Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: 7A2JwHlRmnEeUeB8Gf5dDslKlfmhuyFM7663DKWnoq4=
Subject key identifier: 64:82:2F:F7:15:77:E2:A4:AB:5D:F5:29:AA:C3:AB:9B:84:C8:02:22
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 308684DBD5182BCB601C9044426B68804650D1CF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Tue 04 Mar 2025 15:00:45 +0000
ROA not before: Tue 04 Mar 2025 14:55:45 +0000
ROA not after: Tue 03 Mar 2026 15:00:45 +0000
asID: 5065
IP address blocks: 91.124.64.0/23 maxlen: 24
91.124.88.0/23 maxlen: 24
91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.174.0/23 maxlen: 24
91.124.184.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
95.135.0.0/23 maxlen: 24
95.135.6.0/23 maxlen: 24
95.135.12.0/23 maxlen: 24
95.135.18.0/23 maxlen: 24
95.135.24.0/23 maxlen: 24
95.135.30.0/23 maxlen: 24
95.135.36.0/23 maxlen: 24
95.135.42.0/23 maxlen: 24
95.135.48.0/23 maxlen: 24
95.135.54.0/23 maxlen: 24
95.135.62.0/23 maxlen: 24
95.135.68.0/23 maxlen: 24
95.135.74.0/23 maxlen: 24
95.135.80.0/23 maxlen: 24
95.135.86.0/23 maxlen: 24
95.135.92.0/23 maxlen: 24
95.135.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:86:84:db:d5:18:2b:cb:60:1c:90:44:42:6b:68:80:46:50:d1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 4 14:55:45 2025 GMT
Not After : Mar 3 15:00:45 2026 GMT
Subject: CN=64822FF71577E2A4AB5DF529AAC3AB9B84C80222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:55:e5:dd:a6:47:05:b6:17:28:11:e6:b9:64:
ec:a8:7e:a7:36:50:ee:66:23:50:cf:b6:ba:5e:42:
ca:9b:b1:de:81:0a:30:a7:57:60:cf:e4:dc:50:ff:
5c:4c:2e:9f:95:47:3d:57:a0:70:e7:fe:10:a6:6c:
71:6b:19:24:78:cb:6e:8b:18:8b:cb:59:e3:e4:ac:
97:db:d6:a8:f6:fa:3b:68:d9:2f:a6:d6:49:31:d0:
04:8b:8c:56:a3:ac:76:b2:d3:75:57:87:64:d7:64:
ef:65:f0:42:21:a3:d7:6e:84:2b:da:ff:d1:d6:cd:
b5:f3:69:4e:0e:7c:49:3e:46:bc:0a:84:60:85:92:
3c:01:25:52:35:9b:41:b9:c5:f7:f7:f1:c3:8e:a8:
c2:f9:e2:1f:54:7c:69:5f:f2:78:94:65:87:fb:63:
4d:88:98:72:fe:20:d7:e3:64:3e:ba:aa:0e:c1:69:
6c:a4:68:82:7e:bf:8e:23:00:cc:96:0d:38:00:8d:
d5:33:99:42:59:6e:7c:c2:33:57:50:5d:96:49:b9:
ff:5d:2b:f3:c7:57:18:89:a3:c5:80:92:34:1d:7a:
60:f1:ac:41:5d:81:da:c4:5e:9c:3a:bb:fc:a8:0a:
38:6b:32:47:45:b2:32:47:f7:4f:2d:16:4c:65:3c:
ed:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:82:2F:F7:15:77:E2:A4:AB:5D:F5:29:AA:C3:AB:9B:84:C8:02:22
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.64.0/23
91.124.88.0/23
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.174.0/23
91.124.184.0/23
91.124.202.0/23
91.124.210.0/23
95.135.0.0/23
95.135.6.0/23
95.135.12.0/23
95.135.18.0/23
95.135.24.0/23
95.135.30.0/23
95.135.36.0/23
95.135.42.0/23
95.135.48.0/23
95.135.54.0/23
95.135.62.0/23
95.135.68.0/23
95.135.74.0/23
95.135.80.0/23
95.135.86.0/23
95.135.92.0/23
95.135.156.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:3e:03:d9:46:69:dc:e4:b4:7a:ef:02:9e:da:ca:49:78:00:
38:77:d6:33:b4:54:3b:82:fd:89:a9:47:7f:2e:eb:4b:56:c4:
a2:33:e1:0c:cf:96:e0:cc:63:70:17:95:ee:76:38:7d:7e:e2:
70:45:81:e7:18:f4:b3:8c:9a:c3:e8:4d:91:05:4b:3f:7f:e5:
51:0c:fa:fa:f7:f7:ac:78:7a:a7:68:72:fb:94:fb:79:29:16:
0e:d9:be:42:72:cd:0a:5c:7c:55:6a:c0:5a:93:27:69:e4:a0:
b0:91:57:71:33:9c:3b:dd:8a:fc:a7:46:e9:a6:ba:a1:8f:b1:
35:7b:f1:db:86:45:15:04:9e:7e:ef:9c:7a:70:72:76:44:35:
2a:d9:cb:2e:f7:15:22:7f:55:22:7b:76:2b:65:8b:31:92:0e:
62:1d:24:99:8c:fe:69:d6:1c:09:b5:68:d6:27:db:b4:11:d5:
bc:2d:c1:e5:14:40:c2:cd:dc:15:d4:ac:53:f0:d8:3f:bd:0b:
77:d2:ff:42:92:fc:9d:f5:ad:d5:bf:65:db:ea:2f:e0:ea:54:
52:62:10:c9:11:e7:9c:6c:6a:ba:44:9c:84:ac:62:6e:d8:fb:
ca:d3:03:65:01:f0:3a:b8:7b:43:85:45:49:2a:ca:83:42:93:
1e:42:7c:20
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUMIaE29UYK8tgHJBEQmtogEZQ0c8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMDQxNDU1NDVaFw0yNjAzMDMxNTAwNDVaMDMxMTAvBgNV
BAMTKDY0ODIyRkY3MTU3N0UyQTRBQjVERjUyOUFBQzNBQjlCODRDODAyMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqVeXdpkcFthcoEea5ZOyofqc2
UO5mI1DPtrpeQsqbsd6BCjCnV2DP5NxQ/1xMLp+VRz1XoHDn/hCmbHFrGSR4y26L
GIvLWePkrJfb1qj2+jto2S+m1kkx0ASLjFajrHay03VXh2TXZO9l8EIho9duhCva
/9HWzbXzaU4OfEk+RrwKhGCFkjwBJVI1m0G5xff38cOOqML54h9UfGlf8niUZYf7
Y02ImHL+INfjZD66qg7BaWykaIJ+v44jAMyWDTgAjdUzmUJZbnzCM1dQXZZJuf9d
K/PHVxiJo8WAkjQdemDxrEFdgdrEXpw6u/yoCjhrMkdFsjJH908tFkxlPO0RAgMB
AAGjggKpMIICpTAdBgNVHQ4EFgQUZIIv9xV34qSrXfUpqsOrm4TIAiIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBvwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQB
W3xAAwQBW3xYAwQBW3x8AwQBW3yIAwQBW3yOAwQBW3yWAwQBW3yuAwQBW3y4AwQB
W3zKAwQBW3zSAwQBX4cAAwQBX4cGAwQBX4cMAwQBX4cSAwQBX4cYAwQBX4ceAwQB
X4ckAwQBX4cqAwQBX4cwAwQBX4c2AwQBX4c+AwQBX4dEAwQBX4dKAwQBX4dQAwQB
X4dWAwQBX4dcAwQCX4ecMA0GCSqGSIb3DQEBCwUAA4IBAQA6PgPZRmnc5LR67wKe
2spJeAA4d9YztFQ7gv2JqUd/LutLVsSiM+EMz5bgzGNwF5Xudjh9fuJwRYHnGPSz
jJrD6E2RBUs/f+VRDPr69/eseHqnaHL7lPt5KRYO2b5Ccs0KXHxVasBakydp5KCw
kVdxM5w73Yr8p0bpprqhj7E1e/HbhkUVBJ5+75x6cHJ2RDUq2csu9xUif1Uie3Yr
ZYsxkg5iHSSZjP5p1hwJtWjWJ9u0EdW8LcHlFEDCzdwV1KxT8Ng/vQt30v9Ckvyd
9a3Vv2Xb6i/g6lRSYhDJEeecbGq6RJyErGJu2PvK0wNlAfA6uHtDhUVJKsqDQpMe
Qnwg
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:18 2025 by rpki-client