Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: BE1fGKufX2YRLIxbsgUeC880Vp5tUmSl6eeFQkSKivg=
Subject key identifier: 36:C9:45:93:77:8C:D5:02:92:BE:8F:13:EC:07:62:F6:83:7B:C8:46
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5410A41361C4C8393DC428E8FAC2E0BAE29DB824
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Sat 21 Jun 2025 00:01:58 +0000
ROA not before: Fri 20 Jun 2025 23:56:58 +0000
ROA not after: Sat 20 Jun 2026 00:01:58 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.86.0/24 maxlen: 24
82.22.96.0/24 maxlen: 24
82.22.111.0/24 maxlen: 24
82.22.114.0/24 maxlen: 24
82.22.120.0/24 maxlen: 24
82.22.121.0/24 maxlen: 24
82.22.122.0/24 maxlen: 24
82.22.123.0/24 maxlen: 24
82.22.141.0/24 maxlen: 24
82.22.144.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.23.3.0/24 maxlen: 24
82.23.4.0/24 maxlen: 24
82.23.5.0/24 maxlen: 24
82.23.6.0/24 maxlen: 24
82.23.15.0/24 maxlen: 24
82.23.44.0/24 maxlen: 24
82.23.45.0/24 maxlen: 24
82.23.46.0/24 maxlen: 24
82.23.47.0/24 maxlen: 24
82.23.48.0/24 maxlen: 24
82.23.50.0/24 maxlen: 24
82.23.51.0/24 maxlen: 24
82.23.52.0/24 maxlen: 24
82.23.53.0/24 maxlen: 24
82.23.55.0/24 maxlen: 24
82.23.56.0/24 maxlen: 24
82.23.57.0/24 maxlen: 24
82.23.58.0/24 maxlen: 24
82.23.61.0/24 maxlen: 24
82.23.62.0/24 maxlen: 24
82.23.63.0/24 maxlen: 24
82.23.64.0/24 maxlen: 24
82.23.69.0/24 maxlen: 24
82.23.74.0/24 maxlen: 24
82.23.79.0/24 maxlen: 24
82.23.123.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.24.26.0/24 maxlen: 24
82.24.63.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.26.83.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
82.27.20.0/24 maxlen: 24
82.27.101.0/24 maxlen: 24
82.27.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:10:a4:13:61:c4:c8:39:3d:c4:28:e8:fa:c2:e0:ba:e2:9d:b8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 20 23:56:58 2025 GMT
Not After : Jun 20 00:01:58 2026 GMT
Subject: CN=36C94593778CD50292BE8F13EC0762F6837BC846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:04:e4:31:28:44:cb:d1:14:49:9b:0d:82:3e:
bf:da:09:b0:d9:d0:ac:76:96:7f:0d:c9:5a:72:a9:
a3:e0:01:24:71:af:59:79:c4:05:f2:d4:2a:80:16:
b0:18:b9:32:06:b9:29:65:19:ae:46:ab:87:53:61:
8e:54:fc:87:de:f7:43:61:13:38:3c:1e:1d:81:68:
69:f9:71:47:c4:d4:c4:e9:36:3b:f8:3d:32:26:02:
2b:5b:fc:30:7c:30:f0:ef:db:93:c8:18:21:a7:7f:
a6:0c:48:c2:60:e1:62:f2:0c:74:60:c3:11:cf:e0:
75:9d:41:9f:0f:c8:b0:92:a4:5e:3d:62:8b:44:0b:
1c:be:7b:90:47:e0:17:3a:b4:19:93:44:37:00:f8:
41:46:46:28:aa:f9:2a:9f:39:f7:07:65:23:85:1b:
b3:38:4e:74:a4:fe:48:1a:b2:c9:4f:0c:42:e1:a2:
ed:01:27:81:16:70:d6:67:18:b3:08:fa:5e:13:db:
cf:6d:da:61:04:71:b8:92:5b:8a:10:d1:2a:51:49:
f4:54:a6:b6:8a:52:37:6a:1a:85:be:74:45:26:db:
a3:de:5a:31:bd:74:53:74:4a:f4:2a:1c:8d:74:e4:
5d:d5:4a:ff:4d:63:89:92:c1:78:29:3b:65:13:58:
8b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C9:45:93:77:8C:D5:02:92:BE:8F:13:EC:07:62:F6:83:7B:C8:46
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.21.150.0/24
82.21.169.0/24
82.22.86.0/24
82.22.96.0/24
82.22.111.0/24
82.22.114.0/24
82.22.120.0/22
82.22.141.0/24
82.22.144.0/24
82.22.171.0/24
82.22.175.0/24
82.22.197.0/24
82.23.3.0-82.23.6.255
82.23.15.0/24
82.23.44.0-82.23.48.255
82.23.50.0-82.23.53.255
82.23.55.0-82.23.58.255
82.23.61.0-82.23.64.255
82.23.69.0/24
82.23.74.0/24
82.23.79.0/24
82.23.123.0/24
82.23.134.0/24
82.24.8.0/24
82.24.17.0/24
82.24.25.0-82.24.26.255
82.24.63.0/24
82.24.90.0/24
82.24.105.0/24
82.24.175.0/24
82.25.134.0/24
82.26.83.0/24
82.26.204.0/24
82.27.20.0/24
82.27.101.0/24
82.27.103.0/24
Signature Algorithm: sha256WithRSAEncryption
17:be:0d:76:c2:bc:93:4a:70:6e:3b:1c:bb:52:c2:dd:21:b5:
2d:db:6c:08:8f:9a:ec:95:7a:a2:f7:06:8f:70:a4:06:77:a9:
02:10:b4:8b:b8:59:8f:15:1a:e3:af:52:a7:8b:e7:6e:10:66:
93:7a:38:fc:d3:36:cd:d3:05:54:1e:8e:e5:a8:13:2e:84:ba:
82:83:27:ab:ae:95:de:b6:87:fc:04:2b:c4:6f:26:86:08:6b:
e2:87:09:d2:11:ee:37:fe:4a:f6:f5:40:07:73:72:f6:71:c3:
5f:e7:ee:50:85:db:11:6a:fd:37:b8:b2:71:94:1a:aa:cb:ae:
4c:a3:67:39:e3:29:31:9a:c4:c6:bb:3c:9b:c1:5c:ab:36:a6:
a1:8a:02:25:f4:e0:81:35:b5:97:5f:f2:0e:44:53:59:50:97:
07:cd:cc:e6:74:ed:30:ef:73:c4:b8:e0:0a:c9:21:67:96:b2:
1f:e2:c0:1e:de:36:70:76:a3:41:ea:be:2e:be:01:e7:d6:97:
2f:7c:e1:01:1f:5d:91:92:97:de:a9:b4:64:6b:05:da:fa:56:
b0:60:fa:93:31:58:c4:71:59:f5:d9:01:24:7c:eb:4f:23:9d:
20:e7:49:38:52:c6:4c:79:98:ca:d1:a6:a9:64:f6:62:f1:56:
22:43:b7:d0
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgIUVBCkE2HEyDk9xCjo+sLguuKduCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjAyMzU2NThaFw0yNjA2MjAwMDAxNThaMDMxMTAvBgNV
BAMTKDM2Qzk0NTkzNzc4Q0Q1MDI5MkJFOEYxM0VDMDc2MkY2ODM3QkM4NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiBOQxKETL0RRJmw2CPr/aCbDZ
0Kx2ln8NyVpyqaPgASRxr1l5xAXy1CqAFrAYuTIGuSllGa5Gq4dTYY5U/Ife90Nh
Ezg8Hh2BaGn5cUfE1MTpNjv4PTImAitb/DB8MPDv25PIGCGnf6YMSMJg4WLyDHRg
wxHP4HWdQZ8PyLCSpF49YotECxy+e5BH4Bc6tBmTRDcA+EFGRiiq+SqfOfcHZSOF
G7M4TnSk/kgasslPDELhou0BJ4EWcNZnGLMI+l4T289t2mEEcbiSW4oQ0SpRSfRU
praKUjdqGoW+dEUm26PeWjG9dFN0SvQqHI105F3VSv9NY4mSwXgpO2UTWItrAgMB
AAGjggMaMIIDFjAdBgNVHQ4EFgQUNslFk3eM1QKSvo8T7Adi9oN7yEYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAS8GCCsGAQUFBwEHAQH/BIIBHjCCARowggEWBAIAATCC
AQ4DBABSFV4DBABSFZYDBABSFakDBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJS
FngDBABSFo0DBABSFpADBABSFqsDBABSFq8DBABSFsUwDAMEAFIXAwMEAFIXBgME
AFIXDzAMAwQCUhcsAwQAUhcwMAwDBAFSFzIDBAFSFzQwDAMEAFIXNwMEAFIXOjAM
AwQAUhc9AwQAUhdAAwQAUhdFAwQAUhdKAwQAUhdPAwQAUhd7AwQAUheGAwQAUhgI
AwQAUhgRMAwDBABSGBkDBABSGBoDBABSGD8DBABSGFoDBABSGGkDBABSGK8DBABS
GYYDBABSGlMDBABSGswDBABSGxQDBABSG2UDBABSG2cwDQYJKoZIhvcNAQELBQAD
ggEBABe+DXbCvJNKcG47HLtSwt0htS3bbAiPmuyVeqL3Bo9wpAZ3qQIQtIu4WY8V
GuOvUqeL524QZpN6OPzTNs3TBVQejuWoEy6EuoKDJ6uuld62h/wEK8RvJoYIa+KH
CdIR7jf+Svb1QAdzcvZxw1/n7lCF2xFq/Te4snGUGqrLrkyjZznjKTGaxMa7PJvB
XKs2pqGKAiX04IE1tZdf8g5EU1lQlwfNzOZ07TDvc8S44ArJIWeWsh/iwB7eNnB2
o0Hqvi6+AefWly984QEfXZGSl96ptGRrBdr6VrBg+pMxWMRxWfXZASR8608jnSDn
SThSxkx5mMrRpqlk9mLxViJDt9A=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:48:54 2025 by rpki-client