Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: tty8xdQWQtMvH6Bzwldo1LXGa6xFGzuFayWuCB2P5QE=
Subject key identifier: E9:A2:63:2E:E6:73:8E:9C:75:7A:1E:C9:6F:07:79:D0:49:D7:DB:45
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0697F141447079411B7E84222EB6E9B4EC76BF0E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Tue 28 Jan 2025 13:40:27 +0000
ROA not before: Tue 28 Jan 2025 13:35:27 +0000
ROA not after: Tue 27 Jan 2026 13:40:27 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:97:f1:41:44:70:79:41:1b:7e:84:22:2e:b6:e9:b4:ec:76:bf:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 28 13:35:27 2025 GMT
Not After : Jan 27 13:40:27 2026 GMT
Subject: CN=E9A2632EE6738E9C757A1EC96F0779D049D7DB45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:45:0e:1c:09:ae:b2:4f:83:d5:9f:ba:b2:f3:
41:ab:21:bb:1a:35:b6:83:1d:55:ad:3d:ea:58:00:
8a:4c:c1:35:67:a9:4b:f1:18:50:5b:50:d6:f1:31:
05:ae:72:cb:4a:e1:5c:b2:f3:6b:43:23:bb:68:23:
99:5f:de:1c:20:27:3b:7e:84:c1:9b:dc:fd:ef:52:
fa:b6:7f:64:40:95:32:32:16:b5:80:dd:b3:0e:01:
43:9e:9f:06:43:a2:75:ec:bf:e7:6c:6d:be:e7:07:
1e:0d:4d:82:9b:fd:ed:47:95:bf:d3:f3:a0:47:0c:
f1:a8:4b:52:54:54:5d:80:f2:5e:23:29:34:08:55:
d1:30:eb:e9:01:0f:8e:3d:77:74:43:11:83:f0:1c:
b5:f8:b4:56:fb:cf:f4:a8:29:8c:e7:f4:21:5c:b2:
07:dd:64:de:4b:b2:53:0a:c2:56:d2:c6:ae:dd:03:
4b:85:a0:fa:2a:87:94:9e:4a:fe:33:68:ff:1f:91:
4d:e9:d2:4c:09:53:01:b3:2f:82:86:3f:12:9f:84:
b5:75:89:32:47:76:fb:f8:cb:d8:dd:3c:b7:b1:87:
c6:9a:31:c9:75:66:27:70:52:39:d4:32:0f:85:7e:
30:c8:1e:cc:cf:6d:d3:b2:92:d3:29:21:3d:bd:74:
cd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A2:63:2E:E6:73:8E:9C:75:7A:1E:C9:6F:07:79:D0:49:D7:DB:45
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.22.197.0/24
82.24.90.0/24
82.25.134.0/24
82.26.204.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a5:ff:ac:3d:cc:73:1a:0f:58:04:f4:98:cf:76:e9:80:7f:
ef:7b:91:2f:5a:20:51:75:02:06:1b:07:70:49:53:1b:24:b6:
8d:11:08:23:8f:ff:15:ba:ae:58:d6:a8:bd:be:e9:5f:4f:04:
1a:c6:06:a6:aa:ab:2f:3c:1f:8a:4a:01:d5:0b:d5:db:d8:56:
3d:a9:54:67:94:06:e3:95:0a:ac:10:c6:cd:6a:da:dd:49:e4:
56:93:f2:57:b0:64:4a:54:e9:78:db:07:b0:01:69:95:83:92:
7f:3f:d0:fc:c3:77:fc:71:8c:bc:d0:64:d9:5c:48:88:fd:6f:
60:01:7d:59:5d:3d:8c:a4:cc:4e:34:98:fb:53:07:df:df:9b:
5b:3c:3e:0f:ca:15:66:19:bc:8b:84:51:01:dd:a0:33:f3:04:
39:68:28:b4:d1:9e:bf:40:d4:f9:72:72:c3:f6:8e:75:30:ec:
2c:69:27:fe:f6:6b:af:49:11:d0:7e:82:f0:c5:4e:7d:22:cd:
33:2a:e2:e1:aa:c7:1e:2e:f5:3c:a7:fd:81:f6:90:4d:5f:64:
ca:93:da:fe:bc:39:50:e4:dc:20:fd:60:cd:f2:3f:5a:4a:37:
7d:df:8d:2e:f4:42:e7:f9:1c:96:c3:66:1e:75:de:5c:45:d6:
b2:5c:d6:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUBpfxQURweUEbfoQiLrbptOx2vw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjgxMzM1MjdaFw0yNjAxMjcxMzQwMjdaMDMxMTAvBgNV
BAMTKEU5QTI2MzJFRTY3MzhFOUM3NTdBMUVDOTZGMDc3OUQwNDlEN0RCNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmRQ4cCa6yT4PVn7qy80GrIbsa
NbaDHVWtPepYAIpMwTVnqUvxGFBbUNbxMQWucstK4Vyy82tDI7toI5lf3hwgJzt+
hMGb3P3vUvq2f2RAlTIyFrWA3bMOAUOenwZDonXsv+dsbb7nBx4NTYKb/e1Hlb/T
86BHDPGoS1JUVF2A8l4jKTQIVdEw6+kBD449d3RDEYPwHLX4tFb7z/SoKYzn9CFc
sgfdZN5LslMKwlbSxq7dA0uFoPoqh5SeSv4zaP8fkU3p0kwJUwGzL4KGPxKfhLV1
iTJHdvv4y9jdPLexh8aaMcl1ZidwUjnUMg+FfjDIHszPbdOyktMpIT29dM0tAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQU6aJjLuZzjpx1eh7Jbwd50EnX20UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFIVXgME
AFIWxQMEAFIYWgMEAFIZhgMEAFIazDANBgkqhkiG9w0BAQsFAAOCAQEAMaX/rD3M
cxoPWAT0mM926YB/73uRL1ogUXUCBhsHcElTGyS2jREII4//FbquWNaovb7pX08E
GsYGpqqrLzwfikoB1QvV29hWPalUZ5QG45UKrBDGzWra3UnkVpPyV7BkSlTpeNsH
sAFplYOSfz/Q/MN3/HGMvNBk2VxIiP1vYAF9WV09jKTMTjSY+1MH39+bWzw+D8oV
Zhm8i4RRAd2gM/MEOWgotNGev0DU+XJyw/aOdTDsLGkn/vZrr0kR0H6C8MVOfSLN
Myri4arHHi71PKf9gfaQTV9kypPa/rw5UOTcIP1gzfI/Wko3fd+NLvRC5/kclsNm
HnXeXEXWslzWRQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:52 2025 by rpki-client