Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: r6SiIY9Ozn6qBswPymSPFmycVABzQEfVSlrgesKe9aE=
Subject key identifier: 32:52:9B:6D:6D:3F:04:52:05:F6:D0:72:44:CD:F2:50:90:84:EB:64
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6328F225EFBE2D31D02F6E7AFB7A2F9F4B67B16F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
Signing time: Fri 28 Mar 2025 11:06:48 +0000
ROA not before: Fri 28 Mar 2025 11:01:48 +0000
ROA not after: Fri 27 Mar 2026 11:06:48 +0000
asID: 5511
IP address blocks: 46.202.3.0/24 maxlen: 24
46.202.34.0/24 maxlen: 24
46.202.38.0/24 maxlen: 24
46.202.42.0/24 maxlen: 24
46.202.55.0/24 maxlen: 24
46.202.58.0/24 maxlen: 24
46.202.65.0/24 maxlen: 24
46.203.1.0/24 maxlen: 24
46.203.4.0/24 maxlen: 24
46.203.15.0/24 maxlen: 24
46.203.20.0/24 maxlen: 24
46.203.30.0/24 maxlen: 24
46.203.41.0/24 maxlen: 24
46.203.42.0/24 maxlen: 24
46.203.53.0/24 maxlen: 24
46.203.60.0/24 maxlen: 24
46.203.76.0/24 maxlen: 24
46.203.82.0/24 maxlen: 24
46.203.86.0/24 maxlen: 24
46.203.144.0/24 maxlen: 24
46.203.184.0/24 maxlen: 24
91.124.164.0/22 maxlen: 22
91.124.244.0/22 maxlen: 24
91.124.248.0/22 maxlen: 24
92.112.0.0/24 maxlen: 24
92.112.12.0/24 maxlen: 24
92.112.130.0/24 maxlen: 24
92.112.159.0/24 maxlen: 24
95.135.44.0/22 maxlen: 22
95.135.88.0/22 maxlen: 22
95.135.182.0/24 maxlen: 24
95.135.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:28:f2:25:ef:be:2d:31:d0:2f:6e:7a:fb:7a:2f:9f:4b:67:b1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 28 11:01:48 2025 GMT
Not After : Mar 27 11:06:48 2026 GMT
Subject: CN=32529B6D6D3F045205F6D07244CDF2509084EB64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4b:46:db:d7:21:6e:6b:7c:31:c9:7e:ad:52:
6c:b0:23:d0:d6:a2:b4:52:19:44:88:17:98:fc:e3:
f7:0b:5e:8c:c7:7a:25:80:ad:05:70:60:98:70:d4:
84:30:22:ef:b3:8d:a0:f7:7e:86:8e:01:44:64:1c:
d0:14:94:b6:e0:1f:72:0b:41:25:44:4c:e5:09:4d:
3d:77:28:f1:83:af:f6:93:a3:28:f1:81:55:0a:c9:
bf:3f:78:6e:3b:b4:68:60:7d:21:4b:86:64:07:74:
ff:7b:b5:93:07:88:4b:41:f0:ef:26:4b:30:bc:7f:
d2:7b:b9:42:b2:de:f9:6b:10:c6:90:6d:a1:7c:e4:
57:7d:9e:f9:44:6d:40:e9:2a:98:48:09:95:a8:d4:
cb:f3:bc:ea:e2:80:ad:32:46:6e:5f:fd:1e:38:a6:
33:15:12:ec:c2:ee:90:46:84:e1:cf:c2:c9:0f:fe:
94:25:a4:da:b6:f3:5a:e5:fa:27:f4:6f:b9:55:65:
1b:8a:9f:33:29:ef:62:2f:19:74:fc:92:0d:6d:86:
03:5b:2a:af:63:25:54:3c:61:a3:cb:42:5d:dc:ca:
64:e4:73:2c:a1:3e:9c:68:f7:8d:9d:63:d8:40:50:
3f:6e:d8:a6:d8:71:e8:7c:3b:68:a5:bf:a6:c7:24:
63:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:52:9B:6D:6D:3F:04:52:05:F6:D0:72:44:CD:F2:50:90:84:EB:64
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.3.0/24
46.202.34.0/24
46.202.38.0/24
46.202.42.0/24
46.202.55.0/24
46.202.58.0/24
46.202.65.0/24
46.203.1.0/24
46.203.4.0/24
46.203.15.0/24
46.203.20.0/24
46.203.30.0/24
46.203.41.0-46.203.42.255
46.203.53.0/24
46.203.60.0/24
46.203.76.0/24
46.203.82.0/24
46.203.86.0/24
46.203.144.0/24
46.203.184.0/24
91.124.164.0/22
91.124.244.0-91.124.251.255
92.112.0.0/24
92.112.12.0/24
92.112.130.0/24
92.112.159.0/24
95.135.44.0/22
95.135.88.0/22
95.135.182.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:0f:c4:8b:20:fe:2d:af:58:4c:3d:2e:38:03:d9:92:aa:52:
7b:ae:a5:32:6c:c7:fa:a6:ca:ce:53:c8:85:36:5b:91:09:d4:
78:f5:a9:69:ba:f6:35:c6:13:40:1f:fb:be:69:02:cf:02:23:
4b:91:c0:76:75:ef:3b:38:12:06:10:f6:ca:68:7e:5b:70:51:
2d:71:8b:52:aa:72:9b:21:6f:25:37:bb:7c:f2:ac:e4:dd:b6:
78:82:7d:22:de:45:b8:ee:0b:fb:e7:d6:8e:d4:d7:d1:2a:22:
4e:cd:19:72:0d:1e:44:b8:22:10:f5:fd:a6:3f:4a:77:39:73:
87:72:2d:96:2c:7c:57:c2:d2:8c:5d:c6:da:6b:b8:10:73:ad:
b3:0e:d1:78:80:b1:a9:3b:c5:a6:93:1c:50:0f:11:90:e1:1c:
a3:55:05:20:26:10:7b:ee:8a:6e:5d:30:b3:ea:71:4a:e3:da:
63:19:10:d1:96:72:37:81:65:ec:06:2a:45:06:f2:78:48:96:
2f:e2:25:d8:cf:7f:03:82:4b:6d:81:29:88:c0:30:dc:57:ef:
5d:42:bf:49:48:39:b9:85:42:d3:62:90:4e:98:ab:d4:d2:ba:
a7:dd:6f:73:85:62:93:ab:53:5c:30:c7:a8:7e:ef:97:68:c4:
5f:4c:cb:3f
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUYyjyJe++LTHQL256+3ovn0tnsW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMjgxMTAxNDhaFw0yNjAzMjcxMTA2NDhaMDMxMTAvBgNV
BAMTKDMyNTI5QjZENkQzRjA0NTIwNUY2RDA3MjQ0Q0RGMjUwOTA4NEVCNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkS0bb1yFua3wxyX6tUmywI9DW
orRSGUSIF5j84/cLXozHeiWArQVwYJhw1IQwIu+zjaD3foaOAURkHNAUlLbgH3IL
QSVETOUJTT13KPGDr/aToyjxgVUKyb8/eG47tGhgfSFLhmQHdP97tZMHiEtB8O8m
SzC8f9J7uUKy3vlrEMaQbaF85Fd9nvlEbUDpKphICZWo1MvzvOrigK0yRm5f/R44
pjMVEuzC7pBGhOHPwskP/pQlpNq281rl+if0b7lVZRuKnzMp72IvGXT8kg1thgNb
Kq9jJVQ8YaPLQl3cymTkcyyhPpxo942dY9hAUD9u2KbYceh8O2ilv6bHJGOJAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUMlKbbW0/BFIF9tByRM3yUJCE62QwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB2wYIKwYBBQUHAQcBAf8EgcswgcgwgcUEAgABMIG+AwQA
LsoDAwQALsoiAwQALsomAwQALsoqAwQALso3AwQALso6AwQALspBAwQALssBAwQA
LssEAwQALssPAwQALssUAwQALsseMAwDBAAuyykDBAAuyyoDBAAuyzUDBAAuyzwD
BAAuy0wDBAAuy1IDBAAuy1YDBAAuy5ADBAAuy7gDBAJbfKQwDAMEAlt89AMEAlt8
+AMEAFxwAAMEAFxwDAMEAFxwggMEAFxwnwMEAl+HLAMEAl+HWAMEAV+HtjANBgkq
hkiG9w0BAQsFAAOCAQEADw/EiyD+La9YTD0uOAPZkqpSe66lMmzH+qbKzlPIhTZb
kQnUePWpabr2NcYTQB/7vmkCzwIjS5HAdnXvOzgSBhD2ymh+W3BRLXGLUqpymyFv
JTe7fPKs5N22eIJ9It5FuO4L++fWjtTX0SoiTs0Zcg0eRLgiEPX9pj9Kdzlzh3It
lix8V8LSjF3G2mu4EHOtsw7ReICxqTvFppMcUA8RkOEco1UFICYQe+6Kbl0ws+px
SuPaYxkQ0ZZyN4Fl7AYqRQbyeEiWL+Il2M9/A4JLbYEpiMAw3FfvXUK/SUg5uYVC
02KQTpir1NK6p91vc4Vik6tTXDDHqH7vl2jEX0zLPw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:21 2025 by rpki-client