be:ef:33:ed:23:25:c7:93:
1b:5f:02:a7:26:01:c3:69:a5:ad:06:8d:f6:f4:78:
8e:5a:b6:f5:73:c9:bf:32:d9:2d:ec:2a:5d:fb:07:
48:e8:6f:8b:b5:1d:2a:17:3d:66:4e:7c:f2:bc:af:
13:5a:20:0f:f4:37:d6:a2:0b:34:5c:4f:da:60:c7:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B5:43:F7:E5:E9:06:4E:96:D3:2A:E5:81:68:74:57:E7:B0:05:07
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/TbVD9-XpBk6W0yrlgWh0V-ewBQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.0.0/19
46.233.36.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:04:3b:3e:b7:79:99:71:3f:2b:b7:55:e7:ae:4e:a0:e4:f2:
56:7b:a1:49:18:60:c9:d5:33:e9:72:0a:60:e1:84:7e:08:db:
cd:99:ea:31:d3:87:52:df:29:eb:c1:bc:8a:0c:27:1a:ed:d8:
91:8f:d1:31:b1:a6:90:63:f7:f6:1e:e7:59:86:20:10:88:f2:
46:e0:74:41:3e:49:9f:b1:94:24:08:3a:3d:62:a0:6e:9f:c2:
c0:06:e7:27:ce:c9:4e:ac:79:2b:0e:93:00:ac:05:55:2c:9d:
87:3c:75:56:0d:d6:3e:83:19:84:a9:f3:d9:7d:88:88:87:56:
37:a0:83:22:10:bb:db:c6:43:64:e0:5e:8c:e7:7d:fc:c4:fa:
79:f6:17:96:e8:0e:f8:43:fb:47:49:72:5b:86:8d:9b:40:aa:
21:9e:36:20:8c:71:ec:49:b3:86:48:ed:a2:76:d3:d6:c3:dd:
df:92:e1:88:47:75:a2:2d:8e:19:1f:a9:5c:61:70:ae:e3:e7:
fb:15:7d:85:15:41:d1:0f:4c:74:2a:84:08:3d:36:ce:18:21:
e9:2a:1e:87:3a:75:a4:bc:9a:6c:55:f7:28:b1:8a:04:b5:24:
fd:5d:09:e7:98:ba:c7:3b:e5:43:39:b9:82:e8:1a:4b:95:37:
5c:66:10:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvCak/BttPAKqjwDImhWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI1NDNmN2U1ZTkwNjRlOTZkMzJhZTU4MTY4NzQ1N2U3YjAwNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP2MxoHhwUgtjb+IWmVlavNQuACa
TI3v7ux+5aH2gZNf1BR4+Bphuk96hjLQOv7gqOu6A0gcbllJxS0MbSwusS0wQZJv
w+i2EV2vfzSmOTlSV0WeJ4zbmiDmCUC0j/prnKoi7M89UDKmYB1F0by4KOs99lud
Goj8XOa0IIcEq3di1l7T1J1lkOK49wWMcISK3TSgilEDEB13qywBhZxan3rRE/mM
fca1i1LQncaZAjPoO4wsZ0M6Lf5+vu8z7SMlx5MbXwKnJgHDaaWtBo329HiOWrb1
c8m/Mtkt7Cpd+wdI6G+LtR0qFz1mTnzyvK8TWiAP9DfWogs0XE/aYMfFGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE21Q/fl6QZOltMq5YFodFfnsAUHMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvVGJWRDktWHBCazZXMHlybGdXaDBWLWV3QlFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFLukAAwQB
LukkMA0GCSqGSIb3DQEBCwUAA4IBAQAuBDs+t3mZcT8rt1Xnrk6g5PJWe6FJGGDJ
1TPpcgpg4YR+CNvNmeox04dS3ynrwbyKDCca7diRj9ExsaaQY/f2HudZhiAQiPJG
4HRBPkmfsZQkCDo9YqBun8LABucnzslOrHkrDpMArAVVLJ2HPHVWDdY+gxmEqfPZ
fYiIh1Y3oIMiELvbxkNk4F6M5338xPp59heW6A74Q/tHSXJbho2bQKohnjYgjHHs
SbOGSO2idtPWw93fkuGIR3WiLY4ZH6lcYXCu4+f7FX2FFUHRD0x0KoQIPTbOGCHp
Kh6HOnWkvJpsVfcosYoEtST9XQnnmLrHO+VDObmC6BpLlTdcZhCW
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:14:29 2024 by rpki-client on console-fra.rpki-client.org