Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS5511.roa
File:                     AS5511.roa (raw, json)
Hash identifier:          knKmaPuHa+r2mmSOjJjIoFA7kAazN6pRSQSQotRno/A=
Subject key identifier:   5B:22:7F:F5:66:13:5F:21:80:A5:9B:99:2E:72:54:5F:A6:EA:41:FD
Certificate issuer:       /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial:       44B434AD7EC8230697F13400B5FB07D5775ABC05
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS5511.roa
Signing time:             Thu 16 Jul 2026 09:43:30 +0000
ROA not before:           Thu 16 Jul 2026 09:38:30 +0000
ROA not after:            Thu 15 Jul 2027 09:43:30 +0000
asID:                     5511
IP address blocks:        51.146.57.0/24 maxlen: 24
                          51.146.59.0/24 maxlen: 24
                          51.146.64.0/24 maxlen: 24
                          51.146.153.0/24 maxlen: 24
                          51.146.155.0/24 maxlen: 24
                          51.146.156.0/24 maxlen: 24
                          51.146.158.0/24 maxlen: 24
                          51.146.187.0/24 maxlen: 24
                          51.146.190.0/24 maxlen: 24
                          51.194.38.0/24 maxlen: 24
                          51.194.72.0/22 maxlen: 24
                          51.194.79.0/24 maxlen: 24
                          51.194.86.0/24 maxlen: 24
                          51.194.143.0/24 maxlen: 24
                          51.194.200.0/24 maxlen: 24
                          51.241.187.0/24 maxlen: 24
                          78.105.100.0/24 maxlen: 24
                          78.105.102.0/24 maxlen: 24
                          78.105.189.0/24 maxlen: 24
                          78.105.201.0/24 maxlen: 24
                          78.105.212.0/24 maxlen: 24
                          78.105.223.0/24 maxlen: 24
                          78.105.235.0/24 maxlen: 24
                          188.220.166.0/24 maxlen: 24
                          188.221.19.0/24 maxlen: 24
                          188.221.172.0/22 maxlen: 24
                          188.221.185.0/24 maxlen: 24
                          188.221.194.0/24 maxlen: 24
                          188.221.217.0/24 maxlen: 24
                          188.221.255.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 05:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:b4:34:ad:7e:c8:23:06:97:f1:34:00:b5:fb:07:d5:77:5a:bc:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
        Validity
            Not Before: Jul 16 09:38:30 2026 GMT
            Not After : Jul 15 09:43:30 2027 GMT
        Subject: CN=5B227FF566135F2180A59B992E72545FA6EA41FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:70:b5:c6:e6:88:80:b1:63:90:8e:c4:71:36:
                    0f:07:95:35:fa:e5:2d:ce:19:c6:06:f4:1b:69:24:
                    69:c4:92:08:2a:d5:36:40:28:ea:97:7e:80:ff:ae:
                    ed:f4:f1:6f:eb:97:11:5a:d7:aa:cc:fc:70:36:d3:
                    d2:0d:7f:7f:dc:d9:b8:79:f2:50:0d:39:fb:99:7a:
                    53:c5:2c:09:46:24:fb:99:d3:ee:94:2d:1b:1b:89:
                    b7:5b:1b:6a:c8:47:40:b4:a9:bd:59:7d:52:b9:6e:
                    5a:6a:b5:16:42:8d:54:ea:f9:cb:00:6c:36:60:e7:
                    81:81:2f:4c:35:a7:e9:5e:db:5a:a0:ef:8f:bc:fc:
                    95:0b:a0:de:a5:9f:f2:d7:31:60:07:91:31:69:a0:
                    3b:61:63:1a:de:4e:9d:23:5b:d1:a0:35:99:e6:16:
                    61:89:47:8e:cf:f5:7c:94:08:ff:dd:25:27:96:45:
                    33:32:be:0a:4e:08:b4:05:ef:f1:30:e4:db:64:cb:
                    bf:1b:d1:35:e4:fd:97:6b:1e:f4:d6:da:91:fb:61:
                    52:42:66:b1:87:2a:00:74:59:64:9f:38:34:92:27:
                    a4:0d:2c:11:2c:4b:6f:46:db:15:66:0a:25:2f:8b:
                    ae:1d:ee:a7:87:aa:98:af:8b:a6:1b:03:60:a8:94:
                    f2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:22:7F:F5:66:13:5F:21:80:A5:9B:99:2E:72:54:5F:A6:EA:41:FD
            X509v3 Authority Key Identifier:
                keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS5511.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.146.57.0/24
                  51.146.59.0/24
                  51.146.64.0/24
                  51.146.153.0/24
                  51.146.155.0-51.146.156.255
                  51.146.158.0/24
                  51.146.187.0/24
                  51.146.190.0/24
                  51.194.38.0/24
                  51.194.72.0/22
                  51.194.79.0/24
                  51.194.86.0/24
                  51.194.143.0/24
                  51.194.200.0/24
                  51.241.187.0/24
                  78.105.100.0/24
                  78.105.102.0/24
                  78.105.189.0/24
                  78.105.201.0/24
                  78.105.212.0/24
                  78.105.223.0/24
                  78.105.235.0/24
                  188.220.166.0/24
                  188.221.19.0/24
                  188.221.172.0/22
                  188.221.185.0/24
                  188.221.194.0/24
                  188.221.217.0/24
                  188.221.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:3e:d4:b2:28:1b:9b:59:83:21:74:fb:a7:70:6c:0f:18:e3:
         0e:6b:ed:5d:99:e4:bb:bb:29:2d:73:0f:a4:df:1d:57:15:bc:
         7c:43:f2:ac:e2:bc:b7:dc:e1:bd:09:2e:3d:97:aa:0a:9d:10:
         98:91:11:fb:66:9b:4d:bc:a6:b4:80:fe:1d:ee:5b:0f:17:13:
         e2:2e:b9:f4:4c:78:4c:19:bb:2f:fb:a6:bb:11:91:fa:bc:7c:
         14:3f:ac:ab:ae:33:c5:34:05:27:eb:8b:09:60:64:25:3e:eb:
         76:95:9e:8b:e5:b2:ed:94:80:66:6d:ec:22:ed:29:c4:fa:1b:
         ae:21:fe:cc:ee:57:30:c9:e7:5e:78:33:e3:c1:dc:9e:65:81:
         ff:c2:cb:66:e2:25:63:71:21:db:4c:0d:ff:29:c7:5b:dd:5b:
         98:cc:dd:42:af:69:ca:0b:99:a5:20:39:c8:a0:ce:d2:00:37:
         90:37:86:9e:0b:03:45:54:0a:63:36:17:fa:e8:25:52:42:22:
         f3:3e:44:18:77:f1:91:4b:29:bb:30:3d:3e:8e:58:69:10:0e:
         61:7b:82:ae:ab:3d:9a:69:fe:7e:cc:a5:9c:c8:ad:db:0a:d1:
         3d:6b:05:31:57:1c:45:eb:9d:e0:dc:e9:ee:9f:d4:c1:ab:0d:
         84:ca:ae:aa
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgIURLQ0rX7IIwaX8TQAtfsH1XdavAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA3MTYwOTM4MzBaFw0yNzA3MTUwOTQzMzBaMDMxMTAvBgNV
BAMTKDVCMjI3RkY1NjYxMzVGMjE4MEE1OUI5OTJFNzI1NDVGQTZFQTQxRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBcLXG5oiAsWOQjsRxNg8HlTX6
5S3OGcYG9BtpJGnEkggq1TZAKOqXfoD/ru308W/rlxFa16rM/HA209INf3/c2bh5
8lANOfuZelPFLAlGJPuZ0+6ULRsbibdbG2rIR0C0qb1ZfVK5blpqtRZCjVTq+csA
bDZg54GBL0w1p+le21qg74+8/JULoN6ln/LXMWAHkTFpoDthYxreTp0jW9GgNZnm
FmGJR47P9XyUCP/dJSeWRTMyvgpOCLQF7/Ew5Ntky78b0TXk/ZdrHvTW2pH7YVJC
ZrGHKgB0WWSfODSSJ6QNLBEsS29G2xVmCiUvi64d7qeHqpivi6YbA2ColPJLAgMB
AAGjggK9MIICuTAdBgNVHQ4EFgQUWyJ/9WYTXyGApZuZLnJUX6bqQf0wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgABMIG2AwQA
M5I5AwQAM5I7AwQAM5JAAwQAM5KZMAwDBAAzkpsDBAAzkpwDBAAzkp4DBAAzkrsD
BAAzkr4DBAAzwiYDBAIzwkgDBAAzwk8DBAAzwlYDBAAzwo8DBAAzwsgDBAAz8bsD
BABOaWQDBABOaWYDBABOab0DBABOackDBABOadQDBABOad8DBABOaesDBAC83KYD
BAC83RMDBAK83awDBAC83bkDBAC83cIDBAC83dkDBAC83f8wDQYJKoZIhvcNAQEL
BQADggEBAJ8+1LIoG5tZgyF0+6dwbA8Y4w5r7V2Z5Lu7KS1zD6TfHVcVvHxD8qzi
vLfc4b0JLj2XqgqdEJiREftmm028prSA/h3uWw8XE+IuufRMeEwZuy/7prsRkfq8
fBQ/rKuuM8U0BSfriwlgZCU+63aVnovlsu2UgGZt7CLtKcT6G64h/szuVzDJ5154
M+PB3J5lgf/Cy2biJWNxIdtMDf8px1vdW5jM3UKvacoLmaUgOcigztIAN5A3hp4L
A0VUCmM2F/roJVJCIvM+RBh38ZFLKbswPT6OWGkQDmF7gq6rPZpp/n7MpZzIrdsK
0T1rBTFXHEXrneDc6e6f1MGrDYTKrqo=
-----END CERTIFICATE-----
Generated at Sun Jul 19 14:53:22 2026 by rpki-client