Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: xb1n0hoLWYdRoCzTIVSOLowPQp+3KPo9BaXhhv7repA=
Subject key identifier: E2:DB:9A:EB:AF:54:22:68:EC:96:64:58:BB:26:4B:5D:DF:B8:56:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6D30A375AE38CBF7E1C832367B426BE37B555518
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
Signing time: Sat 15 Mar 2025 09:54:35 +0000
ROA not before: Sat 15 Mar 2025 09:49:35 +0000
ROA not after: Sat 14 Mar 2026 09:54:35 +0000
asID: 5065
IP address blocks: 96.62.69.0/24 maxlen: 24
96.62.72.0/24 maxlen: 24
96.62.75.0/24 maxlen: 24
96.62.76.0/24 maxlen: 24
96.62.78.0/24 maxlen: 24
96.62.84.0/24 maxlen: 24
96.62.89.0/24 maxlen: 24
96.62.131.0/24 maxlen: 24
140.233.165.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
148.135.153.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:30:a3:75:ae:38:cb:f7:e1:c8:32:36:7b:42:6b:e3:7b:55:55:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 15 09:49:35 2025 GMT
Not After : Mar 14 09:54:35 2026 GMT
Subject: CN=E2DB9AEBAF542268EC966458BB264B5DDFB85698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:ed:fa:1e:f9:c4:17:15:c2:df:76:31:a1:
28:75:8a:75:d9:6f:54:3f:c8:06:3d:0e:98:8d:9b:
bc:b6:21:97:fa:3f:e3:1f:43:76:3e:04:29:1d:88:
96:e8:64:19:8c:33:5f:d9:80:d7:49:ee:fe:8c:d0:
fd:26:46:77:46:6f:4a:6e:ca:37:45:e0:e1:fc:65:
a3:71:17:31:77:c1:53:ad:2b:38:af:6d:1e:58:b4:
d7:d8:b0:b0:07:af:13:26:92:19:1a:36:f2:25:f9:
90:f1:08:28:06:89:7d:b1:44:c8:83:fb:f5:90:b5:
f8:74:2c:33:79:a9:27:f6:9e:ec:3b:bb:3d:00:6a:
46:cc:03:fc:60:49:de:99:90:ec:67:99:af:1e:ba:
e7:9d:12:a6:bc:4c:fc:b1:d3:41:00:3f:0b:c6:ae:
eb:2c:f8:2c:ab:14:03:fc:51:8e:37:56:63:b1:a3:
c5:af:1f:80:d2:f3:7f:90:ab:46:f5:7e:2b:4e:0b:
de:30:c2:d3:05:29:9b:f4:a2:1a:8f:49:33:b6:60:
cf:e7:8b:53:ba:45:cd:b6:57:fe:20:4a:41:2c:3b:
92:ac:88:3c:98:90:c6:81:df:38:22:a2:94:49:41:
f5:61:1f:53:19:9d:7e:57:84:c7:d0:66:18:d2:43:
25:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DB:9A:EB:AF:54:22:68:EC:96:64:58:BB:26:4B:5D:DF:B8:56:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.69.0/24
96.62.72.0/24
96.62.75.0-96.62.76.255
96.62.78.0/24
96.62.84.0/24
96.62.89.0/24
96.62.131.0/24
140.233.165.0/24
146.103.37.0/24
148.135.153.0/24
148.135.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:34:b1:c1:e9:02:85:5f:9e:84:ab:91:55:4f:2d:32:4b:bd:
07:16:97:2d:9f:f1:31:83:77:ce:90:d3:1b:6e:b1:f0:06:51:
9c:cc:eb:89:d7:c9:9c:35:ef:21:84:7d:32:92:6d:c3:ec:d6:
92:f1:f9:87:0b:2b:56:ff:09:a6:d6:90:e0:48:d7:0b:e7:51:
1b:69:82:e0:ef:a9:4f:b9:70:e6:5d:50:45:65:f3:6c:0d:f2:
2a:88:c8:df:6f:f2:5b:57:8e:b8:7d:7b:24:0b:1a:65:47:55:
45:18:02:83:82:4f:28:88:c5:eb:ae:06:93:04:8b:c9:c8:42:
f1:d7:d4:40:7a:e8:90:47:1e:2f:31:2e:f0:8d:40:cd:43:cc:
50:23:f0:0d:55:aa:0e:9d:92:56:97:71:56:aa:e9:56:2a:25:
d1:93:bf:94:df:4a:0e:09:8f:5e:31:a6:f3:53:a2:b4:ec:bd:
38:0e:83:80:cf:47:f8:bf:6b:75:2b:6a:89:ac:d9:ac:11:0c:
57:43:66:41:a3:cd:23:60:34:88:ce:7b:c7:c0:26:51:9e:84:
58:a9:ee:13:7d:0a:61:0f:56:6a:1b:d6:20:34:31:79:b9:c1:
a8:3b:9d:73:62:49:5d:14:dd:82:12:91:81:16:43:2b:69:a0:
53:35:9a:8d
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUbTCjda44y/fhyDI2e0Jr43tVVRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMTUwOTQ5MzVaFw0yNjAzMTQwOTU0MzVaMDMxMTAvBgNV
BAMTKEUyREI5QUVCQUY1NDIyNjhFQzk2NjQ1OEJCMjY0QjVEREZCODU2OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5z+36HvnEFxXC33YxoSh1inXZ
b1Q/yAY9DpiNm7y2IZf6P+MfQ3Y+BCkdiJboZBmMM1/ZgNdJ7v6M0P0mRndGb0pu
yjdF4OH8ZaNxFzF3wVOtKzivbR5YtNfYsLAHrxMmkhkaNvIl+ZDxCCgGiX2xRMiD
+/WQtfh0LDN5qSf2nuw7uz0AakbMA/xgSd6ZkOxnma8euuedEqa8TPyx00EAPwvG
russ+CyrFAP8UY43VmOxo8WvH4DS83+Qq0b1fitOC94wwtMFKZv0ohqPSTO2YM/n
i1O6Rc22V/4gSkEsO5KsiDyYkMaB3zgiopRJQfVhH1MZnX5XhMfQZhjSQyUzAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU4tua669UImjslmRYuyZLXd+4VpgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAGA+RQME
AGA+SDAMAwQAYD5LAwQAYD5MAwQAYD5OAwQAYD5UAwQAYD5ZAwQAYD6DAwQAjOml
AwQAkmclAwQAlIeZAwQAlIerMA0GCSqGSIb3DQEBCwUAA4IBAQC2NLHB6QKFX56E
q5FVTy0yS70HFpctn/Exg3fOkNMbbrHwBlGczOuJ18mcNe8hhH0ykm3D7NaS8fmH
CytW/wmm1pDgSNcL51EbaYLg76lPuXDmXVBFZfNsDfIqiMjfb/JbV464fXskCxpl
R1VFGAKDgk8oiMXrrgaTBIvJyELx19RAeuiQRx4vMS7wjUDNQ8xQI/ANVaoOnZJW
l3FWqulWKiXRk7+U30oOCY9eMabzU6K07L04DoOAz0f4v2t1K2qJrNmsEQxXQ2ZB
o80jYDSIznvHwCZRnoRYqe4TfQphD1ZqG9YgNDF5ucGoO51zYkldFN2CEpGBFkMr
aaBTNZqN
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:00 2025 by rpki-client