Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: 27AOJ7adfTDYfIpK7CE7WP+yYovr1lrqQn7boA8lg0c=
Subject key identifier: B6:96:9C:4B:CC:F1:92:2B:16:B2:0B:24:AF:23:61:48:3E:BF:8A:4F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0618E62AC2D0F95273F2E2988E67FF550DE39201
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
Signing time: Sat 26 Apr 2025 17:58:01 +0000
ROA not before: Sat 26 Apr 2025 17:53:01 +0000
ROA not after: Sat 25 Apr 2026 17:58:01 +0000
asID: 5065
IP address blocks: 96.62.69.0/24 maxlen: 24
96.62.72.0/24 maxlen: 24
96.62.75.0/24 maxlen: 24
96.62.76.0/24 maxlen: 24
96.62.78.0/24 maxlen: 24
96.62.84.0/24 maxlen: 24
96.62.89.0/24 maxlen: 24
96.62.131.0/24 maxlen: 24
140.233.165.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
148.135.153.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:18:e6:2a:c2:d0:f9:52:73:f2:e2:98:8e:67:ff:55:0d:e3:92:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 26 17:53:01 2025 GMT
Not After : Apr 25 17:58:01 2026 GMT
Subject: CN=B6969C4BCCF1922B16B20B24AF2361483EBF8A4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6a:da:13:01:cd:85:df:c7:97:1b:c6:f4:8a:
fb:b9:e3:71:02:18:4e:b4:99:7a:f6:1a:3c:26:39:
08:78:06:9a:d2:60:70:4c:f7:2c:a7:02:91:36:fa:
eb:43:21:1c:5e:cb:a3:63:bb:37:fb:ff:b4:79:ab:
4c:4f:18:d4:df:ce:49:0a:bc:5f:2a:51:67:4e:c8:
b6:c1:f5:b0:0a:8c:e5:84:cb:d0:62:e9:4c:68:9b:
d4:d9:67:06:e3:a9:3d:ac:1b:8b:ae:a5:69:67:69:
99:0e:84:8e:16:68:da:1c:d1:1d:59:84:e8:3c:35:
dd:2a:e1:b0:5b:d0:7f:e5:ce:e1:e9:b9:70:28:b7:
be:42:0a:f3:9a:76:bb:26:94:e3:ee:78:2c:c4:10:
0d:bb:71:83:bc:cf:fc:eb:4f:63:4d:e6:5c:df:4b:
10:cd:75:31:5b:e0:93:9f:c4:8f:44:f2:44:79:1e:
71:b0:ab:e1:ae:e9:e7:b2:ed:83:2a:2d:13:51:a0:
9d:26:80:e6:a5:49:a6:2d:b1:f8:bc:8d:bd:be:f4:
c2:0d:8d:f0:6c:ff:e4:4d:85:e9:02:00:0a:e7:36:
3d:16:9c:6d:12:1c:d3:8d:1a:b3:91:22:00:52:bf:
ee:07:fb:f6:56:ee:2a:bf:6f:c4:21:1d:f3:1e:b1:
e7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:96:9C:4B:CC:F1:92:2B:16:B2:0B:24:AF:23:61:48:3E:BF:8A:4F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.69.0/24
96.62.72.0/24
96.62.75.0-96.62.76.255
96.62.78.0/24
96.62.84.0/24
96.62.89.0/24
96.62.131.0/24
140.233.165.0/24
146.103.37.0/24
148.135.153.0/24
148.135.171.0/24
148.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:65:24:8c:8c:06:5e:b6:ed:9c:3d:85:51:a7:68:92:be:22:
45:7c:6b:e7:1c:6c:52:58:41:84:3a:30:4f:c7:c1:f5:b8:3c:
6f:99:c1:51:da:13:a9:61:d7:d8:9c:ca:15:52:97:95:00:f8:
a9:80:c8:ca:a4:1a:87:e3:a3:ab:3d:5c:7c:dc:95:6a:5f:01:
d4:4d:9c:2d:38:68:f9:ea:f4:12:8b:7b:03:9b:27:fe:af:17:
53:2a:4a:d2:5f:aa:4c:85:32:9a:83:92:d5:01:1b:bd:c0:ad:
a0:13:c7:76:59:a5:3e:59:d2:4f:40:93:be:1d:0f:09:bd:7b:
02:22:84:6d:bb:51:60:fc:8d:6f:f2:af:72:39:07:7a:fe:ba:
40:15:bf:7c:9a:54:e1:2f:8e:7f:16:c7:28:f1:cc:08:92:85:
e3:db:7e:9a:73:f0:77:2a:38:34:fe:a1:48:05:01:84:92:58:
4b:57:3d:87:18:7e:8d:ea:e3:97:6b:13:dd:7f:ff:e5:b8:37:
f1:01:b2:7a:1c:fa:66:8b:38:00:6d:1b:1a:f3:4e:c7:17:65:
c7:7f:4d:9d:5b:77:4d:d4:1e:ac:b5:94:08:99:c9:b8:97:1e:
e0:7e:12:69:a0:aa:12:61:76:f8:34:09:cb:9a:8c:c3:f7:b8:
dd:83:3d:86
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUBhjmKsLQ+VJz8uKYjmf/VQ3jkgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjYxNzUzMDFaFw0yNjA0MjUxNzU4MDFaMDMxMTAvBgNV
BAMTKEI2OTY5QzRCQ0NGMTkyMkIxNkIyMEIyNEFGMjM2MTQ4M0VCRjhBNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsatoTAc2F38eXG8b0ivu543EC
GE60mXr2GjwmOQh4BprSYHBM9yynApE2+utDIRxey6Njuzf7/7R5q0xPGNTfzkkK
vF8qUWdOyLbB9bAKjOWEy9Bi6Uxom9TZZwbjqT2sG4uupWlnaZkOhI4WaNoc0R1Z
hOg8Nd0q4bBb0H/lzuHpuXAot75CCvOadrsmlOPueCzEEA27cYO8z/zrT2NN5lzf
SxDNdTFb4JOfxI9E8kR5HnGwq+Gu6eey7YMqLRNRoJ0mgOalSaYtsfi8jb2+9MIN
jfBs/+RNhekCAArnNj0WnG0SHNONGrORIgBSv+4H+/ZW7iq/b8QhHfMesefNAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUtpacS8zxkisWsgskryNhSD6/ik8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAGA+RQME
AGA+SDAMAwQAYD5LAwQAYD5MAwQAYD5OAwQAYD5UAwQAYD5ZAwQAYD6DAwQAjOml
AwQAkmclAwQAlIeZAwQAlIerAwQAlIeuMA0GCSqGSIb3DQEBCwUAA4IBAQCuZSSM
jAZetu2cPYVRp2iSviJFfGvnHGxSWEGEOjBPx8H1uDxvmcFR2hOpYdfYnMoVUpeV
APipgMjKpBqH46OrPVx83JVqXwHUTZwtOGj56vQSi3sDmyf+rxdTKkrSX6pMhTKa
g5LVARu9wK2gE8d2WaU+WdJPQJO+HQ8JvXsCIoRtu1Fg/I1v8q9yOQd6/rpAFb98
mlThL45/Fsco8cwIkoXj236ac/B3Kjg0/qFIBQGEklhLVz2HGH6N6uOXaxPdf//l
uDfxAbJ6HPpmizgAbRsa807HF2XHf02dW3dN1B6stZQImcm4lx7gfhJpoKoSYXb4
NAnLmozD97jdgz2G
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:14:26 2025 by rpki-client