Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: dt3Y7Q0FgyV2z57+1bBItqSLN/LWikbfQr/BgCo2Htg=
Subject key identifier: DE:7E:00:8B:F5:DD:76:D5:40:DE:54:0E:70:CC:EA:2F:83:F4:ED:A4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 31BF7EE53359E4E0771EE84FDA6580AD2BA4AF95
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
Signing time: Mon 11 Nov 2024 06:02:57 +0000
ROA not before: Mon 11 Nov 2024 05:57:57 +0000
ROA not after: Mon 10 Nov 2025 06:02:57 +0000
asID: 5065
IP address blocks: 85.208.72.0/24 maxlen: 24
179.61.157.0/24 maxlen: 24
179.61.203.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:bf:7e:e5:33:59:e4:e0:77:1e:e8:4f:da:65:80:ad:2b:a4:af:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 11 05:57:57 2024 GMT
Not After : Nov 10 06:02:57 2025 GMT
Subject: CN=DE7E008BF5DD76D540DE540E70CCEA2F83F4EDA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3a:61:71:01:26:9b:48:bd:0b:86:c2:3a:1d:
cc:92:04:00:65:6b:8f:0f:59:7d:96:f1:59:31:18:
5d:9e:1e:6d:0f:f4:19:20:04:e9:1f:5b:31:68:5c:
3d:1f:6c:2f:51:8c:16:3a:56:90:19:3e:d4:f1:ce:
df:08:e9:92:94:ce:6c:57:ea:cf:4d:c8:c3:e2:89:
2c:6e:d2:00:94:2b:f4:5e:93:37:75:d1:6f:a9:0f:
62:13:a8:5e:0e:f0:3a:24:ba:b0:a5:88:cd:e5:5e:
2b:c1:10:38:00:6b:53:b6:f3:cb:75:a7:f7:0a:f8:
92:e8:6c:8a:a3:f5:00:e5:a2:bd:fa:bf:2e:78:41:
38:7b:cb:85:e0:55:07:11:af:06:56:b4:d5:cf:34:
de:2c:2e:73:0c:7a:1b:94:f7:eb:40:5d:f4:29:70:
2b:7d:3d:9e:f6:05:8d:c0:52:5a:5e:68:7d:ff:34:
23:9b:0b:03:ad:e7:9a:ad:8a:88:f2:ad:1b:99:07:
92:94:53:97:83:da:a8:e2:1c:98:38:f2:96:f4:17:
04:bd:46:1e:d2:ae:6d:12:34:3b:4d:8c:ef:60:d2:
4a:1e:f5:20:6f:e2:7c:ce:82:1e:54:97:a8:3b:ae:
c0:29:5b:72:ba:2c:e5:0d:22:6d:f6:2a:22:a9:fa:
ab:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7E:00:8B:F5:DD:76:D5:40:DE:54:0E:70:CC:EA:2F:83:F4:ED:A4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.72.0/24
179.61.157.0/24
179.61.203.0/24
181.215.64.0/24
181.215.212.0/23
Signature Algorithm: sha256WithRSAEncryption
59:b6:74:c3:51:50:af:7a:a4:28:85:04:a1:89:66:4e:cd:ac:
52:45:d0:f5:52:6f:a2:94:94:54:69:b1:a3:22:17:a5:32:9d:
b7:0c:a0:31:fa:cb:8b:78:a5:95:b5:bc:6a:24:1f:69:c5:2e:
4b:8f:32:61:d7:43:81:be:7a:7f:a1:fe:17:b5:2b:d9:7f:9e:
cf:61:fb:53:50:ed:9a:6e:d6:d5:15:f5:82:a3:0d:8e:7d:81:
d3:b4:57:2f:62:9e:61:1a:74:78:39:2c:59:bb:47:7c:f8:ec:
0d:18:6a:d9:a6:bb:51:11:a7:82:5c:68:dc:c6:7f:bb:57:c7:
3e:3b:58:ed:0b:b9:ad:c0:c4:f2:1e:e7:31:ab:a4:2c:b9:99:
ba:ec:23:02:39:8d:40:53:68:10:d6:02:e3:a6:86:09:20:85:
8e:6d:6e:5e:29:93:fe:73:1a:0e:72:75:8d:65:74:00:0e:7c:
ba:83:10:c0:50:6b:69:65:b1:c6:80:7e:7b:dd:02:3b:ae:d6:
42:2b:aa:8d:9a:86:df:60:3a:48:ee:ef:15:96:12:73:1f:d3:
19:6f:e9:7e:ed:e1:ee:6a:85:86:65:08:3e:de:1d:7d:a9:01:
5c:d5:d3:0e:bd:0e:c7:44:d6:f5:c3:5b:4d:e7:61:1c:dd:c3:
f8:48:50:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUMb9+5TNZ5OB3HuhP2mWArSukr5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMTEwNTU3NTdaFw0yNTExMTAwNjAyNTdaMDMxMTAvBgNV
BAMTKERFN0UwMDhCRjVERDc2RDU0MERFNTQwRTcwQ0NFQTJGODNGNEVEQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjOmFxASabSL0LhsI6HcySBABl
a48PWX2W8VkxGF2eHm0P9BkgBOkfWzFoXD0fbC9RjBY6VpAZPtTxzt8I6ZKUzmxX
6s9NyMPiiSxu0gCUK/Rekzd10W+pD2ITqF4O8DokurCliM3lXivBEDgAa1O288t1
p/cK+JLobIqj9QDlor36vy54QTh7y4XgVQcRrwZWtNXPNN4sLnMMehuU9+tAXfQp
cCt9PZ72BY3AUlpeaH3/NCObCwOt55qtiojyrRuZB5KUU5eD2qjiHJg48pb0FwS9
Rh7Srm0SNDtNjO9g0koe9SBv4nzOgh5Ul6g7rsApW3K6LOUNIm32KiKp+qsbAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQU3n4Ai/XddtVA3lQOcMzqL4P07aQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFXQSAME
ALM9nQMEALM9ywMEALXXQAMEAbXX1DANBgkqhkiG9w0BAQsFAAOCAQEAWbZ0w1FQ
r3qkKIUEoYlmTs2sUkXQ9VJvopSUVGmxoyIXpTKdtwygMfrLi3illbW8aiQfacUu
S48yYddDgb56f6H+F7Ur2X+ez2H7U1Dtmm7W1RX1gqMNjn2B07RXL2KeYRp0eDks
WbtHfPjsDRhq2aa7URGnglxo3MZ/u1fHPjtY7Qu5rcDE8h7nMaukLLmZuuwjAjmN
QFNoENYC46aGCSCFjm1uXimT/nMaDnJ1jWV0AA58uoMQwFBraWWxxoB+e90CO67W
QiuqjZqG32A6SO7vFZYScx/TGW/pfu3h7mqFhmUIPt4dfakBXNXTDr0Ox0TW9cNb
TedhHN3D+EhQsw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:12 2024 by rpki-client on console-fra.rpki-client.org