Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: rZEya56ybJ1OY7gcJ228V1ustmPt/LiVYiUJojR3IsY=
Subject key identifier: C4:A7:E0:57:DE:B0:12:46:E0:C1:CF:43:6C:AE:3C:3F:BB:74:0E:7D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 500C4BE49DFC2BEA9A699425455E7DDFCCC2D13E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
Signing time: Sat 26 Apr 2025 17:58:03 +0000
ROA not before: Sat 26 Apr 2025 17:53:03 +0000
ROA not after: Sat 25 Apr 2026 17:58:03 +0000
asID: 5065
IP address blocks: 179.61.157.0/24 maxlen: 24
179.61.203.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.212.0/23 maxlen: 24
185.139.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:0c:4b:e4:9d:fc:2b:ea:9a:69:94:25:45:5e:7d:df:cc:c2:d1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 26 17:53:03 2025 GMT
Not After : Apr 25 17:58:03 2026 GMT
Subject: CN=C4A7E057DEB01246E0C1CF436CAE3C3FBB740E7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:e2:07:91:f4:7b:50:36:7a:ef:76:4b:da:
bc:3f:39:9c:9e:79:63:22:ab:c7:7a:7f:ca:9c:6b:
1c:d8:fc:78:65:88:e4:d5:52:d2:08:dd:7f:6f:e7:
24:cb:5f:e8:d4:c8:ee:5c:b3:49:5c:e0:c2:ff:20:
60:5e:c9:98:4b:09:1d:96:84:40:ad:2a:b0:d6:9c:
38:02:d9:1b:f6:76:9d:da:32:d3:99:c9:fe:69:a7:
2f:92:49:33:89:ed:87:aa:7a:f1:30:14:b5:70:70:
a4:f7:36:59:65:4b:c3:bd:9d:f8:9e:aa:60:e7:f4:
75:22:5d:45:e5:29:fd:3f:ae:ee:f8:d7:ba:35:f9:
b9:b9:a6:a6:78:2a:03:57:ab:6f:5d:2a:a2:d9:24:
4d:bd:29:0f:44:e9:9c:ee:4d:6f:1c:e7:ad:3e:14:
40:38:fe:24:f5:c7:fe:7b:67:2c:9c:90:43:8d:0c:
7a:cd:86:4d:e3:48:39:c2:91:5e:0d:db:11:ec:c1:
1f:2e:21:94:cb:51:23:1a:d7:84:24:9a:ff:02:48:
2e:95:89:fe:46:b0:1b:cc:b3:58:24:34:e9:30:73:
2e:99:56:03:bf:1d:53:ab:f7:a9:8d:7a:83:4e:eb:
27:76:42:4c:f2:5e:6c:cf:7c:39:74:ca:d6:36:5b:
d4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A7:E0:57:DE:B0:12:46:E0:C1:CF:43:6C:AE:3C:3F:BB:74:0E:7D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.157.0/24
179.61.203.0/24
181.215.64.0/24
181.215.212.0/23
185.139.238.0/24
Signature Algorithm: sha256WithRSAEncryption
03:27:38:e2:31:86:41:e7:52:b6:c8:a5:9e:c1:c5:cd:d3:03:
f0:aa:ab:9a:51:e5:f9:ff:88:34:9a:d4:89:e2:48:10:e7:74:
e9:a9:f1:96:28:23:66:77:e5:52:48:86:42:f3:48:7e:5e:4b:
84:15:74:1e:4e:8d:f7:97:f8:33:98:2a:27:27:3e:02:f0:82:
51:53:cf:d3:15:37:48:eb:19:f2:96:1d:8b:64:94:63:3a:6c:
6a:ff:60:af:cd:ac:f5:94:01:d8:c8:63:59:f3:6a:7e:1f:a7:
da:aa:51:98:11:3e:2b:0e:1c:97:0b:54:69:3f:5b:20:1c:9e:
74:25:10:22:50:87:c0:56:5b:01:54:df:e5:3f:40:9f:8b:a0:
b6:7c:c9:08:d3:ed:a2:b9:c3:95:5f:1b:9c:1c:63:98:f7:ec:
54:16:f9:7e:44:88:c6:a2:41:ea:80:3a:fa:1d:25:4c:ef:37:
9a:39:f6:59:6e:36:75:45:dc:61:08:50:d8:25:74:b2:2e:38:
3f:2f:b3:5c:34:fa:8d:16:33:3b:03:3a:89:a6:9f:44:01:68:
9a:ae:35:a8:0c:a1:b9:6c:65:69:18:68:f2:d9:2b:b4:e3:28:
f1:76:db:ee:dc:13:33:6c:d5:da:63:88:d6:ee:f3:f0:c4:ab:
82:8e:50:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUUAxL5J38K+qaaZQlRV5938zC0T4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA0MjYxNzUzMDNaFw0yNjA0MjUxNzU4MDNaMDMxMTAvBgNV
BAMTKEM0QTdFMDU3REVCMDEyNDZFMEMxQ0Y0MzZDQUUzQzNGQkI3NDBFN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoFuIHkfR7UDZ673ZL2rw/OZye
eWMiq8d6f8qcaxzY/HhliOTVUtII3X9v5yTLX+jUyO5cs0lc4ML/IGBeyZhLCR2W
hECtKrDWnDgC2Rv2dp3aMtOZyf5ppy+SSTOJ7YeqevEwFLVwcKT3NlllS8O9nfie
qmDn9HUiXUXlKf0/ru7417o1+bm5pqZ4KgNXq29dKqLZJE29KQ9E6ZzuTW8c560+
FEA4/iT1x/57ZyyckEONDHrNhk3jSDnCkV4N2xHswR8uIZTLUSMa14Qkmv8CSC6V
if5GsBvMs1gkNOkwcy6ZVgO/HVOr96mNeoNO6yd2QkzyXmzPfDl0ytY2W9TZAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUxKfgV96wEkbgwc9DbK48P7t0Dn0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEALM9nQME
ALM9ywMEALXXQAMEAbXX1AMEALmL7jANBgkqhkiG9w0BAQsFAAOCAQEAAyc44jGG
QedStsilnsHFzdMD8KqrmlHl+f+INJrUieJIEOd06anxligjZnflUkiGQvNIfl5L
hBV0Hk6N95f4M5gqJyc+AvCCUVPP0xU3SOsZ8pYdi2SUYzpsav9gr82s9ZQB2Mhj
WfNqfh+n2qpRmBE+Kw4clwtUaT9bIByedCUQIlCHwFZbAVTf5T9An4ugtnzJCNPt
ornDlV8bnBxjmPfsVBb5fkSIxqJB6oA6+h0lTO83mjn2WW42dUXcYQhQ2CV0si44
Py+zXDT6jRYzOwM6iaafRAFomq41qAyhuWxlaRho8tkrtOMo8Xbb7twTM2zV2mOI
1u7z8MSrgo5Qag==
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:19:23 2025 by rpki-client