Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: ctGhQWwtJI5RngHkbzMAhsql6eR00SxyiIqY90kDWy8=
Subject key identifier: 72:EA:46:D9:61:6B:9A:D0:16:B7:DA:9D:FB:67:E0:FC:11:4A:74:E0
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 73D3A220C42B1820EC13E670E431F261F3A7973D
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS5511.roa
Signing time: Wed 20 May 2026 10:29:08 +0000
ROA not before: Wed 20 May 2026 10:24:08 +0000
ROA not after: Wed 19 May 2027 10:29:08 +0000
asID: 5511
IP address blocks: 51.146.153.0/24 maxlen: 24
51.146.155.0/24 maxlen: 24
51.146.156.0/24 maxlen: 24
51.146.158.0/24 maxlen: 24
51.146.187.0/24 maxlen: 24
51.146.190.0/24 maxlen: 24
51.194.38.0/24 maxlen: 24
51.194.79.0/24 maxlen: 24
51.194.86.0/24 maxlen: 24
51.194.143.0/24 maxlen: 24
51.194.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d3:a2:20:c4:2b:18:20:ec:13:e6:70:e4:31:f2:61:f3:a7:97:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: May 20 10:24:08 2026 GMT
Not After : May 19 10:29:08 2027 GMT
Subject: CN=72EA46D9616B9AD016B7DA9DFB67E0FC114A74E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a1:38:24:30:2a:05:50:de:14:1f:e3:3a:44:
85:67:0f:ab:c3:1b:1e:09:2f:96:25:fe:26:9f:0b:
ed:16:da:c2:14:f5:02:8d:0e:d1:dd:47:9f:2c:59:
e2:89:0c:2d:e5:f1:7f:70:4d:e6:2c:b0:60:8e:11:
4a:c7:2d:c9:4a:87:21:67:f5:0e:91:79:75:d8:6f:
69:79:8a:a3:3c:32:d2:1c:11:37:c2:31:81:a3:63:
4c:5e:c4:a4:ca:c7:4d:28:b5:a8:3c:15:c5:74:8b:
d2:f5:6d:07:57:b6:22:57:a4:91:b7:c0:b5:8d:e5:
d1:e0:6f:c9:3c:1a:b6:ef:01:48:53:33:61:d6:4d:
eb:f2:61:aa:32:a9:26:7d:7a:39:d8:86:99:be:c6:
4d:e6:16:22:47:d6:a8:e8:e2:3e:b3:a0:ce:05:eb:
fe:82:5a:94:1d:ad:6b:6f:c2:da:2c:3a:c2:d3:6b:
19:59:fc:92:c1:b4:ae:ec:cf:42:27:57:ab:3e:2d:
35:cc:f8:59:d5:59:d4:c8:d4:d7:84:7c:3a:1d:fa:
15:84:ce:ba:c1:36:b3:39:1b:19:21:86:19:64:4d:
bf:1e:ae:0a:11:cd:f2:3d:00:af:ce:df:aa:70:10:
1a:80:a4:fb:53:3e:05:9d:ea:0b:78:aa:7c:b7:93:
0a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EA:46:D9:61:6B:9A:D0:16:B7:DA:9D:FB:67:E0:FC:11:4A:74:E0
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.153.0/24
51.146.155.0-51.146.156.255
51.146.158.0/24
51.146.187.0/24
51.146.190.0/24
51.194.38.0/24
51.194.79.0/24
51.194.86.0/24
51.194.143.0/24
51.194.200.0/24
Signature Algorithm: sha256WithRSAEncryption
65:52:1b:3b:f4:b1:40:3e:df:b8:f7:28:19:91:41:f2:bc:1c:
b2:08:76:97:b1:98:02:41:51:ae:3f:8f:fb:e1:83:63:2e:70:
e9:de:9f:5c:94:22:1e:9c:21:e3:88:12:3f:ee:2c:af:8b:86:
03:3e:bf:fd:e6:cf:3a:a2:d6:26:c0:38:f7:c7:64:e1:f9:8d:
a2:52:bd:df:b9:f0:4e:ac:8d:54:a7:64:ab:62:23:c4:fa:b1:
69:78:c6:bf:64:bd:0b:3e:bd:84:84:0f:e1:92:86:5c:25:47:
d9:ff:2e:16:18:f6:75:16:a9:b3:3f:0b:d4:f0:86:9c:d5:34:
05:1b:6a:c1:54:5b:f2:d7:22:d3:e2:d6:97:7b:cf:d0:a7:cf:
9b:11:a4:92:6e:ed:66:e4:31:09:3f:fa:89:19:1c:45:a1:d8:
50:57:a1:2d:cf:b9:94:da:06:bc:d8:5a:5c:15:01:95:8e:ec:
f1:91:c2:c8:5b:d8:ed:05:79:97:31:21:09:31:29:f5:96:15:
a7:af:80:55:34:a7:ad:96:9f:b0:77:73:7a:26:74:e7:0f:1a:
b1:3e:5c:ec:56:b9:4b:0e:e7:dd:22:52:cd:ee:04:1a:8a:7f:
91:55:22:04:b4:0f:62:e4:4d:02:79:db:eb:ca:67:8c:91:35:
de:75:5a:0f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUc9OiIMQrGCDsE+Zw5DHyYfOnlz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA1MjAxMDI0MDhaFw0yNzA1MTkxMDI5MDhaMDMxMTAvBgNV
BAMTKDcyRUE0NkQ5NjE2QjlBRDAxNkI3REE5REZCNjdFMEZDMTE0QTc0RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRoTgkMCoFUN4UH+M6RIVnD6vD
Gx4JL5Yl/iafC+0W2sIU9QKNDtHdR58sWeKJDC3l8X9wTeYssGCOEUrHLclKhyFn
9Q6ReXXYb2l5iqM8MtIcETfCMYGjY0xexKTKx00otag8FcV0i9L1bQdXtiJXpJG3
wLWN5dHgb8k8GrbvAUhTM2HWTevyYaoyqSZ9ejnYhpm+xk3mFiJH1qjo4j6zoM4F
6/6CWpQdrWtvwtosOsLTaxlZ/JLBtK7sz0InV6s+LTXM+FnVWdTI1NeEfDod+hWE
zrrBNrM5GxkhhhlkTb8ergoRzfI9AK/O36pwEBqApPtTPgWd6gt4qny3kwrfAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUcupG2WFrmtAWt9qd+2fg/BFKdOAwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEADOSmTAM
AwQAM5KbAwQAM5KcAwQAM5KeAwQAM5K7AwQAM5K+AwQAM8ImAwQAM8JPAwQAM8JW
AwQAM8KPAwQAM8LIMA0GCSqGSIb3DQEBCwUAA4IBAQBlUhs79LFAPt+49ygZkUHy
vByyCHaXsZgCQVGuP4/74YNjLnDp3p9clCIenCHjiBI/7iyvi4YDPr/95s86otYm
wDj3x2Th+Y2iUr3fufBOrI1Up2SrYiPE+rFpeMa/ZL0LPr2EhA/hkoZcJUfZ/y4W
GPZ1FqmzPwvU8Iac1TQFG2rBVFvy1yLT4taXe8/Qp8+bEaSSbu1m5DEJP/qJGRxF
odhQV6Etz7mU2ga82FpcFQGVjuzxkcLIW9jtBXmXMSEJMSn1lhWnr4BVNKetlp+w
d3N6JnTnDxqxPlzsVrlLDufdIlLN7gQain+RVSIEtA9i5E0CedvrymeMkTXedVoP
-----END CERTIFICATE-----
Generated at Wed Jun 3 08:31:23 2026 by rpki-client