Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: Cgam1XlekocOojw3usp0p+6LIr43G7FJL+VgjFvwiKQ=
Subject key identifier: 36:DF:CA:9B:19:A0:86:7D:0E:B5:DE:83:19:7E:DA:53:ED:38:D9:EA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6DE94B20ACD67BCBB6C0E09FCC16B9202C13A5E3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Fri 31 Jan 2025 19:01:00 +0000
ROA not before: Fri 31 Jan 2025 18:56:00 +0000
ROA not after: Fri 30 Jan 2026 19:01:00 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:e9:4b:20:ac:d6:7b:cb:b6:c0:e0:9f:cc:16:b9:20:2c:13:a5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 31 18:56:00 2025 GMT
Not After : Jan 30 19:01:00 2026 GMT
Subject: CN=36DFCA9B19A0867D0EB5DE83197EDA53ED38D9EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:70:bc:34:4e:cd:d1:1e:1c:07:18:86:3c:
7c:61:8f:b3:d3:65:c4:af:38:41:9f:53:63:58:71:
5d:94:36:9e:13:89:a8:e0:e1:9f:cf:b5:0d:45:bb:
f6:57:19:37:a9:58:f3:d1:81:68:17:bb:66:39:18:
61:e6:c5:35:f6:0c:7a:7d:88:ac:95:56:ad:22:ce:
16:5d:e7:e8:74:6d:ae:c9:8b:b5:e2:f9:6b:a9:11:
ac:ca:95:29:db:7e:f1:ae:76:b0:7a:10:eb:d8:a0:
3d:73:49:01:c0:d3:e9:40:e8:ab:e5:a7:55:e8:c7:
a9:0f:f8:29:d0:00:ba:9d:3e:14:e7:4b:0d:c9:08:
64:f8:b2:9f:3c:c9:07:65:7a:27:5a:67:db:1d:c8:
9f:e4:22:b8:fc:b3:2a:af:b5:ba:dd:54:59:ab:35:
38:be:69:8c:78:7e:7e:49:5c:16:cd:26:a6:d9:69:
3e:a5:14:62:aa:21:d9:f2:63:b5:84:62:1c:3f:ba:
32:eb:6d:06:03:f1:63:41:2d:0a:32:3d:54:05:15:
0b:47:fa:cf:7a:4c:46:43:91:70:04:51:7e:aa:e2:
96:fc:0b:47:f7:08:92:9d:95:37:85:e3:af:56:fd:
8a:79:1f:9c:83:c5:c5:38:2d:85:23:e8:c8:51:c2:
63:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DF:CA:9B:19:A0:86:7D:0E:B5:DE:83:19:7E:DA:53:ED:38:D9:EA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.21.150.0/24
82.21.169.0/24
82.22.197.0/24
82.24.90.0/24
82.25.134.0/24
82.26.204.0/24
Signature Algorithm: sha256WithRSAEncryption
74:80:f5:bd:1c:52:c6:26:7e:42:a3:0d:b2:d1:9f:75:c3:10:
1d:b5:41:b0:bb:01:9a:eb:ce:1b:d2:45:1b:e9:a6:e5:b9:c5:
e9:83:f5:f1:04:e6:ae:d4:7f:1f:5b:a6:11:fb:97:f4:ee:eb:
75:c4:00:f7:a6:e2:e2:c8:aa:8f:0f:a1:c7:7d:6d:9a:63:e3:
e9:64:2f:1a:9c:94:bc:34:6d:81:7d:17:75:e2:22:17:c0:94:
ba:23:f1:a9:c5:6b:f7:5e:d7:b8:4f:f0:4e:a4:9e:da:0b:ba:
0b:51:73:1b:cf:ee:90:45:4f:3b:7c:29:6c:9a:14:c7:ff:92:
c6:89:75:5a:05:dc:77:ec:79:a5:97:8a:0b:71:29:96:ce:47:
bf:f8:88:59:4f:98:64:44:35:30:7a:fa:a3:ee:bc:fe:6b:67:
5c:61:7f:f9:54:c3:55:48:1d:98:22:8b:e0:43:20:09:ec:f3:
9b:eb:04:6e:b2:e6:15:e0:25:7c:a8:46:2a:60:09:aa:71:b6:
5c:40:39:76:2d:d1:14:bb:1e:7d:51:f9:b8:f1:fd:ca:2c:60:
d8:08:13:fd:7b:69:09:ae:a6:5b:f9:74:58:86:18:fc:10:8f:
3a:e8:1c:3b:27:f2:aa:b4:e9:89:c3:e8:1e:5e:e6:e3:11:37:
ac:82:4c:5e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUbelLIKzWe8u2wOCfzBa5ICwTpeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzExODU2MDBaFw0yNjAxMzAxOTAxMDBaMDMxMTAvBgNV
BAMTKDM2REZDQTlCMTlBMDg2N0QwRUI1REU4MzE5N0VEQTUzRUQzOEQ5RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCioHC8NE7N0R4cBxiGPHxhj7PT
ZcSvOEGfU2NYcV2UNp4Tiajg4Z/PtQ1Fu/ZXGTepWPPRgWgXu2Y5GGHmxTX2DHp9
iKyVVq0izhZd5+h0ba7Ji7Xi+WupEazKlSnbfvGudrB6EOvYoD1zSQHA0+lA6Kvl
p1Xox6kP+CnQALqdPhTnSw3JCGT4sp88yQdleidaZ9sdyJ/kIrj8syqvtbrdVFmr
NTi+aYx4fn5JXBbNJqbZaT6lFGKqIdnyY7WEYhw/ujLrbQYD8WNBLQoyPVQFFQtH
+s96TEZDkXAEUX6q4pb8C0f3CJKdlTeF469W/Yp5H5yDxcU4LYUj6MhRwmPHAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUNt/Kmxmghn0Otd6DGX7aU+042eowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFIVXgME
AFIVlgMEAFIVqQMEAFIWxQMEAFIYWgMEAFIZhgMEAFIazDANBgkqhkiG9w0BAQsF
AAOCAQEAdID1vRxSxiZ+QqMNstGfdcMQHbVBsLsBmuvOG9JFG+mm5bnF6YP18QTm
rtR/H1umEfuX9O7rdcQA96bi4siqjw+hx31tmmPj6WQvGpyUvDRtgX0XdeIiF8CU
uiPxqcVr917XuE/wTqSe2gu6C1FzG8/ukEVPO3wpbJoUx/+Sxol1WgXcd+x5pZeK
C3Epls5Hv/iIWU+YZEQ1MHr6o+68/mtnXGF/+VTDVUgdmCKL4EMgCezzm+sEbrLm
FeAlfKhGKmAJqnG2XEA5di3RFLsefVH5uPH9yixg2AgT/XtpCa6mW/l0WIYY/BCP
OugcOyfyqrTpicPoHl7m4xE3rIJMXg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:44 2025 by rpki-client