Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: bM8RcUAWXUa6YhXwfaKRqWYWkC7md4REG9YG7Yua7VU=
Subject key identifier: A8:7B:37:D6:4A:1F:B8:68:73:D2:3D:C9:EF:6A:83:5D:DB:7F:96:8A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7FEBC887F3AF87A7414778769B47FB11956B4716
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Sat 27 Sep 2025 00:02:03 +0000
ROA not before: Fri 26 Sep 2025 23:57:03 +0000
ROA not after: Sat 26 Sep 2026 00:02:03 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.86.0/24 maxlen: 24
82.22.96.0/24 maxlen: 24
82.22.111.0/24 maxlen: 24
82.22.114.0/24 maxlen: 24
82.22.120.0/24 maxlen: 24
82.22.121.0/24 maxlen: 24
82.22.122.0/24 maxlen: 24
82.22.123.0/24 maxlen: 24
82.22.141.0/24 maxlen: 24
82.22.144.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.23.3.0/24 maxlen: 24
82.23.4.0/24 maxlen: 24
82.23.5.0/24 maxlen: 24
82.23.6.0/24 maxlen: 24
82.23.15.0/24 maxlen: 24
82.23.44.0/24 maxlen: 24
82.23.45.0/24 maxlen: 24
82.23.46.0/24 maxlen: 24
82.23.47.0/24 maxlen: 24
82.23.48.0/24 maxlen: 24
82.23.50.0/24 maxlen: 24
82.23.51.0/24 maxlen: 24
82.23.52.0/24 maxlen: 24
82.23.53.0/24 maxlen: 24
82.23.55.0/24 maxlen: 24
82.23.56.0/24 maxlen: 24
82.23.57.0/24 maxlen: 24
82.23.58.0/24 maxlen: 24
82.23.61.0/24 maxlen: 24
82.23.62.0/24 maxlen: 24
82.23.63.0/24 maxlen: 24
82.23.64.0/24 maxlen: 24
82.23.69.0/24 maxlen: 24
82.23.74.0/24 maxlen: 24
82.23.79.0/24 maxlen: 24
82.23.123.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.26.0/24 maxlen: 24
82.24.63.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.246.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.25.246.0/24 maxlen: 24
82.26.83.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
82.27.20.0/24 maxlen: 24
82.27.101.0/24 maxlen: 24
82.27.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:eb:c8:87:f3:af:87:a7:41:47:78:76:9b:47:fb:11:95:6b:47:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 26 23:57:03 2025 GMT
Not After : Sep 26 00:02:03 2026 GMT
Subject: CN=A87B37D64A1FB86873D23DC9EF6A835DDB7F968A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ba:3e:05:f0:86:68:b9:b4:4a:49:ba:f1:09:
09:5d:d7:1b:ca:4b:30:d0:78:39:f8:43:4d:9e:f6:
f5:df:8c:17:45:ad:91:f3:7c:b7:da:9c:20:d8:11:
0e:9f:08:8a:f1:2c:df:30:4d:5a:bb:fa:fa:43:d1:
ca:14:05:14:5a:78:0d:e4:24:8e:0c:05:dd:98:06:
31:77:b3:10:6c:82:8a:cd:2e:11:17:18:5b:ea:a9:
e1:5b:10:7d:1e:7d:2e:77:3b:7b:fb:09:b7:8f:b8:
bd:e3:24:d6:04:5e:64:ef:05:66:f2:db:66:88:fe:
04:65:24:c3:bc:4a:5a:6d:00:aa:6a:ff:12:92:3b:
4b:86:b6:77:75:9e:51:ab:2f:5b:c7:26:08:2a:30:
15:72:16:d0:1a:7e:dc:a6:7c:a4:a7:10:84:b5:b4:
ba:fd:4b:8d:e4:8a:33:5e:1c:53:24:0d:1d:31:41:
86:aa:65:f6:02:e6:94:21:99:3b:47:dc:4b:df:1b:
57:d9:e0:c3:5b:52:1a:dc:5b:65:ac:09:90:a2:b6:
2a:12:63:e0:36:e6:0b:46:7d:c9:ff:f3:c7:86:77:
68:dd:4e:86:16:63:f8:4e:e0:e2:9f:b7:c6:9a:97:
ff:cc:d6:0a:a4:35:2c:a0:4a:4b:b1:d8:5e:eb:b9:
2d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7B:37:D6:4A:1F:B8:68:73:D2:3D:C9:EF:6A:83:5D:DB:7F:96:8A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.21.150.0/24
82.21.169.0/24
82.22.86.0/24
82.22.96.0/24
82.22.111.0/24
82.22.114.0/24
82.22.120.0/22
82.22.141.0/24
82.22.144.0/24
82.22.171.0/24
82.22.175.0/24
82.22.197.0/24
82.23.3.0-82.23.6.255
82.23.15.0/24
82.23.44.0-82.23.48.255
82.23.50.0-82.23.53.255
82.23.55.0-82.23.58.255
82.23.61.0-82.23.64.255
82.23.69.0/24
82.23.74.0/24
82.23.79.0/24
82.23.123.0/24
82.23.134.0/24
82.24.8.0/24
82.24.17.0/24
82.24.26.0/24
82.24.63.0/24
82.24.90.0/24
82.24.105.0/24
82.24.175.0/24
82.24.246.0/24
82.25.134.0/24
82.25.246.0/24
82.26.83.0/24
82.26.204.0/24
82.27.20.0/24
82.27.101.0/24
82.27.103.0/24
Signature Algorithm: sha256WithRSAEncryption
39:29:6f:80:3b:5c:ca:70:e3:14:f3:e5:ec:f4:2c:47:b1:e5:
eb:d3:1d:cf:b2:73:24:5b:10:ce:4c:e3:43:e0:0d:b5:e0:a5:
e5:61:fc:b1:b8:4c:1d:16:6a:92:ef:06:af:21:1c:c9:ab:a8:
b8:20:15:20:ff:e0:ec:d1:b6:a3:73:9c:1c:46:15:7c:a5:aa:
72:1f:7a:6d:25:59:63:ee:b1:9a:7e:c4:0a:06:6f:8b:16:86:
7c:1f:3c:08:47:d4:71:8c:2e:31:d2:24:2f:3c:fa:c9:e7:1e:
7b:80:67:55:75:19:33:2b:9e:d2:5f:40:8a:ab:cc:ce:e2:d5:
6d:68:34:ba:a1:cb:9b:99:53:e8:9d:0d:ed:f5:27:1a:da:c8:
ef:4a:85:4e:80:99:17:d8:43:d8:21:b9:e9:01:ef:db:2f:0d:
08:7e:e4:3a:ca:6c:29:f4:47:99:41:0b:3c:78:be:a1:b8:af:
36:00:4b:79:c7:ed:26:b0:d3:aa:31:9b:54:90:b9:9d:d8:0c:
e1:2b:94:3c:be:51:d6:92:cd:19:c5:86:49:d3:b1:c3:45:4b:
35:44:e1:17:49:99:0e:72:3b:82:95:b8:40:21:ab:2d:17:76:
f3:91:ef:14:01:46:26:39:09:2e:02:f3:08:ad:f8:a8:b7:04:
c6:ce:cf:bb
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgIUf+vIh/Ovh6dBR3h2m0f7EZVrRxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjYyMzU3MDNaFw0yNjA5MjYwMDAyMDNaMDMxMTAvBgNV
BAMTKEE4N0IzN0Q2NEExRkI4Njg3M0QyM0RDOUVGNkE4MzVEREI3Rjk2OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHuj4F8IZoubRKSbrxCQld1xvK
SzDQeDn4Q02e9vXfjBdFrZHzfLfanCDYEQ6fCIrxLN8wTVq7+vpD0coUBRRaeA3k
JI4MBd2YBjF3sxBsgorNLhEXGFvqqeFbEH0efS53O3v7CbePuL3jJNYEXmTvBWby
22aI/gRlJMO8SlptAKpq/xKSO0uGtnd1nlGrL1vHJggqMBVyFtAaftymfKSnEIS1
tLr9S43kijNeHFMkDR0xQYaqZfYC5pQhmTtH3EvfG1fZ4MNbUhrcW2WsCZCitioS
Y+A25gtGfcn/88eGd2jdToYWY/hO4OKft8aal//M1gqkNSygSkux2F7ruS1HAgMB
AAGjggMeMIIDGjAdBgNVHQ4EFgQUqHs31kofuGhz0j3J72qDXdt/loowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATMGCCsGAQUFBwEHAQH/BIIBIjCCAR4wggEaBAIAATCC
ARIDBABSFV4DBABSFZYDBABSFakDBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJS
FngDBABSFo0DBABSFpADBABSFqsDBABSFq8DBABSFsUwDAMEAFIXAwMEAFIXBgME
AFIXDzAMAwQCUhcsAwQAUhcwMAwDBAFSFzIDBAFSFzQwDAMEAFIXNwMEAFIXOjAM
AwQAUhc9AwQAUhdAAwQAUhdFAwQAUhdKAwQAUhdPAwQAUhd7AwQAUheGAwQAUhgI
AwQAUhgRAwQAUhgaAwQAUhg/AwQAUhhaAwQAUhhpAwQAUhivAwQAUhj2AwQAUhmG
AwQAUhn2AwQAUhpTAwQAUhrMAwQAUhsUAwQAUhtlAwQAUhtnMA0GCSqGSIb3DQEB
CwUAA4IBAQA5KW+AO1zKcOMU8+Xs9CxHseXr0x3PsnMkWxDOTOND4A214KXlYfyx
uEwdFmqS7wavIRzJq6i4IBUg/+Ds0bajc5wcRhV8papyH3ptJVlj7rGafsQKBm+L
FoZ8HzwIR9RxjC4x0iQvPPrJ5x57gGdVdRkzK57SX0CKq8zO4tVtaDS6ocubmVPo
nQ3t9Sca2sjvSoVOgJkX2EPYIbnpAe/bLw0IfuQ6ymwp9EeZQQs8eL6huK82AEt5
x+0msNOqMZtUkLmd2AzhK5Q8vlHWks0ZxYZJ07HDRUs1ROEXSZkOcjuClbhAIast
F3bzke8UAUYmOQkuAvMIrfiotwTGzs+7
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:58:07 2025 by rpki-client