Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: nYw+YPTWX0LhoTnrxHiVtoQOvMoZ+finRPwoJOIO2U8=
Subject key identifier: CB:89:84:E3:43:3D:FF:09:44:78:0C:AB:BA:E1:45:D5:97:52:13:46
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1BD05257B8C5B127D0A3043CAAAE71B751610788
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
Signing time: Wed 17 Apr 2024 13:48:28 +0000
ROA not before: Wed 17 Apr 2024 13:43:28 +0000
ROA not after: Wed 16 Apr 2025 13:48:28 +0000
asID: 5065
IP address blocks: 179.61.147.0/24 maxlen: 24
179.61.203.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d0:52:57:b8:c5:b1:27:d0:a3:04:3c:aa:ae:71:b7:51:61:07:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 17 13:43:28 2024 GMT
Not After : Apr 16 13:48:28 2025 GMT
Subject: CN=CB8984E3433DFF0944780CABBAE145D597521346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:21:c3:55:05:89:38:6b:a0:6e:91:e2:c9:d5:
f8:a6:7b:84:a4:ad:c1:8d:9e:6e:3b:ee:26:f0:e1:
9b:51:09:9d:db:1f:18:bf:21:4c:d6:f2:2c:dd:a9:
a3:a3:d4:fe:42:55:60:e8:14:50:8d:ad:a0:7d:e8:
61:04:6e:a5:67:97:1d:b3:87:6a:e1:36:c5:96:c6:
ba:13:30:c3:d8:fd:eb:91:53:fe:59:bf:69:91:cd:
ba:88:25:c5:13:71:a0:4c:d8:5c:a9:f7:e8:3d:54:
93:65:4b:f5:38:78:55:10:ed:e8:3f:4c:15:17:a6:
75:59:60:d2:ed:e1:87:75:12:13:0a:67:cf:96:b9:
b7:0f:f4:13:ac:2b:a5:22:64:e4:45:83:eb:0d:99:
58:b9:f0:14:af:b5:4f:28:aa:f6:e2:4e:ef:3d:0c:
44:5c:22:e4:91:8a:98:bc:75:0f:2e:fa:fa:31:fe:
72:06:e9:fc:ea:d3:36:d9:a8:6f:68:87:5b:fe:e7:
28:41:b0:05:8d:7e:e5:52:b9:f8:df:99:3e:26:a5:
b3:ca:0b:22:9e:87:94:63:cf:90:04:22:3a:15:8f:
06:70:b9:b3:b2:45:88:eb:72:e3:25:6c:f2:6e:13:
a9:57:a1:a0:ec:9e:c4:0c:b2:cf:3f:d9:c9:44:66:
15:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:89:84:E3:43:3D:FF:09:44:78:0C:AB:BA:E1:45:D5:97:52:13:46
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.147.0/24
179.61.203.0/24
181.214.236.0/23
Signature Algorithm: sha256WithRSAEncryption
78:92:b1:d7:1e:0f:3f:01:98:46:8c:64:1a:3a:f0:d8:82:92:
14:f6:b3:1e:73:4b:97:69:bc:7d:9c:81:2f:2f:f2:30:40:0d:
5f:5e:96:2f:76:4d:8b:2b:23:a9:ad:9f:8b:5e:cc:f8:d0:6f:
f6:c6:e5:33:b2:4f:29:82:7b:81:02:5a:06:be:d7:91:c8:14:
68:a9:8a:c6:e8:9c:0e:a8:c3:dc:aa:6a:d9:69:25:a2:01:cc:
a8:ac:6a:ef:94:ca:f3:32:0b:70:a6:e3:ef:4c:06:37:0e:dd:
57:6b:56:30:f4:40:2c:90:ca:d0:2c:cd:aa:5c:ea:1b:0b:e8:
ee:09:29:8e:32:50:d2:c5:99:0a:0f:ee:55:07:60:f8:2f:98:
cb:52:46:48:f9:a4:4c:47:a0:4f:e8:d5:b1:d8:8e:33:65:96:
0f:6a:72:11:f9:d9:34:a5:74:14:3a:36:be:2c:d4:91:de:1b:
da:a1:0a:d0:a1:9d:a1:bb:dd:ba:d6:f0:a7:1c:f5:58:57:f5:
80:e6:d3:60:f5:cc:00:9c:52:e8:e0:c3:0c:63:fd:2d:71:0b:
d8:02:cc:3f:3c:ec:00:b3:dd:bd:fb:f1:ed:b8:10:1c:af:fe:
06:4b:a5:17:c2:c0:29:8d:9e:8c:72:b0:ae:f3:d5:1b:31:05:
8b:0a:84:0f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUG9BSV7jFsSfQowQ8qq5xt1FhB4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MTcxMzQzMjhaFw0yNTA0MTYxMzQ4MjhaMDMxMTAvBgNV
BAMTKENCODk4NEUzNDMzREZGMDk0NDc4MENBQkJBRTE0NUQ1OTc1MjEzNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiIcNVBYk4a6BukeLJ1fime4Sk
rcGNnm477ibw4ZtRCZ3bHxi/IUzW8izdqaOj1P5CVWDoFFCNraB96GEEbqVnlx2z
h2rhNsWWxroTMMPY/euRU/5Zv2mRzbqIJcUTcaBM2Fyp9+g9VJNlS/U4eFUQ7eg/
TBUXpnVZYNLt4Yd1EhMKZ8+WubcP9BOsK6UiZORFg+sNmVi58BSvtU8oqvbiTu89
DERcIuSRipi8dQ8u+vox/nIG6fzq0zbZqG9oh1v+5yhBsAWNfuVSufjfmT4mpbPK
CyKeh5Rjz5AEIjoVjwZwubOyRYjrcuMlbPJuE6lXoaDsnsQMss8/2clEZhVVAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQUy4mE40M9/wlEeAyruuFF1ZdSE0YwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALM9kwME
ALM9ywMEAbXW7DANBgkqhkiG9w0BAQsFAAOCAQEAeJKx1x4PPwGYRoxkGjrw2IKS
FPazHnNLl2m8fZyBLy/yMEANX16WL3ZNiysjqa2fi17M+NBv9sblM7JPKYJ7gQJa
Br7XkcgUaKmKxuicDqjD3Kpq2WklogHMqKxq75TK8zILcKbj70wGNw7dV2tWMPRA
LJDK0CzNqlzqGwvo7gkpjjJQ0sWZCg/uVQdg+C+Yy1JGSPmkTEegT+jVsdiOM2WW
D2pyEfnZNKV0FDo2vizUkd4b2qEK0KGdobvdutbwpxz1WFf1gObTYPXMAJxS6ODD
DGP9LXEL2ALMPzzsALPdvfvx7bgQHK/+BkulF8LAKY2ejHKwrvPVGzEFiwqEDw==
-----END CERTIFICATE-----
Generated at Sun May 5 17:05:53 2024 by rpki-client on console-ams.rpki-client.org