Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: PG77RHgNGF3V0bu33qVPaZ5XL7Ev55cqWGFKAdWKong=
Subject key identifier: 97:D7:DF:D9:FE:9D:95:68:43:13:5F:74:35:9F:FF:9D:68:BA:6F:82
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 783A727397B7BDC9EF0D32DEA9A6EB6B6B5239C5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
Signing time: Thu 14 Nov 2024 10:20:42 +0000
ROA not before: Thu 14 Nov 2024 10:15:42 +0000
ROA not after: Thu 13 Nov 2025 10:20:42 +0000
asID: 5511
IP address blocks: 46.203.1.0/24 maxlen: 24
46.203.4.0/24 maxlen: 24
46.203.15.0/24 maxlen: 24
46.203.20.0/24 maxlen: 24
46.203.30.0/24 maxlen: 24
46.203.41.0/24 maxlen: 24
46.203.42.0/24 maxlen: 24
46.203.53.0/24 maxlen: 24
46.203.60.0/24 maxlen: 24
46.203.76.0/24 maxlen: 24
46.203.82.0/24 maxlen: 24
46.203.86.0/24 maxlen: 24
91.124.244.0/22 maxlen: 24
91.124.248.0/22 maxlen: 24
92.112.0.0/24 maxlen: 24
92.112.12.0/24 maxlen: 24
92.112.130.0/24 maxlen: 24
92.112.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:3a:72:73:97:b7:bd:c9:ef:0d:32:de:a9:a6:eb:6b:6b:52:39:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 14 10:15:42 2024 GMT
Not After : Nov 13 10:20:42 2025 GMT
Subject: CN=97D7DFD9FE9D956843135F74359FFF9D68BA6F82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:02:75:57:9a:ef:97:0b:68:20:e2:01:19:de:
57:71:ca:43:76:79:40:dd:8d:b2:93:8d:d7:52:85:
cb:6a:6c:7a:0c:bd:9d:25:53:3e:a8:63:c7:35:64:
15:6d:8f:4f:8c:b9:23:3e:6b:4b:09:f3:4a:66:bd:
04:6b:da:12:4d:f8:b3:c4:50:b6:32:6e:b8:49:62:
b6:8b:31:a0:01:bd:b1:f8:3e:4f:b3:35:12:8e:42:
e7:d3:e7:42:7c:b5:45:e4:fd:03:58:36:77:2d:01:
e7:0d:7d:91:71:64:0c:27:59:11:6a:db:6c:87:6c:
65:a1:0e:ef:4f:e0:0d:68:cb:b2:75:e6:3e:05:66:
ca:19:22:c2:01:25:3a:10:77:05:25:e0:b1:a5:33:
4f:1a:c4:b3:1a:25:65:b2:a1:b7:1a:0a:cf:98:b9:
ce:a2:37:e0:2c:72:8a:61:f7:f7:28:f4:b5:99:55:
eb:c1:06:0d:91:41:52:51:08:f9:6a:36:d1:b3:d0:
5b:72:08:3c:eb:85:47:b6:67:5e:10:49:ab:1a:26:
23:fb:a7:8b:a0:f2:fd:b7:db:a3:f3:db:df:81:de:
e3:38:00:ee:fc:f5:12:54:83:80:ff:af:5f:38:f3:
0f:07:98:de:a4:c3:84:4b:3b:54:0b:b5:96:6a:79:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D7:DF:D9:FE:9D:95:68:43:13:5F:74:35:9F:FF:9D:68:BA:6F:82
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.1.0/24
46.203.4.0/24
46.203.15.0/24
46.203.20.0/24
46.203.30.0/24
46.203.41.0-46.203.42.255
46.203.53.0/24
46.203.60.0/24
46.203.76.0/24
46.203.82.0/24
46.203.86.0/24
91.124.244.0-91.124.251.255
92.112.0.0/24
92.112.12.0/24
92.112.130.0/24
92.112.159.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:b8:0d:6b:ad:c8:5a:c8:60:b0:d3:ef:38:37:df:f3:9e:0e:
ac:34:2b:cd:87:0d:46:5f:42:53:e9:19:d7:82:25:00:cd:33:
fa:f0:0f:9a:c0:72:74:ea:c4:7c:64:1d:84:f2:ec:47:92:5e:
bb:e7:23:ba:24:58:be:ef:ec:85:63:80:6c:3f:7d:1a:38:fe:
fb:a9:de:db:c3:73:9f:97:45:40:89:03:b1:5e:50:a6:aa:57:
5b:df:e5:71:3c:81:37:c5:cb:45:23:f5:7d:54:1f:d5:5d:98:
23:f5:9b:3e:f5:94:1f:13:f5:86:d0:a9:74:c9:19:1c:20:7c:
ab:a0:20:54:de:35:0a:ae:1d:b0:6b:ba:7b:cd:98:97:30:00:
1d:85:f6:97:2e:92:b4:d7:04:58:cc:2c:13:b3:93:b9:92:ff:
e3:72:58:de:19:81:02:72:e4:42:db:71:66:34:ed:0d:5f:8b:
3b:0d:57:64:1b:14:b6:de:05:1a:7c:f3:e1:e2:fa:fa:75:7a:
e7:6c:bb:0c:bc:52:05:ce:d7:fc:37:90:1c:30:e3:09:ba:6b:
bf:0b:c6:27:71:b2:54:53:87:39:5d:22:38:61:1e:ea:8d:55:
0c:40:93:da:d3:9a:63:37:b6:f5:8c:ad:7d:bf:09:ab:85:cc:
5c:60:3a:11
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUeDpyc5e3vcnvDTLeqabra2tSOcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMTQxMDE1NDJaFw0yNTExMTMxMDIwNDJaMDMxMTAvBgNV
BAMTKDk3RDdERkQ5RkU5RDk1Njg0MzEzNUY3NDM1OUZGRjlENjhCQTZGODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2AnVXmu+XC2gg4gEZ3ldxykN2
eUDdjbKTjddShctqbHoMvZ0lUz6oY8c1ZBVtj0+MuSM+a0sJ80pmvQRr2hJN+LPE
ULYybrhJYraLMaABvbH4Pk+zNRKOQufT50J8tUXk/QNYNnctAecNfZFxZAwnWRFq
22yHbGWhDu9P4A1oy7J15j4FZsoZIsIBJToQdwUl4LGlM08axLMaJWWyobcaCs+Y
uc6iN+Ascoph9/co9LWZVevBBg2RQVJRCPlqNtGz0FtyCDzrhUe2Z14QSasaJiP7
p4ug8v2326Pz29+B3uM4AO789RJUg4D/r1848w8HmN6kw4RLO1QLtZZqeShPAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQUl9ff2f6dlWhDE190NZ//nWi6b4IwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBiQYIKwYBBQUHAQcBAf8EejB4MHYEAgABMHADBAAuywED
BAAuywQDBAAuyw8DBAAuyxQDBAAuyx4wDAMEAC7LKQMEAC7LKgMEAC7LNQMEAC7L
PAMEAC7LTAMEAC7LUgMEAC7LVjAMAwQCW3z0AwQCW3z4AwQAXHAAAwQAXHAMAwQA
XHCCAwQAXHCfMA0GCSqGSIb3DQEBCwUAA4IBAQB8uA1rrchayGCw0+84N9/zng6s
NCvNhw1GX0JT6RnXgiUAzTP68A+awHJ06sR8ZB2E8uxHkl675yO6JFi+7+yFY4Bs
P30aOP77qd7bw3Ofl0VAiQOxXlCmqldb3+VxPIE3xctFI/V9VB/VXZgj9Zs+9ZQf
E/WG0Kl0yRkcIHyroCBU3jUKrh2wa7p7zZiXMAAdhfaXLpK01wRYzCwTs5O5kv/j
cljeGYECcuRC23FmNO0NX4s7DVdkGxS23gUafPPh4vr6dXrnbLsMvFIFztf8N5Ac
MOMJumu/C8YncbJUU4c5XSI4YR7qjVUMQJPa05pjN7b1jK19vwmrhcxcYDoR
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:09 2024 by rpki-client on console-fra.rpki-client.org