Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: /jWJlpDDqZqL4rujY3fRZJrQLjHfgeLAUlR3JYEoehM=
Subject key identifier: A8:C5:C7:B9:12:9C:49:85:68:B9:14:44:92:94:6C:FB:02:35:CA:63
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2E68E351982200B16684883A3425F159525F7F09
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Mon 31 Mar 2025 06:59:17 +0000
ROA not before: Mon 31 Mar 2025 06:54:17 +0000
ROA not after: Mon 30 Mar 2026 06:59:17 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.86.0/24 maxlen: 24
82.22.96.0/24 maxlen: 24
82.22.111.0/24 maxlen: 24
82.22.114.0/24 maxlen: 24
82.22.120.0/24 maxlen: 24
82.22.121.0/24 maxlen: 24
82.22.122.0/24 maxlen: 24
82.22.123.0/24 maxlen: 24
82.22.141.0/24 maxlen: 24
82.22.144.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.172.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.23.3.0/24 maxlen: 24
82.23.4.0/24 maxlen: 24
82.23.5.0/24 maxlen: 24
82.23.6.0/24 maxlen: 24
82.23.15.0/24 maxlen: 24
82.23.44.0/24 maxlen: 24
82.23.45.0/24 maxlen: 24
82.23.46.0/24 maxlen: 24
82.23.47.0/24 maxlen: 24
82.23.48.0/24 maxlen: 24
82.23.50.0/24 maxlen: 24
82.23.51.0/24 maxlen: 24
82.23.52.0/24 maxlen: 24
82.23.53.0/24 maxlen: 24
82.23.55.0/24 maxlen: 24
82.23.56.0/24 maxlen: 24
82.23.57.0/24 maxlen: 24
82.23.58.0/24 maxlen: 24
82.23.61.0/24 maxlen: 24
82.23.62.0/24 maxlen: 24
82.23.63.0/24 maxlen: 24
82.23.64.0/24 maxlen: 24
82.23.69.0/24 maxlen: 24
82.23.74.0/24 maxlen: 24
82.23.79.0/24 maxlen: 24
82.23.123.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.23.135.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.24.26.0/24 maxlen: 24
82.24.63.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.26.83.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
82.27.20.0/24 maxlen: 24
82.27.101.0/24 maxlen: 24
82.27.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:68:e3:51:98:22:00:b1:66:84:88:3a:34:25:f1:59:52:5f:7f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 31 06:54:17 2025 GMT
Not After : Mar 30 06:59:17 2026 GMT
Subject: CN=A8C5C7B9129C498568B9144492946CFB0235CA63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:77:c4:fb:ba:05:68:2f:3c:a9:3b:86:9f:65:
46:1a:0b:e7:d2:f7:37:b7:0a:d5:86:b1:cb:fc:69:
10:0a:d4:fe:fc:1b:58:4d:cc:a3:0e:dc:58:85:0c:
c5:0d:ad:db:b5:8b:47:b8:cf:50:48:57:1d:74:1a:
4f:59:74:29:4f:9a:a4:d6:95:30:6d:dc:35:57:7c:
e4:cb:2d:dc:4c:70:05:4e:2e:92:c0:b4:6c:df:7e:
c0:b9:21:1c:ce:0f:31:e2:10:db:d4:76:4a:5a:d4:
4c:de:de:ae:85:2c:95:a6:c3:ea:d2:5e:fa:54:4f:
4a:f9:94:6f:aa:62:1a:4f:18:af:0f:71:69:04:f5:
3e:92:9b:94:ec:10:77:76:ef:01:ca:b2:58:40:74:
51:f6:82:d6:30:8a:0a:3c:5a:7c:c9:7d:5f:2e:73:
0a:f1:95:88:8a:ce:4c:2a:b2:63:4b:ef:5b:7f:66:
07:fb:91:c1:f2:db:e7:19:25:1a:49:c5:68:22:a1:
1e:e2:2a:d5:32:04:89:d1:00:9f:b7:b9:73:39:31:
3e:f0:76:c4:cc:50:a1:71:f8:84:49:6c:20:8c:a7:
9b:b0:0f:a1:bb:55:6a:d0:eb:dc:ae:7a:08:6a:0e:
db:1d:e0:6e:a9:d5:6e:86:2b:c3:75:12:82:14:ff:
9a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C5:C7:B9:12:9C:49:85:68:B9:14:44:92:94:6C:FB:02:35:CA:63
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.21.150.0/24
82.21.169.0/24
82.22.86.0/24
82.22.96.0/24
82.22.111.0/24
82.22.114.0/24
82.22.120.0/22
82.22.141.0/24
82.22.144.0/24
82.22.171.0-82.22.172.255
82.22.175.0/24
82.22.197.0/24
82.23.3.0-82.23.6.255
82.23.15.0/24
82.23.44.0-82.23.48.255
82.23.50.0-82.23.53.255
82.23.55.0-82.23.58.255
82.23.61.0-82.23.64.255
82.23.69.0/24
82.23.74.0/24
82.23.79.0/24
82.23.123.0/24
82.23.134.0/23
82.24.8.0/24
82.24.17.0/24
82.24.25.0-82.24.26.255
82.24.63.0/24
82.24.90.0/24
82.24.105.0/24
82.24.175.0/24
82.25.134.0/24
82.26.83.0/24
82.26.204.0/24
82.27.20.0/24
82.27.101.0/24
82.27.103.0/24
Signature Algorithm: sha256WithRSAEncryption
70:8c:d6:98:0c:78:03:0c:fc:9a:51:b5:04:dd:7b:ca:7e:82:
48:df:e0:48:87:fb:cf:35:33:4d:95:35:c9:40:80:23:0a:fe:
82:02:33:3a:c4:3e:cd:86:a1:1b:0d:c4:f8:f2:08:09:78:f9:
78:12:ab:07:10:62:11:de:0b:b5:ae:58:14:ed:c2:e1:c0:c3:
b8:08:0d:f5:77:a8:af:56:2c:4c:94:dd:f5:ce:0a:7b:8c:5b:
34:c6:d2:8b:45:cf:26:d2:7c:e6:21:0c:89:61:ef:05:c4:59:
40:1a:1c:7e:de:ea:89:0c:7d:64:94:f1:0b:2e:3a:84:5f:81:
db:cc:36:06:2a:2e:4d:ab:13:bb:50:ed:16:69:b3:7d:d5:98:
a4:f9:a9:ed:a7:2c:d6:d1:18:c2:9b:4f:61:93:31:41:f6:d1:
c1:aa:2c:b2:86:e2:cf:38:75:33:39:cc:58:82:34:a9:ec:29:
20:19:4c:6b:58:57:ca:fd:1e:15:d1:d0:67:e0:72:1c:08:4a:
c7:a9:9d:59:2a:5d:24:a8:fe:d8:8d:c4:87:6f:ba:29:ab:a8:
ef:51:97:b3:01:0f:67:f2:21:79:d0:06:7b:ee:ca:f4:9b:3c:
c9:b0:65:8d:29:1f:de:c7:e8:f5:50:20:4c:ad:b3:34:e5:61:
da:ae:fb:d0
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgIULmjjUZgiALFmhIg6NCXxWVJffwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMzEwNjU0MTdaFw0yNjAzMzAwNjU5MTdaMDMxMTAvBgNV
BAMTKEE4QzVDN0I5MTI5QzQ5ODU2OEI5MTQ0NDkyOTQ2Q0ZCMDIzNUNBNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfd8T7ugVoLzypO4afZUYaC+fS
9ze3CtWGscv8aRAK1P78G1hNzKMO3FiFDMUNrdu1i0e4z1BIVx10Gk9ZdClPmqTW
lTBt3DVXfOTLLdxMcAVOLpLAtGzffsC5IRzODzHiENvUdkpa1Eze3q6FLJWmw+rS
XvpUT0r5lG+qYhpPGK8PcWkE9T6Sm5TsEHd27wHKslhAdFH2gtYwigo8WnzJfV8u
cwrxlYiKzkwqsmNL71t/Zgf7kcHy2+cZJRpJxWgioR7iKtUyBInRAJ+3uXM5MT7w
dsTMUKFx+IRJbCCMp5uwD6G7VWrQ69yueghqDtsd4G6p1W6GK8N1EoIU/5rHAgMB
AAGjggMiMIIDHjAdBgNVHQ4EFgQUqMXHuRKcSYVouRREkpRs+wI1ymMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATcGCCsGAQUFBwEHAQH/BIIBJjCCASIwggEeBAIAATCC
ARYDBABSFV4DBABSFZYDBABSFakDBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJS
FngDBABSFo0DBABSFpAwDAMEAFIWqwMEAFIWrAMEAFIWrwMEAFIWxTAMAwQAUhcD
AwQAUhcGAwQAUhcPMAwDBAJSFywDBABSFzAwDAMEAVIXMgMEAVIXNDAMAwQAUhc3
AwQAUhc6MAwDBABSFz0DBABSF0ADBABSF0UDBABSF0oDBABSF08DBABSF3sDBAFS
F4YDBABSGAgDBABSGBEwDAMEAFIYGQMEAFIYGgMEAFIYPwMEAFIYWgMEAFIYaQME
AFIYrwMEAFIZhgMEAFIaUwMEAFIazAMEAFIbFAMEAFIbZQMEAFIbZzANBgkqhkiG
9w0BAQsFAAOCAQEAcIzWmAx4Awz8mlG1BN17yn6CSN/gSIf7zzUzTZU1yUCAIwr+
ggIzOsQ+zYahGw3E+PIICXj5eBKrBxBiEd4Lta5YFO3C4cDDuAgN9Xeor1YsTJTd
9c4Ke4xbNMbSi0XPJtJ85iEMiWHvBcRZQBocft7qiQx9ZJTxCy46hF+B28w2Biou
TasTu1DtFmmzfdWYpPmp7acs1tEYwptPYZMxQfbRwaossobizzh1MznMWII0qewp
IBlMa1hXyv0eFdHQZ+ByHAhKx6mdWSpdJKj+2I3Eh2+6Kauo71GXswEPZ/IhedAG
e+7K9Js8ybBljSkf3sfo9VAgTK2zNOVh2q770A==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:18:39 2025 by rpki-client