Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: IDuazACYjmtXajUIzngpnQmFtpw4vOlJJXEK7Sqsx4g=
Subject key identifier: 55:E2:BB:37:87:37:83:E7:EA:29:CB:EA:50:2B:17:1E:2F:8A:54:52
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 23EB041DF3AB391D2D594000C86E062679AE2298
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Tue 20 May 2025 00:01:38 +0000
ROA not before: Mon 19 May 2025 23:56:38 +0000
ROA not after: Tue 19 May 2026 00:01:38 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.86.0/24 maxlen: 24
82.22.96.0/24 maxlen: 24
82.22.120.0/24 maxlen: 24
82.22.121.0/24 maxlen: 24
82.22.122.0/24 maxlen: 24
82.22.123.0/24 maxlen: 24
82.22.141.0/24 maxlen: 24
82.22.144.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.172.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.23.3.0/24 maxlen: 24
82.23.4.0/24 maxlen: 24
82.23.5.0/24 maxlen: 24
82.23.6.0/24 maxlen: 24
82.23.15.0/24 maxlen: 24
82.23.44.0/24 maxlen: 24
82.23.45.0/24 maxlen: 24
82.23.46.0/24 maxlen: 24
82.23.47.0/24 maxlen: 24
82.23.48.0/24 maxlen: 24
82.23.50.0/24 maxlen: 24
82.23.51.0/24 maxlen: 24
82.23.52.0/24 maxlen: 24
82.23.53.0/24 maxlen: 24
82.23.55.0/24 maxlen: 24
82.23.56.0/24 maxlen: 24
82.23.57.0/24 maxlen: 24
82.23.58.0/24 maxlen: 24
82.23.61.0/24 maxlen: 24
82.23.62.0/24 maxlen: 24
82.23.63.0/24 maxlen: 24
82.23.64.0/24 maxlen: 24
82.23.69.0/24 maxlen: 24
82.23.74.0/24 maxlen: 24
82.23.79.0/24 maxlen: 24
82.23.123.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.23.135.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.24.26.0/24 maxlen: 24
82.24.63.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.26.83.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
82.27.20.0/24 maxlen: 24
82.27.101.0/24 maxlen: 24
82.27.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 05:59:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:eb:04:1d:f3:ab:39:1d:2d:59:40:00:c8:6e:06:26:79:ae:22:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 19 23:56:38 2025 GMT
Not After : May 19 00:01:38 2026 GMT
Subject: CN=55E2BB37873783E7EA29CBEA502B171E2F8A5452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:07:5c:a3:9c:07:5b:2c:61:bd:aa:19:08:c7:
58:0f:43:fb:5f:f4:94:4b:ae:e0:3e:16:e9:d2:7a:
c7:57:c2:32:81:be:18:9f:a1:88:65:a2:bc:e8:b1:
f5:c5:bc:62:57:4c:c5:c3:0a:48:86:b4:e5:6e:e7:
ce:93:96:30:e4:34:fe:c6:be:93:74:be:07:ea:a8:
8f:11:76:be:07:3d:46:59:6c:f8:f0:fa:ec:a6:8e:
b8:c5:72:5d:2b:fc:02:10:b9:09:16:91:85:f9:0f:
9c:62:7c:7f:24:bb:8b:e9:9a:ea:95:0b:df:3d:b6:
68:61:3a:d4:24:07:ae:41:60:5e:9e:7b:fb:99:58:
f4:9a:6e:9a:75:1c:c2:c5:fc:ee:05:6a:9a:a3:0c:
27:b4:16:6d:07:05:3b:d4:e8:ec:c5:18:b9:ac:9f:
1d:1d:b3:6a:b3:aa:54:70:6a:3f:4c:20:11:da:d8:
a1:e2:41:02:a1:fe:a9:ab:1f:a7:7c:02:45:e0:01:
18:a2:35:38:7d:a6:ff:16:f2:d9:98:ba:a0:04:a8:
63:0d:69:78:82:3b:46:eb:dc:40:8c:d0:25:14:56:
13:2c:a0:63:ae:52:8d:59:3b:11:2e:3a:bb:8d:b7:
76:4f:c3:03:49:ef:b4:70:36:53:12:72:60:61:23:
84:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E2:BB:37:87:37:83:E7:EA:29:CB:EA:50:2B:17:1E:2F:8A:54:52
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.21.150.0/24
82.21.169.0/24
82.22.86.0/24
82.22.96.0/24
82.22.120.0/22
82.22.141.0/24
82.22.144.0/24
82.22.171.0-82.22.172.255
82.22.175.0/24
82.22.197.0/24
82.23.3.0-82.23.6.255
82.23.15.0/24
82.23.44.0-82.23.48.255
82.23.50.0-82.23.53.255
82.23.55.0-82.23.58.255
82.23.61.0-82.23.64.255
82.23.69.0/24
82.23.74.0/24
82.23.79.0/24
82.23.123.0/24
82.23.134.0/23
82.24.8.0/24
82.24.17.0/24
82.24.25.0-82.24.26.255
82.24.63.0/24
82.24.90.0/24
82.24.105.0/24
82.24.175.0/24
82.25.134.0/24
82.26.83.0/24
82.26.204.0/24
82.27.20.0/24
82.27.101.0/24
82.27.103.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:34:f3:bd:57:ab:ec:de:ca:f7:db:70:fb:0f:b0:aa:75:89:
68:a6:40:03:90:81:a6:bf:48:7d:78:6d:71:45:1a:6e:b9:a9:
3a:50:fd:7d:20:57:e8:1f:44:28:50:65:ff:1f:82:38:d1:27:
d8:62:34:63:c6:a2:46:38:2c:e0:1f:f5:9b:f8:ce:c1:06:6b:
a2:6b:b2:1d:2c:7a:f1:df:e9:d3:3b:d7:ac:ba:f4:ec:41:c2:
4f:63:94:f6:1b:ff:fe:aa:ca:71:9a:e0:e7:2b:02:75:6e:d5:
67:2b:19:57:33:33:be:b3:79:27:a3:e2:ea:4e:77:d6:cc:35:
e4:90:75:e9:c2:78:dc:b2:a6:23:4d:4b:ae:5f:0d:e4:bf:64:
74:a3:13:78:51:47:55:ca:4d:f7:82:e6:f3:61:96:04:76:51:
32:fb:a9:10:19:c5:59:90:e1:ab:8f:ca:cb:82:76:9e:86:ac:
4c:bc:d3:37:c1:11:0e:30:de:d7:3c:09:ad:a7:8c:e6:bd:aa:
4e:d4:bf:bb:e4:c4:8c:b8:7c:de:ae:2f:4e:cc:7e:29:84:f2:
db:b1:9d:84:4e:d6:8f:ac:2f:61:1f:35:8b:82:19:2c:e5:fd:
3c:92:2d:8f:23:ea:03:60:38:9e:42:4b:27:0d:fd:5c:33:e3:
11:55:28:d6
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgIUI+sEHfOrOR0tWUAAyG4GJnmuIpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MTkyMzU2MzhaFw0yNjA1MTkwMDAxMzhaMDMxMTAvBgNV
BAMTKDU1RTJCQjM3ODczNzgzRTdFQTI5Q0JFQTUwMkIxNzFFMkY4QTU0NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/B1yjnAdbLGG9qhkIx1gPQ/tf
9JRLruA+FunSesdXwjKBvhifoYhlorzosfXFvGJXTMXDCkiGtOVu586TljDkNP7G
vpN0vgfqqI8Rdr4HPUZZbPjw+uymjrjFcl0r/AIQuQkWkYX5D5xifH8ku4vpmuqV
C989tmhhOtQkB65BYF6ee/uZWPSabpp1HMLF/O4FapqjDCe0Fm0HBTvU6OzFGLms
nx0ds2qzqlRwaj9MIBHa2KHiQQKh/qmrH6d8AkXgARiiNTh9pv8W8tmYuqAEqGMN
aXiCO0br3ECM0CUUVhMsoGOuUo1ZOxEuOruNt3ZPwwNJ77RwNlMScmBhI4S/AgMB
AAGjggMWMIIDEjAdBgNVHQ4EFgQUVeK7N4c3g+fqKcvqUCsXHi+KVFIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASsGCCsGAQUFBwEHAQH/BIIBGjCCARYwggESBAIAATCC
AQoDBABSFV4DBABSFZYDBABSFakDBABSFlYDBABSFmADBAJSFngDBABSFo0DBABS
FpAwDAMEAFIWqwMEAFIWrAMEAFIWrwMEAFIWxTAMAwQAUhcDAwQAUhcGAwQAUhcP
MAwDBAJSFywDBABSFzAwDAMEAVIXMgMEAVIXNDAMAwQAUhc3AwQAUhc6MAwDBABS
Fz0DBABSF0ADBABSF0UDBABSF0oDBABSF08DBABSF3sDBAFSF4YDBABSGAgDBABS
GBEwDAMEAFIYGQMEAFIYGgMEAFIYPwMEAFIYWgMEAFIYaQMEAFIYrwMEAFIZhgME
AFIaUwMEAFIazAMEAFIbFAMEAFIbZQMEAFIbZzANBgkqhkiG9w0BAQsFAAOCAQEA
jzTzvVer7N7K99tw+w+wqnWJaKZAA5CBpr9IfXhtcUUabrmpOlD9fSBX6B9EKFBl
/x+CONEn2GI0Y8aiRjgs4B/1m/jOwQZromuyHSx68d/p0zvXrLr07EHCT2OU9hv/
/qrKcZrg5ysCdW7VZysZVzMzvrN5J6Pi6k531sw15JB16cJ43LKmI01Lrl8N5L9k
dKMTeFFHVcpN94Lm82GWBHZRMvupEBnFWZDhq4/Ky4J2noasTLzTN8ERDjDe1zwJ
raeM5r2qTtS/u+TEjLh83q4vTsx+KYTy27GdhE7Wj6wvYR81i4IZLOX9PJItjyPq
A2A4nkJLJw39XDPjEVUo1g==
-----END CERTIFICATE-----
Generated at Fri Jun 6 11:53:13 2025 by rpki-client