Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: yAXwck9ygpoevOd75VzpFSV5ZVVyQlcuCkGDC95FSoc=
Subject key identifier: B9:61:27:B8:CE:F8:E9:E8:82:BC:D6:F0:20:C5:A0:ED:0E:9C:46:45
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 268B767C2CFDFE6A4ABE9166850674A1DBC68EF7
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Tue 29 Apr 2025 12:26:35 +0000
ROA not before: Tue 29 Apr 2025 12:21:35 +0000
ROA not after: Tue 28 Apr 2026 12:26:35 +0000
asID: 5065
IP address blocks: 91.124.64.0/23 maxlen: 24
91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
92.112.158.0/24 maxlen: 24
95.134.104.0/21 maxlen: 24
95.134.152.0/21 maxlen: 24
95.135.0.0/23 maxlen: 24
95.135.6.0/23 maxlen: 24
95.135.12.0/23 maxlen: 24
95.135.18.0/23 maxlen: 24
95.135.24.0/23 maxlen: 24
95.135.30.0/23 maxlen: 24
95.135.36.0/23 maxlen: 24
95.135.42.0/23 maxlen: 24
95.135.48.0/23 maxlen: 24
95.135.52.0/23 maxlen: 24
95.135.54.0/23 maxlen: 24
95.135.56.0/23 maxlen: 24
95.135.62.0/23 maxlen: 24
95.135.68.0/23 maxlen: 24
95.135.74.0/23 maxlen: 24
95.135.80.0/23 maxlen: 24
95.135.86.0/23 maxlen: 24
95.135.92.0/23 maxlen: 24
95.135.94.0/23 maxlen: 24
95.135.106.0/23 maxlen: 24
95.135.108.0/24 maxlen: 24
95.135.110.0/24 maxlen: 24
95.135.117.0/24 maxlen: 24
95.135.118.0/24 maxlen: 24
95.135.124.0/24 maxlen: 24
95.135.156.0/22 maxlen: 24
95.135.160.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8b:76:7c:2c:fd:fe:6a:4a:be:91:66:85:06:74:a1:db:c6:8e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 29 12:21:35 2025 GMT
Not After : Apr 28 12:26:35 2026 GMT
Subject: CN=B96127B8CEF8E9E882BCD6F020C5A0ED0E9C4645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c7:d4:f1:56:c3:16:44:25:55:86:ec:b3:51:
fe:a7:6f:4b:be:66:a4:a4:6b:b0:10:4d:6d:77:c3:
3d:bf:a4:47:5d:35:8a:da:72:d1:8b:cf:3c:04:5f:
e3:62:63:b8:f1:fb:4b:47:f2:b4:8d:20:4f:fe:a6:
1a:a6:57:36:d7:65:08:58:91:19:d9:28:c6:1e:84:
eb:47:c6:38:5d:92:2f:f4:00:8e:35:f6:ec:db:62:
23:ec:3f:08:69:33:a1:0d:40:cc:91:29:ee:bb:e4:
a5:f4:e9:1b:4f:9d:6f:dc:9c:66:7d:2b:c5:5a:ef:
ea:ad:b9:21:f6:bf:11:01:b3:9d:57:90:d8:7d:31:
11:92:9c:47:c8:a9:5d:e1:9d:43:37:0c:a3:5e:64:
8d:0b:e1:9d:de:20:ee:0c:a5:3c:86:46:ba:2f:e1:
25:56:ab:00:20:7d:74:94:ae:2d:94:1b:2f:9c:23:
b6:e9:33:ac:7f:47:66:2e:1c:57:85:87:e6:c8:22:
21:e7:c4:66:d8:15:e9:a4:b6:72:08:13:58:d5:58:
ee:0f:27:32:b8:c0:d3:a6:1f:86:b9:d5:7b:2e:58:
3f:a2:3a:dd:c2:df:96:ff:d6:ca:bc:9e:79:f5:d8:
7c:64:02:a4:86:c5:e1:bc:6c:a9:59:21:6d:36:6b:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:61:27:B8:CE:F8:E9:E8:82:BC:D6:F0:20:C5:A0:ED:0E:9C:46:45
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.64.0/23
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.202.0/23
91.124.210.0/23
92.112.158.0/24
95.134.104.0/21
95.134.152.0/21
95.135.0.0/23
95.135.6.0/23
95.135.12.0/23
95.135.18.0/23
95.135.24.0/23
95.135.30.0/23
95.135.36.0/23
95.135.42.0/23
95.135.48.0/23
95.135.52.0-95.135.57.255
95.135.62.0/23
95.135.68.0/23
95.135.74.0/23
95.135.80.0/23
95.135.86.0/23
95.135.92.0/22
95.135.106.0-95.135.108.255
95.135.110.0/24
95.135.117.0-95.135.118.255
95.135.124.0/24
95.135.156.0-95.135.167.255
Signature Algorithm: sha256WithRSAEncryption
6a:df:f0:3e:37:f5:1c:b3:b4:27:aa:b7:ed:ee:28:c7:f3:b5:
ec:0b:ac:f3:96:93:d5:d9:7a:f8:9d:9d:d8:c0:e8:ab:a7:44:
46:8d:91:66:11:e1:aa:75:56:07:3f:cf:e0:cf:0a:87:64:ab:
13:26:13:e2:54:5c:12:36:d6:63:4d:30:2b:8b:b6:d9:9f:51:
07:9f:0e:24:92:d1:b8:73:ec:44:39:1c:58:4b:fe:41:bf:3b:
85:25:df:5a:f7:e7:df:e6:61:c8:a1:86:47:e7:07:bd:c8:f5:
da:c6:f2:b5:cc:be:46:d1:6c:d1:7a:95:ba:17:12:7e:50:85:
18:b0:b8:91:a0:03:4c:72:3c:e5:19:ac:41:2d:8d:01:44:50:
7d:2f:75:50:01:fb:0e:ed:aa:f0:71:fb:c7:1c:82:ee:44:d1:
31:74:fc:7a:a8:d1:77:f3:97:56:1b:d0:5d:e5:7f:4e:46:a7:
66:83:cb:48:43:d5:1a:ec:3b:e6:de:ff:53:b2:b5:83:8e:ff:
ec:f5:e1:5c:a8:46:13:1e:b8:b1:ae:f0:ca:91:da:c5:08:c3:
fb:95:b7:ec:e1:05:a0:52:e7:85:e3:95:3a:01:0c:75:ee:bc:
4e:98:56:4b:73:50:30:7b:47:8b:c6:c3:c0:9d:b9:87:dc:6a:
d5:e5:20:0a
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgIUJot2fCz9/mpKvpFmhQZ0odvGjvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjkxMjIxMzVaFw0yNjA0MjgxMjI2MzVaMDMxMTAvBgNV
BAMTKEI5NjEyN0I4Q0VGOEU5RTg4MkJDRDZGMDIwQzVBMEVEMEU5QzQ2NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2x9TxVsMWRCVVhuyzUf6nb0u+
ZqSka7AQTW13wz2/pEddNYractGLzzwEX+NiY7jx+0tH8rSNIE/+phqmVzbXZQhY
kRnZKMYehOtHxjhdki/0AI419uzbYiPsPwhpM6ENQMyRKe675KX06RtPnW/cnGZ9
K8Va7+qtuSH2vxEBs51XkNh9MRGSnEfIqV3hnUM3DKNeZI0L4Z3eIO4MpTyGRrov
4SVWqwAgfXSUri2UGy+cI7bpM6x/R2YuHFeFh+bIIiHnxGbYFemktnIIE1jVWO4P
JzK4wNOmH4a51XsuWD+iOt3C35b/1sq8nnn12HxkAqSGxeG8bKlZIW02a6HTAgMB
AAGjggLhMIIC3TAdBgNVHQ4EFgQUuWEnuM746eiCvNbwIMWg7Q6cRkUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB9wYIKwYBBQUHAQcBAf8EgecwgeQwgeEEAgABMIHaAwQB
W3xAAwQBW3x8AwQBW3yIAwQBW3yOAwQBW3yWAwQBW3zKAwQBW3zSAwQAXHCeAwQD
X4ZoAwQDX4aYAwQBX4cAAwQBX4cGAwQBX4cMAwQBX4cSAwQBX4cYAwQBX4ceAwQB
X4ckAwQBX4cqAwQBX4cwMAwDBAJfhzQDBAFfhzgDBAFfhz4DBAFfh0QDBAFfh0oD
BAFfh1ADBAFfh1YDBAJfh1wwDAMEAV+HagMEAF+HbAMEAF+HbjAMAwQAX4d1AwQA
X4d2AwQAX4d8MAwDBAJfh5wDBANfh6AwDQYJKoZIhvcNAQELBQADggEBAGrf8D43
9RyztCeqt+3uKMfztewLrPOWk9XZevidndjA6KunREaNkWYR4ap1Vgc/z+DPCodk
qxMmE+JUXBI21mNNMCuLttmfUQefDiSS0bhz7EQ5HFhL/kG/O4Ul31r359/mYcih
hkfnB73I9drG8rXMvkbRbNF6lboXEn5QhRiwuJGgA0xyPOUZrEEtjQFEUH0vdVAB
+w7tqvBx+8ccgu5E0TF0/Hqo0Xfzl1Yb0F3lf05Gp2aDy0hD1RrsO+be/1OytYOO
/+z14VyoRhMeuLGu8MqR2sUIw/uVt+zhBaBS54XjlToBDHXuvE6YVktzUDB7R4vG
w8CduYfcatXlIAo=
-----END CERTIFICATE-----
Generated at Mon May 5 16:03:25 2025 by rpki-client