Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: VQfWX87uHur3j0RftFKmxNE1bJISz41KGS1VN08b4eo=
Subject key identifier: 25:12:FF:58:28:ED:9C:61:80:F7:EA:96:63:2C:3E:AA:12:55:74:8B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2746DBD1431A30785223A59466D2D921304BDA01
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
Signing time: Sat 28 Jun 2025 00:01:12 +0000
ROA not before: Fri 27 Jun 2025 23:56:12 +0000
ROA not after: Sat 27 Jun 2026 00:01:12 +0000
asID: 5065
IP address blocks: 96.62.69.0/24 maxlen: 24
96.62.72.0/24 maxlen: 24
96.62.75.0/24 maxlen: 24
96.62.76.0/24 maxlen: 24
96.62.78.0/24 maxlen: 24
96.62.84.0/24 maxlen: 24
96.62.89.0/24 maxlen: 24
96.62.131.0/24 maxlen: 24
140.233.165.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
148.135.153.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:46:db:d1:43:1a:30:78:52:23:a5:94:66:d2:d9:21:30:4b:da:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 27 23:56:12 2025 GMT
Not After : Jun 27 00:01:12 2026 GMT
Subject: CN=2512FF5828ED9C6180F7EA96632C3EAA1255748B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:be:06:92:35:2d:d5:57:14:2f:62:79:da:f8:
47:f0:9a:65:94:55:3e:8a:ab:a0:a3:c1:e6:4e:07:
0b:aa:a5:9f:47:65:42:fc:7b:bb:e3:b2:b7:9b:a0:
4a:a0:2d:fd:0c:ce:e6:52:70:10:85:c1:df:b2:a6:
f4:3a:51:bd:1e:6f:4c:b3:24:4a:fe:48:5d:72:be:
86:e2:77:fd:19:c5:c4:14:cf:ec:78:09:78:04:94:
90:c6:2d:8d:f8:61:7c:d4:00:e4:74:8e:f8:2a:b8:
66:6d:e5:58:1a:e7:71:1a:48:05:ab:11:21:ab:79:
e3:a8:37:b4:d3:2c:f2:44:d3:ce:b9:2d:3a:78:92:
86:05:a1:6f:1e:80:e6:da:75:9d:1c:ad:e8:96:16:
7d:bf:e7:34:2f:53:df:c6:56:46:0c:79:59:3b:db:
c5:2f:62:f7:76:6d:39:32:26:d2:94:bc:65:0b:ee:
71:c2:ba:8d:34:f8:54:ea:d8:c2:70:de:14:c2:99:
a8:2f:6e:b8:0d:34:01:72:f9:7a:4f:84:bb:44:d9:
21:d2:61:9e:e6:80:03:ec:c6:72:53:87:38:5a:93:
1b:02:cd:73:46:ca:1f:4b:55:67:ed:d4:d9:bb:95:
2a:b8:63:a6:41:b9:c7:80:3e:f4:9b:e8:4b:76:df:
96:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:12:FF:58:28:ED:9C:61:80:F7:EA:96:63:2C:3E:AA:12:55:74:8B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.69.0/24
96.62.72.0/24
96.62.75.0-96.62.76.255
96.62.78.0/24
96.62.84.0/24
96.62.89.0/24
96.62.131.0/24
140.233.165.0/24
146.103.37.0/24
148.135.153.0/24
148.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b8:13:82:40:5e:c3:fe:24:d0:2c:f7:97:80:28:97:fe:c5:
27:e2:01:45:1f:4e:cf:7d:a6:bf:97:3b:f7:cd:20:c1:ab:63:
18:8d:4f:63:2e:14:5c:33:38:e2:17:5e:e5:24:2f:97:e3:11:
ce:36:be:a5:2a:85:b5:13:ab:de:87:54:c4:d6:e1:ca:a9:ce:
e0:3e:05:0d:df:f8:c0:06:28:5b:6a:b7:ec:01:01:16:f3:67:
e2:1f:58:bb:21:62:96:7f:e1:d7:ca:fb:c5:8a:a3:34:b9:03:
12:f5:28:72:fb:49:8f:37:20:74:64:8e:0d:31:f3:fc:51:45:
29:eb:1d:4c:8d:e6:82:19:a0:69:3d:cc:4d:1d:2b:d2:0e:5e:
bb:1a:dd:14:4c:e3:69:0d:77:55:f6:e4:1a:44:97:54:0f:86:
18:fe:cb:c2:58:a5:de:19:60:15:57:f4:ac:2a:57:8d:28:fd:
df:97:76:ee:48:f5:80:4f:af:05:39:fd:a5:da:1c:86:ea:d2:
e5:9f:24:91:19:2b:78:6e:ce:0c:3b:fd:00:62:ca:4d:03:5a:
01:8e:e1:aa:af:83:3c:db:2f:0e:0d:d3:09:91:0b:51:02:5e:
ce:b1:71:cd:f1:4f:68:08:22:d8:d3:b7:f2:81:22:13:ef:75:
7b:ba:d8:c5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUJ0bb0UMaMHhSI6WUZtLZITBL2gEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjcyMzU2MTJaFw0yNjA2MjcwMDAxMTJaMDMxMTAvBgNV
BAMTKDI1MTJGRjU4MjhFRDlDNjE4MEY3RUE5NjYzMkMzRUFBMTI1NTc0OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxvgaSNS3VVxQvYnna+EfwmmWU
VT6Kq6CjweZOBwuqpZ9HZUL8e7vjsreboEqgLf0MzuZScBCFwd+ypvQ6Ub0eb0yz
JEr+SF1yvobid/0ZxcQUz+x4CXgElJDGLY34YXzUAOR0jvgquGZt5Vga53EaSAWr
ESGreeOoN7TTLPJE0865LTp4koYFoW8egObadZ0creiWFn2/5zQvU9/GVkYMeVk7
28UvYvd2bTkyJtKUvGUL7nHCuo00+FTq2MJw3hTCmagvbrgNNAFy+XpPhLtE2SHS
YZ7mgAPsxnJThzhakxsCzXNGyh9LVWft1Nm7lSq4Y6ZBuceAPvSb6Et235YvAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUJRL/WCjtnGGA9+qWYyw+qhJVdIswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAGA+RQME
AGA+SDAMAwQAYD5LAwQAYD5MAwQAYD5OAwQAYD5UAwQAYD5ZAwQAYD6DAwQAjOml
AwQAkmclAwQAlIeZAwQAlIeuMA0GCSqGSIb3DQEBCwUAA4IBAQAouBOCQF7D/iTQ
LPeXgCiX/sUn4gFFH07Pfaa/lzv3zSDBq2MYjU9jLhRcMzjiF17lJC+X4xHONr6l
KoW1E6veh1TE1uHKqc7gPgUN3/jABihbarfsAQEW82fiH1i7IWKWf+HXyvvFiqM0
uQMS9Shy+0mPNyB0ZI4NMfP8UUUp6x1MjeaCGaBpPcxNHSvSDl67Gt0UTONpDXdV
9uQaRJdUD4YY/svCWKXeGWAVV/SsKleNKP3fl3buSPWAT68FOf2l2hyG6tLlnySR
GSt4bs4MO/0AYspNA1oBjuGqr4M82y8ODdMJkQtRAl7OsXHN8U9oCCLY07fygSIT
73V7utjF
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:33:03 2025 by rpki-client