Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: 6nHT+SA58aa6Tvc3msQv365vMlSl69ky6aZfWOXpz14=
Subject key identifier: 23:3C:98:5F:DF:8F:5C:1F:1E:FA:B6:70:7C:30:3C:9E:95:CE:15:2A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0827DC67A034498763BC1D87C996D923AC84336B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
Signing time: Sun 02 Feb 2025 05:32:07 +0000
ROA not before: Sun 02 Feb 2025 05:27:07 +0000
ROA not after: Sun 01 Feb 2026 05:32:07 +0000
asID: 5065
IP address blocks: 82.21.64.0/24 maxlen: 24
82.21.109.0/24 maxlen: 24
82.21.118.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.154.0/24 maxlen: 24
82.21.162.0/24 maxlen: 24
82.21.170.0/24 maxlen: 24
82.21.180.0/24 maxlen: 24
82.21.192.0/24 maxlen: 24
82.21.194.0/24 maxlen: 24
82.21.198.0/24 maxlen: 24
82.21.207.0/24 maxlen: 24
82.22.199.0/24 maxlen: 24
82.24.194.0/24 maxlen: 24
82.29.7.0/24 maxlen: 24
82.29.20.0/24 maxlen: 24
82.29.37.0/24 maxlen: 24
82.29.46.0/24 maxlen: 24
82.29.55.0/24 maxlen: 24
82.29.68.0/24 maxlen: 24
82.29.77.0/24 maxlen: 24
82.29.90.0/24 maxlen: 24
82.29.91.0/24 maxlen: 24
82.29.99.0/24 maxlen: 24
82.29.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:27:dc:67:a0:34:49:87:63:bc:1d:87:c9:96:d9:23:ac:84:33:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 2 05:27:07 2025 GMT
Not After : Feb 1 05:32:07 2026 GMT
Subject: CN=233C985FDF8F5C1F1EFAB6707C303C9E95CE152A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6c:9b:d1:f4:00:e0:37:79:a5:81:63:5b:97:
64:5d:2a:f7:6a:26:84:4a:2b:7e:86:f5:51:56:d4:
d0:5c:60:78:5c:1b:2b:7a:f0:27:a3:8f:e8:25:ed:
a8:0c:1e:ea:1f:ac:ee:30:fe:47:2a:ff:8e:9c:71:
d0:5a:36:26:07:05:b4:74:c5:dd:3b:fd:ae:a7:1c:
58:b4:4f:25:d3:5f:f1:72:c0:5c:10:39:4f:5b:0d:
46:f6:18:ec:6a:92:e7:1c:a2:6e:11:61:e6:5c:f7:
43:f7:d4:f9:c7:39:51:12:a3:6c:a9:41:26:7b:9e:
6b:49:23:0d:3b:d2:f4:95:6b:74:d9:f0:ff:ad:6c:
04:12:ba:d6:17:70:0e:ce:30:9a:5a:16:d9:7f:0a:
49:1e:3b:33:1d:16:f2:cf:a4:6a:b9:ca:ae:7c:c1:
64:b2:f8:7a:2c:7b:45:d0:1f:21:42:af:4b:dd:94:
4f:91:38:5d:5e:41:b1:ee:60:04:23:75:86:1c:ea:
1d:e4:87:58:23:70:76:b9:e6:33:9a:b1:d8:2e:cb:
15:e8:b5:18:a2:41:74:93:9c:2f:c4:b7:e0:80:cb:
8c:57:89:de:0e:1a:9f:3a:97:73:1c:91:f9:39:f0:
fb:fb:e5:31:c5:48:99:02:44:e0:6a:35:7f:85:09:
2d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3C:98:5F:DF:8F:5C:1F:1E:FA:B6:70:7C:30:3C:9E:95:CE:15:2A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.64.0/24
82.21.109.0/24
82.21.118.0/24
82.21.133.0/24
82.21.154.0/24
82.21.162.0/24
82.21.170.0/24
82.21.180.0/24
82.21.192.0/24
82.21.194.0/24
82.21.198.0/24
82.21.207.0/24
82.22.199.0/24
82.24.194.0/24
82.29.7.0/24
82.29.20.0/24
82.29.37.0/24
82.29.46.0/24
82.29.55.0/24
82.29.68.0/24
82.29.77.0/24
82.29.90.0/23
82.29.99.0/24
82.29.150.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:36:ea:7e:59:7a:20:78:25:0d:74:e4:84:16:cb:45:30:b2:
be:11:15:51:80:7b:24:38:9d:1a:05:ee:5e:7b:c0:97:ec:af:
08:73:69:64:51:03:13:be:68:9e:32:e6:ff:11:53:83:d2:71:
7e:90:af:75:61:2a:5d:2e:48:24:4e:1f:56:7a:fe:58:1c:23:
a6:4c:8d:1e:6b:bb:0a:3f:8f:d6:48:f3:27:b8:53:69:b8:d5:
58:93:b5:fc:94:5e:17:c5:8f:bb:30:be:a5:cd:7b:34:78:14:
78:7a:9b:f7:eb:93:7c:fd:d2:ab:5c:51:5c:85:60:f4:e7:be:
a1:88:60:59:5a:1c:50:d1:b1:99:89:b7:d8:b9:92:27:6b:c8:
da:2c:6e:75:06:21:bd:ac:38:9d:12:00:99:50:eb:ac:0b:3c:
2d:f4:15:ac:3f:41:34:75:15:f2:33:4e:af:23:1f:ec:30:45:
f9:8d:ca:ad:4d:22:d3:0d:cd:68:78:7a:f7:03:f2:a6:59:c4:
e7:97:a0:71:79:60:7a:46:02:42:13:fc:be:62:c3:de:1e:c9:
f8:51:0d:fa:dd:a5:97:c0:0e:be:bd:00:e3:a0:cd:11:c2:26:
c3:bc:bb:76:7c:c4:10:1f:37:49:44:39:9c:1e:3a:fa:18:98:
d7:81:cc:5c
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIUCCfcZ6A0SYdjvB2HyZbZI6yEM2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDIwNTI3MDdaFw0yNjAyMDEwNTMyMDdaMDMxMTAvBgNV
BAMTKDIzM0M5ODVGREY4RjVDMUYxRUZBQjY3MDdDMzAzQzlFOTVDRTE1MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhbJvR9ADgN3mlgWNbl2RdKvdq
JoRKK36G9VFW1NBcYHhcGyt68Cejj+gl7agMHuofrO4w/kcq/46ccdBaNiYHBbR0
xd07/a6nHFi0TyXTX/FywFwQOU9bDUb2GOxqkuccom4RYeZc90P31PnHOVESo2yp
QSZ7nmtJIw070vSVa3TZ8P+tbAQSutYXcA7OMJpaFtl/CkkeOzMdFvLPpGq5yq58
wWSy+Hose0XQHyFCr0vdlE+ROF1eQbHuYAQjdYYc6h3kh1gjcHa55jOasdguyxXo
tRiiQXSTnC/Et+CAy4xXid4OGp86l3Mckfk58Pv75THFSJkCROBqNX+FCS3TAgMB
AAGjggKXMIICkzAdBgNVHQ4EFgQUIzyYX9+PXB8e+rZwfDA8npXOFSowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrQYIKwYBBQUHAQcBAf8EgZ0wgZowgZcEAgABMIGQAwQA
UhVAAwQAUhVtAwQAUhV2AwQAUhWFAwQAUhWaAwQAUhWiAwQAUhWqAwQAUhW0AwQA
UhXAAwQAUhXCAwQAUhXGAwQAUhXPAwQAUhbHAwQAUhjCAwQAUh0HAwQAUh0UAwQA
Uh0lAwQAUh0uAwQAUh03AwQAUh1EAwQAUh1NAwQBUh1aAwQAUh1jAwQAUh2WMA0G
CSqGSIb3DQEBCwUAA4IBAQCdNup+WXogeCUNdOSEFstFMLK+ERVRgHskOJ0aBe5e
e8CX7K8Ic2lkUQMTvmieMub/EVOD0nF+kK91YSpdLkgkTh9Wev5YHCOmTI0ea7sK
P4/WSPMnuFNpuNVYk7X8lF4XxY+7ML6lzXs0eBR4epv365N8/dKrXFFchWD0576h
iGBZWhxQ0bGZibfYuZIna8jaLG51BiG9rDidEgCZUOusCzwt9BWsP0E0dRXyM06v
Ix/sMEX5jcqtTSLTDc1oeHr3A/KmWcTnl6BxeWB6RgJCE/y+YsPeHsn4UQ363aWX
wA6+vQDjoM0RwibDvLt2fMQQHzdJRDmcHjr6GJjXgcxc
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:59 2025 by rpki-client