Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: zyUcyhIF1jDnLQaXQuwCgKL5WNKgzgJgmNwJANBLfhE=
Subject key identifier: BA:C1:DA:1D:F8:0A:B3:68:63:59:E3:6D:9A:88:54:09:DA:D0:7E:EF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1518E891C7BF93BA8709D064ED01724F2C418DCF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Thu 25 Jul 2024 06:40:47 +0000
ROA not before: Thu 25 Jul 2024 06:35:47 +0000
ROA not after: Thu 24 Jul 2025 06:40:47 +0000
asID: 5065
IP address blocks: 91.124.64.0/23 maxlen: 24
91.124.88.0/23 maxlen: 24
91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.174.0/23 maxlen: 24
91.124.184.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:18:e8:91:c7:bf:93:ba:87:09:d0:64:ed:01:72:4f:2c:41:8d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 25 06:35:47 2024 GMT
Not After : Jul 24 06:40:47 2025 GMT
Subject: CN=BAC1DA1DF80AB3686359E36D9A885409DAD07EEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:82:d2:f3:0c:52:73:19:17:24:56:51:bc:0f:
95:fb:e8:7a:ef:d7:06:b0:61:58:5b:e7:aa:84:7e:
a4:4d:11:a4:f8:f8:40:c6:e1:db:39:db:c4:77:e0:
21:e8:74:5a:3a:79:92:fa:bb:92:1f:a9:73:cc:5b:
00:9a:42:98:7b:23:67:73:bb:57:9a:3e:f9:83:ed:
53:4f:db:63:48:95:b1:4d:00:34:d2:2e:dc:28:4a:
39:7f:74:f2:43:f9:5c:78:4a:58:0d:07:fa:d1:3d:
0c:82:57:90:14:7b:ee:5e:f4:ae:8e:6e:aa:8c:dd:
1d:97:7b:e6:21:c7:7b:a3:66:12:88:87:25:bf:4b:
b6:2c:da:ca:83:16:6d:5c:3e:d6:36:90:70:4b:67:
e6:b4:3b:4f:a2:32:57:d7:1f:46:ef:2f:b4:dd:e7:
31:c4:64:cc:38:e7:c3:9d:76:33:08:97:08:9d:8a:
cc:db:f5:04:6b:09:4d:ec:1e:39:40:fd:2f:30:7e:
da:d6:ea:65:5a:f5:f4:3d:41:eb:5c:c0:57:91:9f:
0e:32:b2:ec:45:47:d8:a7:3f:5c:55:86:74:ba:8e:
ac:47:7e:59:6f:ac:7c:6b:0b:b4:51:83:06:57:27:
dd:b9:e3:7e:01:67:2c:0c:78:a0:38:28:cd:b5:12:
cd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C1:DA:1D:F8:0A:B3:68:63:59:E3:6D:9A:88:54:09:DA:D0:7E:EF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.64.0/23
91.124.88.0/23
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.174.0/23
91.124.184.0/23
91.124.202.0/23
91.124.210.0/23
Signature Algorithm: sha256WithRSAEncryption
23:90:28:28:14:73:0b:81:2c:12:e9:d0:4b:06:2f:f5:7d:65:
27:9a:b2:75:f7:a2:69:47:b6:82:73:9a:60:39:7d:e0:f2:81:
34:e8:a0:fa:55:38:4c:7b:41:0a:c8:b9:a2:c8:b0:26:70:66:
a3:7f:c7:54:29:61:ef:a1:27:7e:27:5f:ac:4f:a5:d8:7c:e5:
6b:d3:dd:7c:ad:d3:29:bf:83:e2:56:60:05:a6:f6:65:58:b2:
51:35:a9:c6:f0:3a:66:24:6c:ac:b3:ae:f6:43:19:86:28:1f:
1a:03:3d:9c:e2:b2:09:5f:16:aa:fb:d7:7a:87:79:fb:37:04:
2d:df:70:6d:5e:59:0e:a1:b8:63:2c:54:04:09:dc:de:74:1c:
44:06:08:e8:b3:bb:bb:96:c1:82:06:b0:07:49:bd:a0:ea:3f:
cb:9a:ac:d4:fb:91:87:1a:05:6f:3e:60:6a:77:fd:bf:0d:53:
ba:9e:cf:c6:7a:87:be:c9:ce:a5:ca:a7:88:a4:f3:5e:ff:30:
ac:6d:a4:21:7b:86:8a:ff:b2:68:8f:c7:23:c1:f8:be:26:ba:
67:41:e8:d2:47:f4:3f:d4:57:00:5d:23:d3:b6:b6:6d:c3:31:
d6:18:ab:cf:b6:e3:f6:0e:79:59:a4:44:64:07:9a:8a:57:d7:
03:2e:27:f2
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUFRjokce/k7qHCdBk7QFyTyxBjc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA3MjUwNjM1NDdaFw0yNTA3MjQwNjQwNDdaMDMxMTAvBgNV
BAMTKEJBQzFEQTFERjgwQUIzNjg2MzU5RTM2RDlBODg1NDA5REFEMDdFRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDugtLzDFJzGRckVlG8D5X76Hrv
1wawYVhb56qEfqRNEaT4+EDG4ds528R34CHodFo6eZL6u5IfqXPMWwCaQph7I2dz
u1eaPvmD7VNP22NIlbFNADTSLtwoSjl/dPJD+Vx4SlgNB/rRPQyCV5AUe+5e9K6O
bqqM3R2Xe+Yhx3ujZhKIhyW/S7Ys2sqDFm1cPtY2kHBLZ+a0O0+iMlfXH0bvL7Td
5zHEZMw458OddjMIlwidiszb9QRrCU3sHjlA/S8wftrW6mVa9fQ9QetcwFeRnw4y
suxFR9inP1xVhnS6jqxHfllvrHxrC7RRgwZXJ925434BZywMeKA4KM21Es0lAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUusHaHfgKs2hjWeNtmohUCdrQfu8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAVt8QAME
AVt8WAMEAVt8fAMEAVt8iAMEAVt8jgMEAVt8lgMEAVt8rgMEAVt8uAMEAVt8ygME
AVt80jANBgkqhkiG9w0BAQsFAAOCAQEAI5AoKBRzC4EsEunQSwYv9X1lJ5qydfei
aUe2gnOaYDl94PKBNOig+lU4THtBCsi5osiwJnBmo3/HVClh76EnfidfrE+l2Hzl
a9PdfK3TKb+D4lZgBab2ZViyUTWpxvA6ZiRsrLOu9kMZhigfGgM9nOKyCV8WqvvX
eod5+zcELd9wbV5ZDqG4YyxUBAnc3nQcRAYI6LO7u5bBggawB0m9oOo/y5qs1PuR
hxoFbz5ganf9vw1Tup7PxnqHvsnOpcqniKTzXv8wrG2kIXuGiv+yaI/HI8H4via6
Z0Ho0kf0P9RXAF0j07a2bcMx1hirz7bj9g55WaREZAeailfXAy4n8g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org