Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: wK0Zyv9j9k0O23vQrMwzXQQ5eGlRRLeyqWjdo6DIAVI=
Subject key identifier: 37:49:44:0F:78:BC:86:A2:15:58:31:57:34:C0:DA:7D:65:44:41:19
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 065762A2B539D37BE3D40C221843A8CDCD6290B1
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
Signing time: Fri 10 Apr 2026 15:47:15 +0000
ROA not before: Fri 10 Apr 2026 15:42:15 +0000
ROA not after: Fri 09 Apr 2027 15:47:15 +0000
asID: 5065
IP address blocks: 91.124.124.0/23 maxlen: 24
91.124.136.0/23 maxlen: 24
91.124.142.0/23 maxlen: 24
91.124.150.0/23 maxlen: 24
91.124.202.0/23 maxlen: 24
91.124.210.0/23 maxlen: 24
92.112.158.0/24 maxlen: 24
95.135.52.0/23 maxlen: 24
95.135.56.0/23 maxlen: 24
95.135.74.0/23 maxlen: 24
95.135.86.0/23 maxlen: 24
95.135.92.0/23 maxlen: 24
95.135.94.0/23 maxlen: 24
95.135.106.0/23 maxlen: 24
95.135.108.0/24 maxlen: 24
95.135.118.0/24 maxlen: 24
95.135.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:57:62:a2:b5:39:d3:7b:e3:d4:0c:22:18:43:a8:cd:cd:62:90:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 10 15:42:15 2026 GMT
Not After : Apr 9 15:47:15 2027 GMT
Subject: CN=3749440F78BC86A21558315734C0DA7D65444119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a2:d8:00:2f:70:44:da:1c:06:ab:f8:57:8c:
3c:db:b3:d1:c1:a9:a6:2e:4e:a7:97:b7:65:1a:d1:
be:e9:fc:48:00:b4:64:fc:99:6f:55:02:41:53:70:
c5:ee:f4:9c:28:0e:22:21:a3:78:b7:0c:a8:ca:23:
a1:43:90:7c:1e:4d:4d:51:ac:1d:1a:6a:a4:56:5d:
34:9f:b8:42:a8:c5:7c:6d:f1:4d:19:3b:a9:2c:a0:
3b:e1:a7:e2:9b:c2:fb:73:f5:df:6a:1f:c1:8a:a3:
e3:99:d0:12:20:22:06:bb:c6:e1:d4:6e:07:0d:c0:
5a:1e:44:e2:c7:67:f0:ee:b2:18:8b:fb:a3:4d:82:
c4:7a:9b:e6:67:93:9b:07:dc:52:f4:b2:c7:e0:91:
6d:b4:b9:3a:c9:99:cd:88:62:3c:4c:de:e9:48:c6:
67:46:f9:1a:ea:40:d5:5e:8b:8d:22:a3:f6:0a:03:
15:38:f5:fe:15:9c:c6:5d:4f:ae:4d:ef:51:07:b7:
75:c4:53:e7:ac:fa:3d:4a:a0:61:74:f6:43:7a:25:
49:87:ee:b7:14:92:47:3d:18:83:c5:f9:ea:eb:2b:
7e:a6:db:96:8d:4c:3a:23:24:8d:72:56:f0:5e:c7:
e9:8d:5a:52:ae:83:dd:e5:3d:4a:95:e1:63:92:e7:
a8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:49:44:0F:78:BC:86:A2:15:58:31:57:34:C0:DA:7D:65:44:41:19
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.124.0/23
91.124.136.0/23
91.124.142.0/23
91.124.150.0/23
91.124.202.0/23
91.124.210.0/23
92.112.158.0/24
95.135.52.0/23
95.135.56.0/23
95.135.74.0/23
95.135.86.0/23
95.135.92.0/22
95.135.106.0-95.135.108.255
95.135.118.0/24
95.135.246.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d2:45:89:a2:20:f5:93:69:97:66:b1:77:bf:2a:58:2f:cb:
db:c1:45:18:05:43:4e:ac:b2:92:9e:3d:7b:c4:2b:df:1f:28:
e3:b5:b9:a1:a3:3f:64:47:f7:81:4a:4b:30:59:8c:82:a8:0e:
76:dc:1f:c1:e9:a2:09:93:15:b7:db:eb:ff:0d:21:1b:67:e2:
e9:cf:d1:27:43:d7:ca:27:8b:3f:ed:e5:da:1d:32:b2:ad:23:
7b:a7:be:aa:5c:33:50:cc:1c:be:ec:34:97:2b:6f:4b:45:8e:
a8:90:62:ea:02:8f:2d:67:88:5a:d6:fc:a1:83:de:2e:62:15:
14:b4:04:0a:e9:8f:34:2a:bc:71:b9:af:9a:6b:0f:5b:04:de:
3b:ce:fe:70:16:30:d7:fb:d9:0b:76:e7:70:c2:03:64:49:49:
39:bf:8d:97:2b:b1:c3:f9:25:f0:63:a0:9d:fe:5c:76:40:fa:
c6:d1:e6:bc:ed:57:76:0f:54:89:1e:d4:0e:75:e5:72:48:2f:
83:81:24:2f:f0:24:aa:cc:43:07:c9:bf:92:69:ec:b5:16:83:
7b:d0:8c:4e:ab:5a:f1:90:4c:95:bf:8d:f8:b6:ea:0e:b9:bf:
d5:bf:4e:08:80:06:3a:6d:6e:a6:24:60:2f:c4:89:23:37:7f:
f2:e2:65:c3
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIUBldiorU503vj1AwiGEOozc1ikLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MTAxNTQyMTVaFw0yNzA0MDkxNTQ3MTVaMDMxMTAvBgNV
BAMTKDM3NDk0NDBGNzhCQzg2QTIxNTU4MzE1NzM0QzBEQTdENjU0NDQxMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNotgAL3BE2hwGq/hXjDzbs9HB
qaYuTqeXt2Ua0b7p/EgAtGT8mW9VAkFTcMXu9JwoDiIho3i3DKjKI6FDkHweTU1R
rB0aaqRWXTSfuEKoxXxt8U0ZO6ksoDvhp+Kbwvtz9d9qH8GKo+OZ0BIgIga7xuHU
bgcNwFoeROLHZ/DushiL+6NNgsR6m+Znk5sH3FL0ssfgkW20uTrJmc2IYjxM3ulI
xmdG+RrqQNVei40io/YKAxU49f4VnMZdT65N71EHt3XEU+es+j1KoGF09kN6JUmH
7rcUkkc9GIPF+errK36m25aNTDojJI1yVvBex+mNWlKug93lPUqV4WOS56hzAgMB
AAGjggJkMIICYDAdBgNVHQ4EFgQUN0lED3i8hqIVWDFXNMDafWVEQRkwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB7BggrBgEFBQcBBwEB/wRsMGowaAQCAAEwYgMEAVt8fAME
AVt8iAMEAVt8jgMEAVt8lgMEAVt8ygMEAVt80gMEAFxwngMEAV+HNAMEAV+HOAME
AV+HSgMEAV+HVgMEAl+HXDAMAwQBX4dqAwQAX4dsAwQAX4d2AwQAX4f2MA0GCSqG
SIb3DQEBCwUAA4IBAQBy0kWJoiD1k2mXZrF3vypYL8vbwUUYBUNOrLKSnj17xCvf
Hyjjtbmhoz9kR/eBSkswWYyCqA523B/B6aIJkxW32+v/DSEbZ+Lpz9EnQ9fKJ4s/
7eXaHTKyrSN7p76qXDNQzBy+7DSXK29LRY6okGLqAo8tZ4ha1vyhg94uYhUUtAQK
6Y80Krxxua+aaw9bBN47zv5wFjDX+9kLdudwwgNkSUk5v42XK7HD+SXwY6Cd/lx2
QPrG0ea87Vd2D1SJHtQOdeVySC+DgSQv8CSqzEMHyb+Saey1FoN70IxOq1rxkEyV
v434tuoOub/Vv04IgAY6bW6mJGAvxIkjN3/y4mXD
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:50:10 2026 by rpki-client