Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: LnGrR1G4n2yjQR5Ebu+xWf6BOjsmEqxU7QX8Htuxn/Q=
Subject key identifier: E6:7D:62:30:6C:4E:D9:94:B3:79:D5:B2:80:D5:20:C2:91:54:06:94
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 63C4E3643C3972EFB48750131A6741AD842AAC60
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
Signing time: Sat 20 Sep 2025 00:06:01 +0000
ROA not before: Sat 20 Sep 2025 00:01:01 +0000
ROA not after: Sat 19 Sep 2026 00:06:01 +0000
asID: 5511
IP address blocks: 46.202.3.0/24 maxlen: 24
46.202.34.0/24 maxlen: 24
46.202.38.0/24 maxlen: 24
46.202.42.0/24 maxlen: 24
46.202.55.0/24 maxlen: 24
46.202.58.0/24 maxlen: 24
46.202.65.0/24 maxlen: 24
46.203.1.0/24 maxlen: 24
46.203.4.0/24 maxlen: 24
46.203.15.0/24 maxlen: 24
46.203.20.0/24 maxlen: 24
46.203.30.0/24 maxlen: 24
46.203.41.0/24 maxlen: 24
46.203.42.0/24 maxlen: 24
46.203.53.0/24 maxlen: 24
46.203.60.0/24 maxlen: 24
46.203.76.0/24 maxlen: 24
46.203.82.0/24 maxlen: 24
46.203.86.0/24 maxlen: 24
46.203.144.0/24 maxlen: 24
46.203.184.0/24 maxlen: 24
91.124.244.0/22 maxlen: 24
91.124.248.0/22 maxlen: 24
92.112.0.0/24 maxlen: 24
92.112.12.0/24 maxlen: 24
92.112.130.0/24 maxlen: 24
92.112.159.0/24 maxlen: 24
178.93.15.0/24 maxlen: 24
178.93.23.0/24 maxlen: 24
178.93.60.0/22 maxlen: 24
178.93.172.0/22 maxlen: 24
178.93.204.0/22 maxlen: 24
178.95.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:c4:e3:64:3c:39:72:ef:b4:87:50:13:1a:67:41:ad:84:2a:ac:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 20 00:01:01 2025 GMT
Not After : Sep 19 00:06:01 2026 GMT
Subject: CN=E67D62306C4ED994B379D5B280D520C291540694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:a0:48:ff:b3:86:b1:b2:94:87:e4:f3:5f:
e0:ac:f4:7e:5a:c9:38:f1:a3:68:c6:27:70:0a:cc:
11:bd:45:6a:25:13:42:8d:2a:23:d5:f6:68:68:93:
1e:b0:b2:96:21:da:49:47:61:47:a6:41:97:69:75:
2b:ec:61:66:aa:2a:a3:5c:33:3d:2c:65:9b:30:ff:
20:b5:c2:ee:bf:de:f8:1f:9d:7c:97:9a:64:5c:45:
e2:9c:3b:f5:6c:ff:c6:e2:58:17:c4:45:4e:36:13:
18:48:b0:1f:00:48:55:7d:e4:94:b4:ca:77:63:6e:
7a:16:bc:8e:ef:73:a2:22:09:94:e6:0d:e1:03:6d:
a1:86:86:ca:34:52:79:8e:ff:6f:b9:03:d4:64:a8:
ad:93:a3:c4:ff:e1:1f:0e:66:7d:1c:28:58:20:b3:
dd:8d:b7:d7:2c:88:7d:cc:45:90:95:1b:f4:63:2b:
17:d9:34:a6:44:42:75:54:f5:4a:73:9c:a5:33:1c:
70:86:07:d4:04:ef:a4:e6:a7:31:9a:44:75:08:d2:
23:05:a5:0a:0e:e0:b2:40:2d:48:f5:e9:cc:51:86:
cf:3a:56:da:bf:1f:f3:86:f2:db:5e:be:58:54:71:
40:96:31:77:4c:54:03:46:6f:a9:1e:60:ff:26:5b:
dd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7D:62:30:6C:4E:D9:94:B3:79:D5:B2:80:D5:20:C2:91:54:06:94
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.3.0/24
46.202.34.0/24
46.202.38.0/24
46.202.42.0/24
46.202.55.0/24
46.202.58.0/24
46.202.65.0/24
46.203.1.0/24
46.203.4.0/24
46.203.15.0/24
46.203.20.0/24
46.203.30.0/24
46.203.41.0-46.203.42.255
46.203.53.0/24
46.203.60.0/24
46.203.76.0/24
46.203.82.0/24
46.203.86.0/24
46.203.144.0/24
46.203.184.0/24
91.124.244.0-91.124.251.255
92.112.0.0/24
92.112.12.0/24
92.112.130.0/24
92.112.159.0/24
178.93.15.0/24
178.93.23.0/24
178.93.60.0/22
178.93.172.0/22
178.93.204.0/22
178.95.64.0/22
Signature Algorithm: sha256WithRSAEncryption
60:c2:97:37:0c:b8:21:68:51:7b:9f:16:e7:e6:6c:dc:b3:4f:
fc:5e:0a:03:b6:9b:ee:ec:1f:04:09:25:1a:f4:ec:ae:6f:c2:
6a:30:25:78:d0:e8:16:77:6f:ea:ab:a9:7e:57:cd:86:b4:40:
ce:05:3b:55:07:c9:45:e7:c3:e9:f4:b1:0e:87:e1:53:a4:80:
2c:33:1a:39:23:2e:08:60:3f:a9:7e:7e:b0:f1:5f:41:5b:b1:
20:c1:76:66:9e:ef:47:ab:7a:94:ff:1c:bb:c5:40:72:5d:31:
1d:8c:58:40:c8:d1:7c:ff:9f:c0:8d:1e:55:a2:5b:fd:1c:cf:
a4:df:af:12:e8:d2:e8:0d:f0:aa:a5:f8:17:5f:1a:84:61:ca:
0e:a2:f7:57:66:c0:12:9d:17:73:a8:da:bf:44:54:da:fc:5e:
32:f8:57:32:8c:47:02:b4:7d:84:48:ac:3f:dc:6b:75:8c:38:
91:18:0b:86:e1:2f:cf:ef:5f:cd:70:9b:1e:35:18:97:16:0a:
84:b8:5c:a4:c8:2a:52:c1:04:79:5e:f6:01:1d:e5:a7:20:a8:
4f:b8:8b:b4:bc:4e:2c:c4:0c:64:df:ac:fa:b1:41:46:6a:11:
31:ec:26:93:9d:78:59:5f:68:5f:e0:fe:3f:26:d5:9b:9f:6f:
a9:bf:95:37
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUY8TjZDw5cu+0h1ATGmdBrYQqrGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MjAwMDAxMDFaFw0yNjA5MTkwMDA2MDFaMDMxMTAvBgNV
BAMTKEU2N0Q2MjMwNkM0RUQ5OTRCMzc5RDVCMjgwRDUyMEMyOTE1NDA2OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwzaBI/7OGsbKUh+TzX+Cs9H5a
yTjxo2jGJ3AKzBG9RWolE0KNKiPV9mhokx6wspYh2klHYUemQZdpdSvsYWaqKqNc
Mz0sZZsw/yC1wu6/3vgfnXyXmmRcReKcO/Vs/8biWBfERU42ExhIsB8ASFV95JS0
yndjbnoWvI7vc6IiCZTmDeEDbaGGhso0UnmO/2+5A9RkqK2To8T/4R8OZn0cKFgg
s92Nt9csiH3MRZCVG/RjKxfZNKZEQnVU9UpznKUzHHCGB9QE76TmpzGaRHUI0iMF
pQoO4LJALUj16cxRhs86Vtq/H/OG8ttevlhUcUCWMXdMVANGb6keYP8mW92xAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQU5n1iMGxO2ZSzedWygNUgwpFUBpQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB5wYIKwYBBQUHAQcBAf8EgdcwgdQwgdEEAgABMIHKAwQA
LsoDAwQALsoiAwQALsomAwQALsoqAwQALso3AwQALso6AwQALspBAwQALssBAwQA
LssEAwQALssPAwQALssUAwQALsseMAwDBAAuyykDBAAuyyoDBAAuyzUDBAAuyzwD
BAAuy0wDBAAuy1IDBAAuy1YDBAAuy5ADBAAuy7gwDAMEAlt89AMEAlt8+AMEAFxw
AAMEAFxwDAMEAFxwggMEAFxwnwMEALJdDwMEALJdFwMEArJdPAMEArJdrAMEArJd
zAMEArJfQDANBgkqhkiG9w0BAQsFAAOCAQEAYMKXNwy4IWhRe58W5+Zs3LNP/F4K
A7ab7uwfBAklGvTsrm/CajAleNDoFndv6qupflfNhrRAzgU7VQfJRefD6fSxDofh
U6SALDMaOSMuCGA/qX5+sPFfQVuxIMF2Zp7vR6t6lP8cu8VAcl0xHYxYQMjRfP+f
wI0eVaJb/RzPpN+vEujS6A3wqqX4F18ahGHKDqL3V2bAEp0Xc6jav0RU2vxeMvhX
MoxHArR9hEisP9xrdYw4kRgLhuEvz+9fzXCbHjUYlxYKhLhcpMgqUsEEeV72AR3l
pyCoT7iLtLxOLMQMZN+s+rFBRmoRMewmk514WV9oX+D+PybVm59vqb+VNw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:33:32 2025 by rpki-client