Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: 6jWhSFFy+ywM6i0JzKcoFgN6HlWM8jEHkGrS41pLQZM=
Subject key identifier: 44:08:6A:A6:F7:A1:5C:B8:AD:8E:E0:09:53:5A:CF:63:27:E9:9F:63
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6BD1BAF3351835639F5AB844858BEA7673354940
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5511.roa
Signing time: Mon 12 May 2025 05:58:30 +0000
ROA not before: Mon 12 May 2025 05:53:30 +0000
ROA not after: Mon 11 May 2026 05:58:30 +0000
asID: 5511
IP address blocks: 96.62.183.0/24 maxlen: 24
96.62.184.0/24 maxlen: 24
96.62.193.0/24 maxlen: 24
158.140.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:d1:ba:f3:35:18:35:63:9f:5a:b8:44:85:8b:ea:76:73:35:49:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 12 05:53:30 2025 GMT
Not After : May 11 05:58:30 2026 GMT
Subject: CN=44086AA6F7A15CB8AD8EE009535ACF6327E99F63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:f9:3e:af:61:1c:19:a8:49:e7:d4:bf:1e:
16:80:59:8f:10:4a:6c:8d:7a:17:04:85:cd:91:84:
e4:48:e5:9d:df:6f:78:8e:78:a4:a8:87:20:01:66:
46:47:cc:7a:e8:89:b3:78:53:8c:5c:e9:a7:be:9e:
74:83:25:85:40:d7:65:63:2f:c4:13:49:83:0d:92:
5b:ab:bb:5e:61:36:3d:5e:b1:69:9a:b5:4e:e9:e1:
e1:15:11:3f:49:ed:47:ed:c5:99:8d:53:3e:06:cc:
1d:5f:43:f3:f5:13:62:0d:22:a7:a2:b3:4e:5c:e6:
04:33:06:e6:ab:32:06:24:5c:3f:a1:d7:30:c8:0e:
ef:39:76:31:a7:75:d2:e2:57:eb:24:81:2e:98:31:
19:71:06:02:cd:f7:c9:e3:23:ef:79:18:85:14:38:
0f:fa:35:4d:d5:8c:ee:82:cf:8c:b3:5a:e3:e5:f8:
14:28:02:95:d2:55:c6:22:97:38:4c:da:93:79:3c:
71:ef:a2:51:de:3d:e3:9e:c3:ff:29:da:87:4d:b3:
22:1b:dd:7a:25:3c:09:56:e6:04:08:ab:38:02:0b:
cb:e6:c6:64:8c:e1:48:59:0e:2c:21:71:ac:fc:e4:
ca:d1:c3:91:64:ce:0f:ab:90:a4:9b:98:50:83:f1:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:08:6A:A6:F7:A1:5C:B8:AD:8E:E0:09:53:5A:CF:63:27:E9:9F:63
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.183.0-96.62.184.255
96.62.193.0/24
158.140.216.0/21
Signature Algorithm: sha256WithRSAEncryption
81:60:e9:8c:2e:cd:66:1f:04:ea:4e:cc:3d:36:d8:7a:1d:e9:
1f:77:67:60:68:6b:bf:4f:8e:5b:58:fa:68:4b:5f:89:5e:3f:
51:98:62:12:5f:73:be:93:02:84:dc:e6:36:e6:0f:9c:30:d0:
48:67:03:b3:0f:6f:01:de:d5:e5:72:7e:e6:36:d9:16:d0:e7:
79:ea:33:ff:cb:03:f9:2c:04:a4:49:a9:18:99:26:c4:3b:b6:
6f:82:4b:a7:0d:12:f0:cb:6e:53:0a:e5:51:33:7c:54:d9:3e:
8c:3a:0f:90:9c:b3:31:91:21:1d:07:37:f0:40:d0:de:fe:b8:
2f:17:ea:df:12:3d:18:e1:13:06:61:07:d5:90:d7:a3:1f:34:
07:5f:95:3b:b6:c5:03:51:f1:00:fc:72:a7:a9:3b:ca:9a:50:
d3:52:56:8e:44:81:9f:eb:41:8f:04:fc:fa:cc:eb:47:fe:68:
78:1e:b2:d5:8e:ce:c1:f8:16:e8:f6:11:f4:f8:36:a2:ca:53:
10:76:0c:af:d5:e8:01:6c:c8:3c:79:29:d1:1c:c2:33:4e:25:
9f:13:19:ff:5c:ba:94:53:6c:ab:3d:33:68:1b:93:6b:73:13:
6f:a6:56:74:26:85:4e:3b:0d:f9:eb:46:4e:e7:d5:8c:c5:a9:
29:a8:85:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUa9G68zUYNWOfWrhEhYvqdnM1SUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MTIwNTUzMzBaFw0yNjA1MTEwNTU4MzBaMDMxMTAvBgNV
BAMTKDQ0MDg2QUE2RjdBMTVDQjhBRDhFRTAwOTUzNUFDRjYzMjdFOTlGNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+wPk+r2EcGahJ59S/HhaAWY8Q
SmyNehcEhc2RhORI5Z3fb3iOeKSohyABZkZHzHroibN4U4xc6ae+nnSDJYVA12Vj
L8QTSYMNkluru15hNj1esWmatU7p4eEVET9J7UftxZmNUz4GzB1fQ/P1E2INIqei
s05c5gQzBuarMgYkXD+h1zDIDu85djGnddLiV+skgS6YMRlxBgLN98njI+95GIUU
OA/6NU3VjO6Cz4yzWuPl+BQoApXSVcYilzhM2pN5PHHvolHePeOew/8p2odNsyIb
3XolPAlW5gQIqzgCC8vmxmSM4UhZDiwhcaz85MrRw5Fkzg+rkKSbmFCD8YutAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQURAhqpvehXLitjuAJU1rPYyfpn2MwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQAYD63
AwQAYD64AwQAYD7BAwQDnozYMA0GCSqGSIb3DQEBCwUAA4IBAQCBYOmMLs1mHwTq
Tsw9Nth6Hekfd2dgaGu/T45bWPpoS1+JXj9RmGISX3O+kwKE3OY25g+cMNBIZwOz
D28B3tXlcn7mNtkW0Od56jP/ywP5LASkSakYmSbEO7ZvgkunDRLwy25TCuVRM3xU
2T6MOg+QnLMxkSEdBzfwQNDe/rgvF+rfEj0Y4RMGYQfVkNejHzQHX5U7tsUDUfEA
/HKnqTvKmlDTUlaORIGf60GPBPz6zOtH/mh4HrLVjs7B+Bbo9hH0+DaiylMQdgyv
1egBbMg8eSnRHMIzTiWfExn/XLqUU2yrPTNoG5NrcxNvplZ0JoVOOw3560ZO59WM
xakpqIUO
-----END CERTIFICATE-----
Generated at Fri Jun 6 11:54:57 2025 by rpki-client