Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/bpF1XeMhBtMCrFZBTbI06TJ1Jmw.roa
File: bpF1XeMhBtMCrFZBTbI06TJ1Jmw.roa (raw, json)
Hash identifier: LOaD+sCf/2D7Mim2JGFH8PEnrqbRK6l+U7TNwt79J+A=
Subject key identifier: 6E:91:75:5D:E3:21:06:D3:02:AC:56:41:4D:B2:34:E9:32:75:26:6C
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018DEDF27D10ED5E05F8718EC560EEB5C27E
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/bpF1XeMhBtMCrFZBTbI06TJ1Jmw.roa
Signing time: Wed 28 Feb 2024 04:21:48 +0000
ROA not before: Wed 28 Feb 2024 04:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211642
IP address blocks: 5.253.60.0/24 maxlen: 24
5.253.61.0/24 maxlen: 24
45.128.206.0/24 maxlen: 24
45.128.207.0/24 maxlen: 24
185.219.40.0/24 maxlen: 24
185.219.41.0/24 maxlen: 24
185.219.42.0/24 maxlen: 24
185.219.43.0/24 maxlen: 24
185.240.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:f2:7d:10:ed:5e:05:f8:71:8e:c5:60:ee:b5:c2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Feb 28 04:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e91755de32106d302ac56414db234e93275266c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:6a:a5:32:b6:bd:ed:21:8a:28:39:61:a3:
cb:7d:fb:f7:19:88:3b:c2:ce:3e:a0:f5:65:1a:36:
b9:83:1e:6f:3a:69:93:6c:b4:0a:e4:b1:69:10:e6:
68:b1:8a:08:13:f2:64:65:85:f7:71:ad:4b:a2:87:
9b:48:93:95:1c:4f:b7:37:86:44:0b:25:0b:62:c4:
8c:ed:b6:b9:c1:a2:ff:6d:08:1f:01:3b:bd:5d:c3:
fc:24:e8:69:c3:0c:1a:32:52:3d:65:db:7e:d2:1a:
90:b0:e8:d6:13:6e:c6:6f:11:89:0f:36:0b:84:5c:
f5:e3:a7:81:a7:62:bc:44:65:02:bc:15:59:20:db:
1f:ca:f7:03:a8:ce:be:40:f2:0f:b0:2f:a5:09:10:
67:8e:f4:e3:68:f0:c9:59:43:84:0e:c3:dc:a6:80:
36:98:f7:6c:2e:f1:2c:04:b4:7c:cf:14:d0:64:9b:
f7:b9:7d:63:95:63:1e:49:85:2a:38:5c:fb:09:78:
3b:af:b8:a5:9b:2f:bc:70:ab:1c:4c:87:c0:b2:fe:
38:f9:0a:3c:6c:58:31:12:bc:57:bb:36:73:01:5c:
a7:57:12:01:85:38:ea:c2:16:3c:ae:c6:44:74:6e:
e7:f4:2d:71:63:55:94:a2:55:cd:24:b6:80:e1:d0:
b2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:91:75:5D:E3:21:06:D3:02:AC:56:41:4D:B2:34:E9:32:75:26:6C
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/bpF1XeMhBtMCrFZBTbI06TJ1Jmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.60.0/23
45.128.206.0/23
185.219.40.0/22
185.240.102.0/24
Signature Algorithm: sha256WithRSAEncryption
41:35:4b:50:e3:0a:ab:a1:39:f7:8b:a8:af:a0:41:b8:d6:25:
5c:1e:82:24:79:8b:ec:71:17:b9:dc:5b:ae:f3:10:ae:de:e7:
6e:ae:ea:d3:ee:05:85:a1:e7:7a:09:ae:8f:0b:f3:84:fa:e3:
a8:81:cb:64:1b:42:10:a1:aa:74:52:09:91:46:bc:2a:f2:b4:
df:e7:98:13:83:29:d5:a2:51:a4:c4:2c:0b:39:8c:e6:3d:a5:
b0:42:b3:d1:50:37:66:79:3e:f6:c8:6b:8b:72:9a:b1:14:09:
95:36:aa:1a:df:05:bd:fd:0e:4d:9b:ee:18:20:46:5a:17:44:
eb:a7:7a:d4:d0:84:66:30:16:12:db:f1:a1:92:da:24:95:3b:
4a:5d:dd:fa:c9:e9:f3:be:ec:9a:6a:a1:4f:e1:39:37:3d:af:
77:93:b6:f9:08:ce:c4:76:d3:d4:97:94:49:b1:d3:55:82:54:
07:01:f3:59:ba:07:4e:d3:67:86:f3:e8:3f:c5:8e:dc:3d:8a:
28:35:47:74:1c:e9:3a:24:ed:77:05:22:00:28:b5:61:54:25:
41:9d:b2:d3:34:50:1d:f1:ce:63:0c:26:49:38:d6:94:3e:55:
6b:f9:15:84:98:93:35:ac:b7:91:7f:4b:0b:a2:7b:91:72:f5:
da:02:1a:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3t8n0Q7V4F+HGOxWDutcJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMjI4MDQyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkxNzU1ZGUzMjEwNmQzMDJhYzU2NDE0ZGIyMzRlOTMyNzUyNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkxqpTK2ve0hiig5YaPLffv3GYg7
ws4+oPVlGja5gx5vOmmTbLQK5LFpEOZosYoIE/JkZYX3ca1LooebSJOVHE+3N4ZE
CyULYsSM7ba5waL/bQgfATu9XcP8JOhpwwwaMlI9Zdt+0hqQsOjWE27GbxGJDzYL
hFz146eBp2K8RGUCvBVZINsfyvcDqM6+QPIPsC+lCRBnjvTjaPDJWUOEDsPcpoA2
mPdsLvEsBLR8zxTQZJv3uX1jlWMeSYUqOFz7CXg7r7ilmy+8cKscTIfAsv44+Qo8
bFgxErxXuzZzAVynVxIBhTjqwhY8rsZEdG7n9C1xY1WUolXNJLaA4dCy1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG6RdV3jIQbTAqxWQU2yNOkydSZsMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvYnBGMVhlTWhCdE1DckZaQlRiSTA2VEoxSm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBf08AwQB
LYDOAwQCudsoAwQAufBmMA0GCSqGSIb3DQEBCwUAA4IBAQBBNUtQ4wqroTn3i6iv
oEG41iVcHoIkeYvscRe53Fuu8xCu3udururT7gWFoed6Ca6PC/OE+uOogctkG0IQ
oap0UgmRRrwq8rTf55gTgynVolGkxCwLOYzmPaWwQrPRUDdmeT72yGuLcpqxFAmV
Nqoa3wW9/Q5Nm+4YIEZaF0Trp3rU0IRmMBYS2/GhktoklTtKXd36yenzvuyaaqFP
4Tk3Pa93k7b5CM7EdtPUl5RJsdNVglQHAfNZugdO02eG8+g/xY7cPYooNUd0HOk6
JO13BSIAKLVhVCVBnbLTNFAd8c5jDCZJONaUPlVr+RWEmJM1rLeRf0sLonuRcvXa
AhrZ
-----END CERTIFICATE-----
Generated at Tue Nov 26 11:37:54 2024 by rpki-client on console-fra.rpki-client.org