Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: qpdXAKCHROt1YjNUjvvTX/kK9UsVl+mSgz8gfEojmPE=
Subject key identifier: 88:09:BA:B7:09:DF:7A:91:F3:62:35:91:15:88:8C:76:DE:95:30:C4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3E2DCD25C022E29FC7F0F2052F7CB785699F7E84
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Fri 17 Oct 2025 05:16:18 +0000
ROA not before: Fri 17 Oct 2025 05:11:18 +0000
ROA not after: Fri 16 Oct 2026 05:16:18 +0000
asID: 5065
IP address blocks: 91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
92.112.158.0/24 maxlen: 24
95.134.104.0/21 maxlen: 24
95.134.152.0/21 maxlen: 24
95.135.0.0/23 maxlen: 24
95.135.36.0/23 maxlen: 24
95.135.48.0/23 maxlen: 24
95.135.52.0/23 maxlen: 24
95.135.54.0/23 maxlen: 24
95.135.56.0/23 maxlen: 24
95.135.68.0/23 maxlen: 24
95.135.74.0/23 maxlen: 24
95.135.86.0/23 maxlen: 24
95.135.92.0/23 maxlen: 24
95.135.94.0/23 maxlen: 24
95.135.106.0/23 maxlen: 24
95.135.108.0/24 maxlen: 24
95.135.118.0/24 maxlen: 24
95.135.160.0/21 maxlen: 24
95.135.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:2d:cd:25:c0:22:e2:9f:c7:f0:f2:05:2f:7c:b7:85:69:9f:7e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 17 05:11:18 2025 GMT
Not After : Oct 16 05:16:18 2026 GMT
Subject: CN=8809BAB709DF7A91F362359115888C76DE9530C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:de:5e:f3:ed:f9:43:b1:6a:44:35:49:ae:
50:50:e4:07:47:94:80:c8:0e:56:47:ed:99:32:e2:
5f:39:d0:20:58:45:bf:93:75:21:a6:d1:2e:1c:f1:
d3:59:7c:fc:e8:3c:75:e0:86:09:43:39:a0:e6:56:
8a:28:37:e9:e5:d5:66:de:ac:ec:af:34:a0:d2:37:
37:9f:18:45:45:ec:f1:d5:19:42:53:a0:74:01:cd:
50:e7:8e:f6:4c:3e:f6:89:bd:1f:57:60:f4:40:27:
e2:20:d8:16:cc:24:f0:00:e0:f5:97:98:c3:e8:02:
9f:85:53:92:66:7d:98:86:2f:c4:d5:ed:71:db:52:
9b:a4:68:90:f7:02:ae:da:8c:c4:27:d2:a4:2b:0d:
98:77:52:5e:fb:69:23:48:89:8c:dd:a6:f3:69:3b:
9f:00:de:bb:bc:fb:1b:a7:6e:91:56:ec:51:ff:a9:
9d:d8:f2:ef:28:c7:9b:c9:b0:b5:2c:96:ac:5f:52:
c6:35:8d:dc:2f:a9:6e:28:50:3d:78:9d:1c:4f:b7:
0d:1f:bb:2d:00:9c:b9:93:98:88:71:c5:7b:95:6a:
a5:ba:27:29:7e:7f:e7:23:7c:be:45:55:8d:bc:0a:
b2:fb:f6:ba:a4:cc:81:bf:b2:95:1a:83:48:ae:6b:
e7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:09:BA:B7:09:DF:7A:91:F3:62:35:91:15:88:8C:76:DE:95:30:C4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.202.0/23
91.124.210.0/23
92.112.158.0/24
95.134.104.0/21
95.134.152.0/21
95.135.0.0/23
95.135.36.0/23
95.135.48.0/23
95.135.52.0-95.135.57.255
95.135.68.0/23
95.135.74.0/23
95.135.86.0/23
95.135.92.0/22
95.135.106.0-95.135.108.255
95.135.118.0/24
95.135.160.0/21
95.135.246.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:bb:98:55:06:43:01:b2:a9:0d:8e:07:20:49:dc:3b:9f:12:
dd:a1:dd:c7:7f:cb:ed:69:0a:0d:f4:b2:87:14:05:e9:60:65:
16:c4:dd:34:71:19:7d:80:ce:65:cd:0b:8e:8f:e7:40:65:95:
37:3d:1d:0b:7f:a9:92:fd:3e:af:75:8a:4f:38:8e:27:6e:7d:
b1:52:63:49:57:15:97:17:46:f9:6b:97:91:2f:80:7a:27:c5:
f9:76:38:89:3b:b2:aa:5b:b2:d6:b0:c1:0b:cf:45:0e:04:ea:
f1:1a:5e:92:3a:ef:18:50:50:8f:66:88:f9:99:9a:e4:24:fd:
3d:5c:3c:fa:14:e6:71:25:7b:9c:16:2a:52:77:c6:cc:b8:4e:
2d:88:3d:01:78:95:d8:d5:43:55:42:1b:9e:09:88:0a:5e:ff:
cd:4a:82:92:69:61:df:fa:91:0e:1f:13:c3:92:44:c0:4f:b1:
a7:be:33:de:c8:c6:08:d7:7b:82:0d:9d:19:ff:25:a2:28:9b:
a6:03:9d:1d:7a:73:7a:94:92:83:64:02:ce:cd:42:4c:27:08:
2c:9d:6e:eb:b0:82:fb:f3:24:24:2b:f1:b4:71:c0:ff:92:30:
57:f7:ce:70:36:d9:1d:0d:e5:a7:61:52:9a:9c:ae:c9:0a:9c:
4d:87:1d:1c
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIUPi3NJcAi4p/H8PIFL3y3hWmffoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTcwNTExMThaFw0yNjEwMTYwNTE2MThaMDMxMTAvBgNV
BAMTKDg4MDlCQUI3MDlERjdBOTFGMzYyMzU5MTE1ODg4Qzc2REU5NTMwQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm695e8+35Q7FqRDVJrlBQ5AdH
lIDIDlZH7Zky4l850CBYRb+TdSGm0S4c8dNZfPzoPHXghglDOaDmVoooN+nl1Wbe
rOyvNKDSNzefGEVF7PHVGUJToHQBzVDnjvZMPvaJvR9XYPRAJ+Ig2BbMJPAA4PWX
mMPoAp+FU5JmfZiGL8TV7XHbUpukaJD3Aq7ajMQn0qQrDZh3Ul77aSNIiYzdpvNp
O58A3ru8+xunbpFW7FH/qZ3Y8u8ox5vJsLUslqxfUsY1jdwvqW4oUD14nRxPtw0f
uy0AnLmTmIhxxXuVaqW6Jyl+f+cjfL5FVY28CrL79rqkzIG/spUag0iua+c9AgMB
AAGjggKVMIICkTAdBgNVHQ4EFgQUiAm6twnfepHzYjWRFYiMdt6VMMQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBqwYIKwYBBQUHAQcBAf8EgZswgZgwgZUEAgABMIGOAwQB
W3x8AwQBW3yIAwQBW3yOAwQBW3yWAwQBW3zKAwQBW3zSAwQAXHCeAwQDX4ZoAwQD
X4aYAwQBX4cAAwQBX4ckAwQBX4cwMAwDBAJfhzQDBAFfhzgDBAFfh0QDBAFfh0oD
BAFfh1YDBAJfh1wwDAMEAV+HagMEAF+HbAMEAF+HdgMEA1+HoAMEAF+H9jANBgkq
hkiG9w0BAQsFAAOCAQEAfLuYVQZDAbKpDY4HIEncO58S3aHdx3/L7WkKDfSyhxQF
6WBlFsTdNHEZfYDOZc0Ljo/nQGWVNz0dC3+pkv0+r3WKTziOJ259sVJjSVcVlxdG
+WuXkS+AeifF+XY4iTuyqluy1rDBC89FDgTq8RpekjrvGFBQj2aI+Zma5CT9PVw8
+hTmcSV7nBYqUnfGzLhOLYg9AXiV2NVDVUIbngmICl7/zUqCkmlh3/qRDh8Tw5JE
wE+xp74z3sjGCNd7gg2dGf8loiibpgOdHXpzepSSg2QCzs1CTCcILJ1u67CC+/Mk
JCvxtHHA/5IwV/fOcDbZHQ3lp2FSmpyuyQqcTYcdHA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:33:31 2025 by rpki-client