Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: bKyoQNIckZBCuDBr0uEsKpPimnxgg1JmLTVYiPY6LGA=
Subject key identifier: 77:E5:DB:B8:97:06:B9:D9:87:6D:01:23:43:2C:5C:05:A5:56:50:92
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0AC2888672BA63E3FABECA708F1EEBE44160D491
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
Signing time: Tue 21 Jan 2025 16:03:51 +0000
ROA not before: Tue 21 Jan 2025 15:58:51 +0000
ROA not after: Tue 20 Jan 2026 16:03:51 +0000
asID: 5065
IP address blocks: 82.21.64.0/24 maxlen: 24
82.21.154.0/24 maxlen: 24
82.21.162.0/24 maxlen: 24
82.21.170.0/24 maxlen: 24
82.21.180.0/24 maxlen: 24
82.21.192.0/24 maxlen: 24
82.21.194.0/24 maxlen: 24
82.21.198.0/24 maxlen: 24
82.21.207.0/24 maxlen: 24
82.22.199.0/24 maxlen: 24
82.24.194.0/24 maxlen: 24
82.29.7.0/24 maxlen: 24
82.29.20.0/24 maxlen: 24
82.29.37.0/24 maxlen: 24
82.29.46.0/24 maxlen: 24
82.29.55.0/24 maxlen: 24
82.29.68.0/24 maxlen: 24
82.29.77.0/24 maxlen: 24
82.29.90.0/24 maxlen: 24
82.29.91.0/24 maxlen: 24
82.29.99.0/24 maxlen: 24
82.29.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:c2:88:86:72:ba:63:e3:fa:be:ca:70:8f:1e:eb:e4:41:60:d4:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 21 15:58:51 2025 GMT
Not After : Jan 20 16:03:51 2026 GMT
Subject: CN=77E5DBB89706B9D9876D0123432C5C05A5565092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:83:3f:62:d9:7f:8b:35:d7:2b:86:b9:6b:3d:
36:1f:51:50:57:2c:2b:d3:48:e6:3c:8c:79:84:40:
ad:6d:68:1e:a0:f1:6a:86:4e:b2:5b:ca:23:6e:80:
10:84:ba:19:ee:85:26:a1:d3:e8:7d:df:28:2d:22:
e2:4d:58:d7:1f:70:e1:30:ae:b7:7b:06:07:49:a9:
d7:76:62:13:1a:13:25:59:75:52:20:93:1e:1b:a9:
db:cc:b5:50:53:93:df:3e:c7:59:53:c7:b0:32:8c:
31:76:87:40:fa:83:40:ae:77:ad:3f:87:71:e6:b1:
c2:7b:7b:c8:45:2c:71:fe:28:6e:28:35:8d:c8:b9:
f8:95:ca:a7:3e:2e:d4:68:e8:a7:a4:e2:b8:f7:72:
3e:75:89:56:f9:82:05:86:78:7f:f8:33:92:37:62:
9f:80:80:d3:f0:84:75:0d:ac:d6:23:e5:90:1d:f5:
69:7a:d0:13:dc:e2:aa:83:1f:6a:da:bb:91:f0:10:
ab:95:68:f8:ba:01:55:67:b4:bd:29:a0:4b:de:b2:
90:26:5d:16:43:48:57:60:d9:be:a6:1b:02:1a:be:
62:d4:4b:28:49:16:84:09:9e:18:fd:26:25:99:6f:
2e:9b:38:55:84:21:91:63:30:5e:50:7c:8b:a5:b1:
c7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E5:DB:B8:97:06:B9:D9:87:6D:01:23:43:2C:5C:05:A5:56:50:92
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.64.0/24
82.21.154.0/24
82.21.162.0/24
82.21.170.0/24
82.21.180.0/24
82.21.192.0/24
82.21.194.0/24
82.21.198.0/24
82.21.207.0/24
82.22.199.0/24
82.24.194.0/24
82.29.7.0/24
82.29.20.0/24
82.29.37.0/24
82.29.46.0/24
82.29.55.0/24
82.29.68.0/24
82.29.77.0/24
82.29.90.0/23
82.29.99.0/24
82.29.150.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ff:2b:f9:87:35:32:3f:f4:d8:0c:26:09:2d:c4:01:c5:6b:
0a:20:bf:4d:64:82:c1:17:ff:5b:08:c4:9e:bb:e2:8f:c1:df:
b6:0c:38:19:6c:d1:4b:3c:6a:45:ce:4c:28:29:67:2b:19:e9:
ba:43:14:27:a9:df:c0:9e:cd:2f:17:0b:11:ba:7e:29:08:44:
61:69:fc:9d:1a:2a:dd:22:7d:e8:4c:25:e3:1b:b9:59:f3:86:
f1:c5:27:96:43:e8:4b:e4:0a:c3:d3:08:69:b7:70:42:3a:b5:
93:7c:fc:65:6e:af:b8:d2:20:ad:7f:9f:f9:1d:e8:9e:9e:dd:
ed:e2:4e:01:48:61:98:6e:bb:6b:5b:47:f0:0b:6c:cb:dc:65:
74:fc:ef:29:94:1c:29:94:c4:39:1c:ec:61:7c:70:10:5d:d3:
6d:0a:eb:64:cb:e5:ee:4e:f4:47:d0:30:b6:86:d7:e0:06:2d:
3d:cf:0b:00:49:91:fc:27:a1:c5:59:3c:03:10:4b:6a:e8:66:
f6:11:ef:6b:df:b1:81:d3:c8:ea:2f:ca:3e:21:ee:7a:cc:9c:
25:82:7e:96:89:32:fa:bd:f7:f5:c0:61:26:9b:b5:46:91:1f:
76:37:74:32:e5:ce:dd:91:0d:a0:de:ad:61:77:ce:26:4d:cc:
9b:5f:5c:ed
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUCsKIhnK6Y+P6vspwjx7r5EFg1JEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjExNTU4NTFaFw0yNjAxMjAxNjAzNTFaMDMxMTAvBgNV
BAMTKDc3RTVEQkI4OTcwNkI5RDk4NzZEMDEyMzQzMkM1QzA1QTU1NjUwOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClgz9i2X+LNdcrhrlrPTYfUVBX
LCvTSOY8jHmEQK1taB6g8WqGTrJbyiNugBCEuhnuhSah0+h93ygtIuJNWNcfcOEw
rrd7BgdJqdd2YhMaEyVZdVIgkx4bqdvMtVBTk98+x1lTx7AyjDF2h0D6g0Cud60/
h3HmscJ7e8hFLHH+KG4oNY3IufiVyqc+LtRo6Kek4rj3cj51iVb5ggWGeH/4M5I3
Yp+AgNPwhHUNrNYj5ZAd9Wl60BPc4qqDH2rau5HwEKuVaPi6AVVntL0poEvespAm
XRZDSFdg2b6mGwIavmLUSyhJFoQJnhj9JiWZby6bOFWEIZFjMF5QfIulscezAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUd+XbuJcGudmHbQEjQyxcBaVWUJIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBmgYIKwYBBQUHAQcBAf8EgYowgYcwgYQEAgABMH4DBABS
FUADBABSFZoDBABSFaIDBABSFaoDBABSFbQDBABSFcADBABSFcIDBABSFcYDBABS
Fc8DBABSFscDBABSGMIDBABSHQcDBABSHRQDBABSHSUDBABSHS4DBABSHTcDBABS
HUQDBABSHU0DBAFSHVoDBABSHWMDBABSHZYwDQYJKoZIhvcNAQELBQADggEBAE7/
K/mHNTI/9NgMJgktxAHFawogv01kgsEX/1sIxJ674o/B37YMOBls0Us8akXOTCgp
ZysZ6bpDFCep38CezS8XCxG6fikIRGFp/J0aKt0ifehMJeMbuVnzhvHFJ5ZD6Evk
CsPTCGm3cEI6tZN8/GVur7jSIK1/n/kd6J6e3e3iTgFIYZhuu2tbR/ALbMvcZXT8
7ymUHCmUxDkc7GF8cBBd020K62TL5e5O9EfQMLaG1+AGLT3PCwBJkfwnocVZPAMQ
S2roZvYR72vfsYHTyOovyj4h7nrMnCWCfpaJMvq99/XAYSabtUaRH3Y3dDLlzt2R
DaDerWF3ziZNzJtfXO0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:45 2025 by rpki-client