Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: JeYG+k/r7qxecWYNlXy9cZhV6WgWUM/z6ycTyHsC6O0=
Subject key identifier: 13:5B:F3:42:8A:B7:94:7D:F5:16:78:9F:21:DA:3D:E3:0B:F0:97:81
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6175BCC530486B691C65BFF782A1048B3D401A91
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Wed 28 May 2025 00:01:09 +0000
ROA not before: Tue 27 May 2025 23:56:09 +0000
ROA not after: Wed 27 May 2026 00:01:09 +0000
asID: 5065
IP address blocks: 91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
92.112.158.0/24 maxlen: 24
95.134.104.0/21 maxlen: 24
95.134.152.0/21 maxlen: 24
95.135.0.0/23 maxlen: 24
95.135.6.0/23 maxlen: 24
95.135.12.0/23 maxlen: 24
95.135.18.0/23 maxlen: 24
95.135.24.0/23 maxlen: 24
95.135.30.0/23 maxlen: 24
95.135.36.0/23 maxlen: 24
95.135.42.0/23 maxlen: 24
95.135.48.0/23 maxlen: 24
95.135.52.0/23 maxlen: 24
95.135.54.0/23 maxlen: 24
95.135.56.0/23 maxlen: 24
95.135.62.0/23 maxlen: 24
95.135.68.0/23 maxlen: 24
95.135.74.0/23 maxlen: 24
95.135.80.0/23 maxlen: 24
95.135.86.0/23 maxlen: 24
95.135.92.0/23 maxlen: 24
95.135.94.0/23 maxlen: 24
95.135.106.0/23 maxlen: 24
95.135.108.0/24 maxlen: 24
95.135.118.0/24 maxlen: 24
95.135.156.0/22 maxlen: 24
95.135.160.0/21 maxlen: 24
95.135.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:75:bc:c5:30:48:6b:69:1c:65:bf:f7:82:a1:04:8b:3d:40:1a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 27 23:56:09 2025 GMT
Not After : May 27 00:01:09 2026 GMT
Subject: CN=135BF3428AB7947DF516789F21DA3DE30BF09781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:0a:11:b9:e7:50:49:8b:38:6c:25:6d:03:
ad:9a:4b:47:03:d3:0c:6b:76:76:c7:29:de:a1:c3:
70:3c:fd:06:fa:01:4b:ee:22:64:0f:38:41:e5:b5:
70:0f:84:41:9c:12:4c:4b:a3:7a:d6:ad:36:7f:d2:
f2:fd:76:30:b9:c3:30:32:f6:c8:60:39:86:b5:37:
c0:64:42:ea:3a:89:06:4f:44:d0:19:ca:9b:29:a8:
22:35:d4:f4:d4:02:d1:73:7b:6b:dc:95:23:f1:5a:
36:28:1f:91:48:53:ef:1a:f5:16:da:d4:42:8a:5e:
74:05:fa:e1:61:fa:39:6a:7a:4e:a6:67:4b:67:64:
1b:b7:e9:94:73:d7:21:f2:37:79:f8:88:3e:4f:d2:
cb:9f:53:39:2e:e1:7d:dc:f6:26:61:fd:b1:45:47:
a0:2a:70:1c:a8:4d:0f:c7:d2:7a:5a:5d:07:a8:45:
de:ea:6a:6d:7f:df:65:83:20:cf:4a:77:3c:8f:0d:
12:72:b2:63:d7:36:29:71:b2:9b:52:e2:82:88:ac:
75:30:a7:d0:c1:63:14:eb:e3:37:91:5f:e8:f0:e7:
ec:63:7b:93:20:b4:ef:98:4a:15:1e:88:37:90:e7:
d2:ca:22:8b:79:0c:d9:d0:66:da:c0:15:3e:5c:1b:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:5B:F3:42:8A:B7:94:7D:F5:16:78:9F:21:DA:3D:E3:0B:F0:97:81
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.202.0/23
91.124.210.0/23
92.112.158.0/24
95.134.104.0/21
95.134.152.0/21
95.135.0.0/23
95.135.6.0/23
95.135.12.0/23
95.135.18.0/23
95.135.24.0/23
95.135.30.0/23
95.135.36.0/23
95.135.42.0/23
95.135.48.0/23
95.135.52.0-95.135.57.255
95.135.62.0/23
95.135.68.0/23
95.135.74.0/23
95.135.80.0/23
95.135.86.0/23
95.135.92.0/22
95.135.106.0-95.135.108.255
95.135.118.0/24
95.135.156.0-95.135.167.255
95.135.246.0/24
Signature Algorithm: sha256WithRSAEncryption
73:9c:55:0f:1e:f4:f2:c3:c4:75:64:7e:31:3c:97:92:0f:63:
21:de:09:9d:f4:ed:65:3a:d6:f9:e3:15:5c:95:17:bd:aa:87:
97:74:0b:fb:99:bf:e1:48:9e:f8:78:ef:ae:54:63:9a:f2:ee:
84:05:4d:25:17:63:2e:83:af:e2:b6:33:8d:86:54:57:4a:fd:
65:57:ac:86:3d:74:a6:08:81:b8:94:9e:17:ad:7d:47:56:b8:
a4:50:f2:4f:23:ad:f8:1f:6c:a8:f0:48:7a:89:a3:82:58:1f:
60:7e:1a:c4:b2:fb:9d:37:6f:71:e1:c8:a7:e7:32:8b:1b:3a:
9a:ee:05:cb:a7:13:6e:98:44:d5:c8:03:a6:f7:e3:98:a6:00:
01:73:87:65:b0:c3:58:34:c2:62:9b:36:1b:73:55:33:17:d8:
7b:a0:4d:24:43:a7:22:5a:08:dd:e1:60:ce:32:35:98:b3:1a:
a0:85:89:96:84:a6:17:d0:41:7e:5e:19:15:c8:7c:b4:c5:6c:
8c:8e:ad:5c:8f:9b:68:44:61:8a:ee:df:83:9a:ab:03:89:b3:
46:ae:95:75:59:52:cd:37:06:45:48:97:2a:b8:2a:dd:6e:ad:
67:4b:f1:e5:24:bb:aa:f6:da:0b:72:4d:1c:e2:b2:a6:53:c1:
63:4a:17:08
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIUYXW8xTBIa2kcZb/3gqEEiz1AGpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjcyMzU2MDlaFw0yNjA1MjcwMDAxMDlaMDMxMTAvBgNV
BAMTKDEzNUJGMzQyOEFCNzk0N0RGNTE2Nzg5RjIxREEzREUzMEJGMDk3ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6qQoRuedQSYs4bCVtA62aS0cD
0wxrdnbHKd6hw3A8/Qb6AUvuImQPOEHltXAPhEGcEkxLo3rWrTZ/0vL9djC5wzAy
9shgOYa1N8BkQuo6iQZPRNAZypspqCI11PTUAtFze2vclSPxWjYoH5FIU+8a9Rba
1EKKXnQF+uFh+jlqek6mZ0tnZBu36ZRz1yHyN3n4iD5P0sufUzku4X3c9iZh/bFF
R6AqcByoTQ/H0npaXQeoRd7qam1/32WDIM9KdzyPDRJysmPXNilxsptS4oKIrHUw
p9DBYxTr4zeRX+jw5+xje5MgtO+YShUeiDeQ59LKIot5DNnQZtrAFT5cG5L/AgMB
AAGjggLNMIICyTAdBgNVHQ4EFgQUE1vzQoq3lH31FnifIdo94wvwl4EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB4wYIKwYBBQUHAQcBAf8EgdMwgdAwgc0EAgABMIHGAwQB
W3x8AwQBW3yIAwQBW3yOAwQBW3yWAwQBW3zKAwQBW3zSAwQAXHCeAwQDX4ZoAwQD
X4aYAwQBX4cAAwQBX4cGAwQBX4cMAwQBX4cSAwQBX4cYAwQBX4ceAwQBX4ckAwQB
X4cqAwQBX4cwMAwDBAJfhzQDBAFfhzgDBAFfhz4DBAFfh0QDBAFfh0oDBAFfh1AD
BAFfh1YDBAJfh1wwDAMEAV+HagMEAF+HbAMEAF+HdjAMAwQCX4ecAwQDX4egAwQA
X4f2MA0GCSqGSIb3DQEBCwUAA4IBAQBznFUPHvTyw8R1ZH4xPJeSD2Mh3gmd9O1l
Otb54xVclRe9qoeXdAv7mb/hSJ74eO+uVGOa8u6EBU0lF2Mug6/itjONhlRXSv1l
V6yGPXSmCIG4lJ4XrX1HVrikUPJPI634H2yo8Eh6iaOCWB9gfhrEsvudN29x4cin
5zKLGzqa7gXLpxNumETVyAOm9+OYpgABc4dlsMNYNMJimzYbc1UzF9h7oE0kQ6ci
Wgjd4WDOMjWYsxqghYmWhKYX0EF+XhkVyHy0xWyMjq1cj5toRGGK7t+DmqsDibNG
rpV1WVLNNwZFSJcquCrdbq1nS/HlJLuq9toLck0c4rKmU8FjShcI
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:12:15 2025 by rpki-client