Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: NnQZohNqd1olGXksByc77E4FIXg7xPu85M2f6oLvjgA=
Subject key identifier: 61:C8:87:A8:13:70:10:2F:7F:3F:31:7E:34:F0:ED:AE:B7:A5:7C:8A
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 25772AB5041B49398D2139A4A57D3A4F9A62E82D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Tue 26 Mar 2024 16:23:04 +0000
ROA not before: Tue 26 Mar 2024 16:18:04 +0000
ROA not after: Tue 25 Mar 2025 16:23:04 +0000
asID: 5065
IP address blocks: 91.124.64.0/23 maxlen: 24
91.124.88.0/23 maxlen: 24
91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.174.0/23 maxlen: 24
91.124.184.0/23 maxlen: 24
91.124.194.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
91.124.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:77:2a:b5:04:1b:49:39:8d:21:39:a4:a5:7d:3a:4f:9a:62:e8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 26 16:18:04 2024 GMT
Not After : Mar 25 16:23:04 2025 GMT
Subject: CN=61C887A81370102F7F3F317E34F0EDAEB7A57C8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0d:e2:a9:42:46:1e:b4:23:02:e8:87:a1:be:
92:c8:d7:b5:a9:b8:e4:dd:43:2d:6a:89:7b:d8:9b:
66:bd:4e:aa:0b:8c:1a:4b:a6:62:59:c2:39:67:39:
7a:f5:3d:eb:b8:a7:e3:98:63:3c:da:91:ff:ec:81:
7c:0a:a0:08:5d:5a:85:ef:6a:c2:4a:eb:10:c6:33:
4b:4b:a3:18:9e:f4:12:64:1f:2b:46:b7:74:01:b1:
7f:0f:a8:c8:20:1b:b9:4f:88:79:ab:d4:0a:fd:fd:
05:7c:44:cb:d2:c3:93:d5:c3:d3:a5:15:18:fa:da:
b2:ad:6b:bb:cd:46:45:5e:32:ea:2c:f4:0c:e2:9c:
f2:09:e5:0e:96:17:1f:bd:32:5a:1b:93:f6:93:96:
09:92:a3:43:21:ef:21:c2:a2:06:6a:72:fa:08:2a:
f3:bd:43:4e:e8:68:6e:12:92:23:94:1a:5b:37:14:
8f:9b:47:f9:f0:7e:2b:4e:f2:be:6a:c1:4f:36:f0:
3e:09:5d:4f:38:c8:0b:47:46:b5:bc:aa:25:0a:90:
b2:37:33:3e:a1:72:36:f5:aa:e9:0e:53:70:27:09:
74:eb:87:1a:97:bb:33:d0:45:7a:b1:67:ae:7d:b0:
19:e8:24:32:70:45:55:eb:86:9f:d0:96:9e:0f:25:
12:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C8:87:A8:13:70:10:2F:7F:3F:31:7E:34:F0:ED:AE:B7:A5:7C:8A
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.64.0/23
91.124.88.0/23
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.174.0/23
91.124.184.0/23
91.124.194.0/23
91.124.202.0/23
91.124.210.0/23
91.124.222.0/23
Signature Algorithm: sha256WithRSAEncryption
49:cc:e8:37:a7:dc:16:2d:85:e9:c6:90:47:43:2f:2d:89:e1:
6b:c3:30:aa:f7:62:21:9f:bb:02:9c:62:4f:73:48:cc:04:02:
17:df:6c:1c:01:04:a1:19:c3:8c:c2:d2:0b:c6:57:5f:10:06:
b9:22:73:a6:23:e8:73:46:92:1e:d1:e7:47:09:7e:77:9d:ec:
3d:d3:09:6a:1c:58:46:83:cd:7a:fd:0c:31:b5:9b:c0:bb:65:
8d:6c:1b:a5:01:0f:fd:4e:41:ec:1d:13:f8:ed:33:d5:bb:93:
f5:7c:9f:46:ec:53:5f:62:72:e2:4a:57:dd:5c:03:c8:09:4f:
cf:f8:37:76:19:29:4b:01:31:12:06:c2:2d:e4:ff:84:fb:1b:
c5:86:30:f7:6a:3b:2d:85:58:a7:67:2c:b2:99:9f:4b:dc:14:
6b:ab:a6:34:20:01:11:87:e8:9a:22:4c:48:4a:84:32:7f:25:
2a:6c:fd:9d:8e:d9:50:96:ed:fd:97:5a:fb:dc:7d:f2:f9:60:
ba:91:e5:cf:a6:9b:4a:ca:a7:db:af:49:a9:ef:1b:21:6d:26:
c5:3a:a3:af:11:d2:98:ba:f0:cb:0a:89:4a:d2:3a:ac:c5:de:
eb:37:d1:7b:97:89:18:a9:c6:5e:21:cf:36:42:cd:4a:91:00:
d9:ec:db:f1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJXcqtQQbSTmNITmkpX06T5pi6C0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAzMjYxNjE4MDRaFw0yNTAzMjUxNjIzMDRaMDMxMTAvBgNV
BAMTKDYxQzg4N0E4MTM3MDEwMkY3RjNGMzE3RTM0RjBFREFFQjdBNTdDOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBDeKpQkYetCMC6IehvpLI17Wp
uOTdQy1qiXvYm2a9TqoLjBpLpmJZwjlnOXr1Peu4p+OYYzzakf/sgXwKoAhdWoXv
asJK6xDGM0tLoxie9BJkHytGt3QBsX8PqMggG7lPiHmr1Ar9/QV8RMvSw5PVw9Ol
FRj62rKta7vNRkVeMuos9AzinPIJ5Q6WFx+9Mlobk/aTlgmSo0Mh7yHCogZqcvoI
KvO9Q07oaG4SkiOUGls3FI+bR/nwfitO8r5qwU828D4JXU84yAtHRrW8qiUKkLI3
Mz6hcjb1qukOU3AnCXTrhxqXuzPQRXqxZ659sBnoJDJwRVXrhp/Qlp4PJRInAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUYciHqBNwEC9/PzF+NPDtrrelfIowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAVt8QAME
AVt8WAMEAVt8fAMEAVt8iAMEAVt8jgMEAVt8lgMEAVt8rgMEAVt8uAMEAVt8wgME
AVt8ygMEAVt80gMEAVt83jANBgkqhkiG9w0BAQsFAAOCAQEASczoN6fcFi2F6caQ
R0MvLYnha8MwqvdiIZ+7ApxiT3NIzAQCF99sHAEEoRnDjMLSC8ZXXxAGuSJzpiPo
c0aSHtHnRwl+d53sPdMJahxYRoPNev0MMbWbwLtljWwbpQEP/U5B7B0T+O0z1buT
9XyfRuxTX2Jy4kpX3VwDyAlPz/g3dhkpSwExEgbCLeT/hPsbxYYw92o7LYVYp2cs
spmfS9wUa6umNCABEYfomiJMSEqEMn8lKmz9nY7ZUJbt/Zda+9x98vlgupHlz6ab
Ssqn269Jqe8bIW0mxTqjrxHSmLrwywqJStI6rMXe6zfRe5eJGKnGXiHPNkLNSpEA
2ezb8Q==
-----END CERTIFICATE-----
Generated at Sun May 5 03:54:05 2024 by rpki-client on console-fra.rpki-client.org