Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: dZpllWSPvQxjHUffmNyTRGMcOibcIRsDxufmdMBW9UA=
Subject key identifier: 14:F8:76:CC:94:01:96:75:77:36:61:69:46:72:99:51:F4:69:0A:B0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 010B2FB9858CDA87C5E4FC34076E62003E4C13D5
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5511.roa
Signing time: Mon 17 Feb 2025 10:10:09 +0000
ROA not before: Mon 17 Feb 2025 10:05:09 +0000
ROA not after: Mon 16 Feb 2026 10:10:09 +0000
asID: 5511
IP address blocks: 89.19.51.0/24 maxlen: 24
179.61.198.0/24 maxlen: 24
179.61.210.0/24 maxlen: 24
179.61.212.0/24 maxlen: 24
179.61.214.0/24 maxlen: 24
181.214.223.0/24 maxlen: 24
181.214.224.0/24 maxlen: 24
181.214.233.0/24 maxlen: 24
181.214.243.0/24 maxlen: 24
191.96.8.0/24 maxlen: 24
191.96.16.0/24 maxlen: 24
191.96.27.0/24 maxlen: 24
191.96.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0b:2f:b9:85:8c:da:87:c5:e4:fc:34:07:6e:62:00:3e:4c:13:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 17 10:05:09 2025 GMT
Not After : Feb 16 10:10:09 2026 GMT
Subject: CN=14F876CC940196757736616946729951F4690AB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c8:27:d3:50:c9:70:25:5f:92:5d:21:11:98:
77:42:1b:72:93:24:2d:1e:48:d3:84:dd:9d:2b:09:
25:cb:6c:bb:54:ed:d9:d3:ad:bb:0a:e3:bb:95:af:
eb:9a:27:3f:72:a5:d2:08:65:06:cb:df:9f:de:43:
42:35:3d:47:28:12:c5:70:17:71:21:9a:d7:39:98:
78:9c:74:f7:f0:dd:45:17:bb:1f:41:5d:4d:d1:27:
7e:9d:ec:e4:89:6e:79:63:f5:ef:63:3b:f4:6d:10:
84:44:4a:e7:e9:85:79:db:16:a5:bc:20:9a:54:0a:
38:ba:09:06:7e:a1:57:b0:97:dd:db:c5:03:1e:58:
07:a5:72:d3:62:98:2c:3d:27:f4:ae:24:8f:6d:5c:
dc:be:45:05:b4:29:df:99:4d:f4:dc:90:e7:5e:f9:
c7:8a:cf:bc:50:16:d4:25:da:61:9d:d7:c1:df:77:
4e:b0:b7:85:45:f6:d8:3a:da:23:41:d7:5f:5b:e0:
8f:1e:3b:30:96:98:0b:32:ee:e4:46:ae:b0:72:e2:
b4:3a:06:5e:74:27:6d:90:e9:c4:92:7b:ea:73:55:
6e:6a:be:b7:33:03:fa:0e:22:c0:cf:fd:2c:62:91:
2b:58:54:5b:dc:d9:13:c7:30:31:b1:63:51:d8:5e:
0c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F8:76:CC:94:01:96:75:77:36:61:69:46:72:99:51:F4:69:0A:B0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.51.0/24
179.61.198.0/24
179.61.210.0/24
179.61.212.0/24
179.61.214.0/24
181.214.223.0-181.214.224.255
181.214.233.0/24
181.214.243.0/24
191.96.8.0/24
191.96.16.0/24
191.96.27.0/24
191.96.83.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:53:6c:a2:29:88:bb:0d:f9:91:93:ab:72:57:a3:39:d7:39:
a0:09:21:ea:6b:17:a1:19:99:1a:f6:93:2f:c7:9a:36:57:ad:
d6:88:3a:c9:cc:e0:65:73:24:7a:33:9f:be:aa:1c:22:70:55:
c5:b1:c2:57:36:32:b4:bc:99:4c:22:a1:fa:04:97:a6:d9:91:
6e:6d:a6:33:3b:df:95:1b:c8:8c:43:66:be:ff:d5:cd:36:ef:
94:12:c6:a1:18:11:0f:61:c9:ce:72:9a:f0:76:e5:a7:f0:e8:
81:f2:a0:5c:2a:e6:0b:11:f0:ff:f3:c5:5e:02:69:6c:47:40:
f0:f8:d4:03:56:df:21:3e:cb:e5:2a:21:0f:c6:4e:2c:f0:80:
51:09:f6:f7:4b:1f:01:3d:c6:cc:54:91:6e:9b:00:e6:a7:dd:
1d:18:41:77:8e:ba:cc:55:79:a4:bf:2d:4e:b7:a4:6e:5c:93:
62:16:5b:d0:a5:db:e9:f2:6b:a4:b6:71:3e:bc:21:20:17:b6:
8a:ed:c3:45:0c:88:e0:0b:df:e2:15:38:27:1b:f7:55:7f:48:
f2:f8:38:f0:32:53:99:b1:46:b5:c2:e0:b0:cf:b0:1b:8f:68:
8a:01:41:ea:2a:e4:ee:e5:7b:f2:b1:06:3c:f2:c5:ec:11:55:
59:a5:79:a1
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUAQsvuYWM2ofF5Pw0B25iAD5ME9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMTcxMDA1MDlaFw0yNjAyMTYxMDEwMDlaMDMxMTAvBgNV
BAMTKDE0Rjg3NkNDOTQwMTk2NzU3NzM2NjE2OTQ2NzI5OTUxRjQ2OTBBQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoyCfTUMlwJV+SXSERmHdCG3KT
JC0eSNOE3Z0rCSXLbLtU7dnTrbsK47uVr+uaJz9ypdIIZQbL35/eQ0I1PUcoEsVw
F3Ehmtc5mHicdPfw3UUXux9BXU3RJ36d7OSJbnlj9e9jO/RtEIRESufphXnbFqW8
IJpUCji6CQZ+oVewl93bxQMeWAelctNimCw9J/SuJI9tXNy+RQW0Kd+ZTfTckOde
+ceKz7xQFtQl2mGd18Hfd06wt4VF9tg62iNB119b4I8eOzCWmAsy7uRGrrBy4rQ6
Bl50J22Q6cSSe+pzVW5qvrczA/oOIsDP/SxikStYVFvc2RPHMDGxY1HYXgzHAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUFPh2zJQBlnV3NmFpRnKZUfRpCrAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAFkTMwME
ALM9xgMEALM90gMEALM91AMEALM91jAMAwQAtdbfAwQAtdbgAwQAtdbpAwQAtdbz
AwQAv2AIAwQAv2AQAwQAv2AbAwQAv2BTMA0GCSqGSIb3DQEBCwUAA4IBAQBMU2yi
KYi7DfmRk6tyV6M51zmgCSHqaxehGZka9pMvx5o2V63WiDrJzOBlcyR6M5++qhwi
cFXFscJXNjK0vJlMIqH6BJem2ZFubaYzO9+VG8iMQ2a+/9XNNu+UEsahGBEPYcnO
cprwduWn8OiB8qBcKuYLEfD/88VeAmlsR0Dw+NQDVt8hPsvlKiEPxk4s8IBRCfb3
Sx8BPcbMVJFumwDmp90dGEF3jrrMVXmkvy1Ot6RuXJNiFlvQpdvp8muktnE+vCEg
F7aK7cNFDIjgC9/iFTgnG/dVf0jy+DjwMlOZsUa1wuCwz7Abj2iKAUHqKuTu5Xvy
sQY88sXsEVVZpXmh
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:21 2025 by rpki-client