Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: lJM47WLAxCaRufMWlyECjW2/dx6yIQIDN2eFudm9QH8=
Subject key identifier: 0E:74:3D:14:03:F7:20:73:A2:A7:A5:76:AA:DB:62:3B:4D:1D:A6:C6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 404ED51BD959E2B605EB5A31B51B8C4AF0C2FD5C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
Signing time: Sun 16 Feb 2025 15:21:32 +0000
ROA not before: Sun 16 Feb 2025 15:16:32 +0000
ROA not after: Sun 15 Feb 2026 15:21:32 +0000
asID: 5065
IP address blocks: 82.21.64.0/24 maxlen: 24
82.21.154.0/24 maxlen: 24
82.21.162.0/24 maxlen: 24
82.21.170.0/24 maxlen: 24
82.21.180.0/24 maxlen: 24
82.21.192.0/24 maxlen: 24
82.21.194.0/24 maxlen: 24
82.21.198.0/24 maxlen: 24
82.21.207.0/24 maxlen: 24
82.22.199.0/24 maxlen: 24
82.24.194.0/24 maxlen: 24
82.29.7.0/24 maxlen: 24
82.29.20.0/24 maxlen: 24
82.29.37.0/24 maxlen: 24
82.29.46.0/24 maxlen: 24
82.29.55.0/24 maxlen: 24
82.29.68.0/24 maxlen: 24
82.29.77.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.90.0/24 maxlen: 24
82.29.91.0/24 maxlen: 24
82.29.99.0/24 maxlen: 24
82.29.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:4e:d5:1b:d9:59:e2:b6:05:eb:5a:31:b5:1b:8c:4a:f0:c2:fd:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 16 15:16:32 2025 GMT
Not After : Feb 15 15:21:32 2026 GMT
Subject: CN=0E743D1403F72073A2A7A576AADB623B4D1DA6C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:26:b6:f4:f8:f8:fe:a6:b6:a8:3f:90:fb:
b3:ab:75:4d:4e:72:16:1b:dc:5b:df:cb:e6:cb:ec:
5e:c5:77:9b:ea:3e:24:33:56:5b:dc:ec:66:4d:64:
a2:a3:80:e5:ee:6e:58:4e:49:2b:0b:be:a7:91:ff:
fc:3e:28:8c:d6:e8:ae:f3:63:58:9d:29:a7:83:7e:
6a:f4:44:6e:06:24:e6:e0:29:ff:7a:df:6e:3b:67:
a2:79:08:ba:4b:a9:85:2b:c7:f3:e3:2e:dc:e5:f3:
f9:c6:da:ed:d2:d8:82:b7:2d:59:f8:2c:cd:20:7e:
8e:26:01:59:01:57:b1:36:10:87:7a:21:6f:17:7b:
3c:34:ef:99:33:0f:d1:6b:b7:97:ee:0b:f7:f1:19:
92:29:22:2c:86:a8:f7:21:97:fa:65:37:68:93:1f:
30:ee:81:82:e9:b0:62:a5:63:6a:67:ea:d5:bf:55:
5c:ce:79:fe:c1:45:40:a5:e2:75:73:3c:32:fc:51:
07:0c:86:7d:6a:4a:52:8d:5e:b3:42:0f:fb:d2:ab:
9a:d6:c7:fe:ac:b2:9d:1d:8f:82:f6:57:28:e2:b0:
52:f0:a2:be:93:6a:39:e9:7a:e7:96:a8:1d:ed:cf:
20:ba:69:81:e1:d4:41:3e:8b:dd:f6:5f:f9:84:02:
32:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:74:3D:14:03:F7:20:73:A2:A7:A5:76:AA:DB:62:3B:4D:1D:A6:C6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.64.0/24
82.21.154.0/24
82.21.162.0/24
82.21.170.0/24
82.21.180.0/24
82.21.192.0/24
82.21.194.0/24
82.21.198.0/24
82.21.207.0/24
82.22.199.0/24
82.24.194.0/24
82.29.7.0/24
82.29.20.0/24
82.29.37.0/24
82.29.46.0/24
82.29.55.0/24
82.29.68.0/24
82.29.77.0-82.29.78.255
82.29.90.0/23
82.29.99.0/24
82.29.150.0/24
Signature Algorithm: sha256WithRSAEncryption
13:70:00:a5:f8:fc:dd:6b:ea:83:30:72:32:63:4d:ae:96:0b:
ab:aa:04:6a:48:5f:86:e4:74:18:50:f5:1b:6f:e3:68:94:5d:
4f:02:5d:8c:af:a1:d2:19:80:ae:d8:3d:c6:76:b5:3b:a6:19:
9f:72:8e:34:a7:53:87:32:ac:9a:a7:22:36:f6:ed:7e:8f:0f:
ca:ba:ed:2d:1c:43:98:85:06:e5:bc:68:8d:29:09:fa:79:27:
58:8b:3c:2c:16:e1:16:29:33:73:96:b3:2b:38:16:f6:aa:e8:
fc:56:cc:be:bb:1b:8d:d1:7d:de:10:0b:2b:df:38:27:be:93:
33:70:8a:9c:06:39:be:e5:97:d3:be:e3:f7:9a:7a:54:42:79:
96:9d:7e:53:f4:fa:a1:d3:0e:14:b9:84:66:d1:f8:70:83:db:
23:4a:40:1f:ef:d1:b0:e3:40:1a:43:b9:e6:cf:16:0e:71:b5:
ee:d4:67:c7:21:3d:3b:e1:e7:6b:f3:d4:71:30:92:36:b4:d5:
b8:8a:2e:cc:f2:27:6b:84:36:f3:a5:d8:ea:bd:11:3b:d4:4c:
fd:3d:cf:bb:45:57:9c:94:81:8e:3e:98:e6:e6:bc:86:98:c1:
e3:f3:6b:82:09:ed:55:53:7b:f2:3b:1d:7a:75:00:2c:bf:6d:
3a:95:a4:30
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUQE7VG9lZ4rYF61oxtRuMSvDC/VwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTYxNTE2MzJaFw0yNjAyMTUxNTIxMzJaMDMxMTAvBgNV
BAMTKDBFNzQzRDE0MDNGNzIwNzNBMkE3QTU3NkFBREI2MjNCNEQxREE2QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPtya29Pj4/qa2qD+Q+7OrdU1O
chYb3Fvfy+bL7F7Fd5vqPiQzVlvc7GZNZKKjgOXublhOSSsLvqeR//w+KIzW6K7z
Y1idKaeDfmr0RG4GJObgKf963247Z6J5CLpLqYUrx/PjLtzl8/nG2u3S2IK3LVn4
LM0gfo4mAVkBV7E2EId6IW8Xezw075kzD9Frt5fuC/fxGZIpIiyGqPchl/plN2iT
HzDugYLpsGKlY2pn6tW/VVzOef7BRUCl4nVzPDL8UQcMhn1qSlKNXrNCD/vSq5rW
x/6ssp0dj4L2VyjisFLwor6TajnpeueWqB3tzyC6aYHh1EE+i932X/mEAjLpAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUDnQ9FAP3IHOip6V2qttiO00dpsYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBowYIKwYBBQUHAQcBAf8EgZMwgZAwgY0EAgABMIGGAwQA
UhVAAwQAUhWaAwQAUhWiAwQAUhWqAwQAUhW0AwQAUhXAAwQAUhXCAwQAUhXGAwQA
UhXPAwQAUhbHAwQAUhjCAwQAUh0HAwQAUh0UAwQAUh0lAwQAUh0uAwQAUh03AwQA
Uh1EMAwDBABSHU0DBABSHU4DBAFSHVoDBABSHWMDBABSHZYwDQYJKoZIhvcNAQEL
BQADggEBABNwAKX4/N1r6oMwcjJjTa6WC6uqBGpIX4bkdBhQ9Rtv42iUXU8CXYyv
odIZgK7YPcZ2tTumGZ9yjjSnU4cyrJqnIjb27X6PD8q67S0cQ5iFBuW8aI0pCfp5
J1iLPCwW4RYpM3OWsys4Fvaq6PxWzL67G43Rfd4QCyvfOCe+kzNwipwGOb7ll9O+
4/eaelRCeZadflP0+qHTDhS5hGbR+HCD2yNKQB/v0bDjQBpDuebPFg5xte7UZ8ch
PTvh52vz1HEwkja01biKLszyJ2uENvOl2Oq9ETvUTP09z7tFV5yUgY4+mObmvIaY
wePza4IJ7VVTe/I7HXp1ACy/bTqVpDA=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:54 2025 by rpki-client