Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: oUX2DrhDRVqFduegzVGJ8cdO7HW8dBKBzfare4EoU+s=
Subject key identifier: DF:0E:6A:BF:F7:CF:A8:E6:80:A8:C9:8B:6F:FB:9D:E1:69:31:D2:C9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 53B319994F59DE2276EC32D17BFF04316E707BBD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Wed 25 Mar 2026 14:42:05 +0000
ROA not before: Wed 25 Mar 2026 14:37:05 +0000
ROA not after: Wed 24 Mar 2027 14:42:05 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.22.86.0/24 maxlen: 24
82.22.96.0/24 maxlen: 24
82.22.111.0/24 maxlen: 24
82.22.114.0/24 maxlen: 24
82.22.120.0/24 maxlen: 24
82.22.121.0/24 maxlen: 24
82.22.122.0/24 maxlen: 24
82.22.123.0/24 maxlen: 24
82.22.141.0/24 maxlen: 24
82.22.144.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.23.3.0/24 maxlen: 24
82.23.4.0/24 maxlen: 24
82.23.5.0/24 maxlen: 24
82.23.6.0/24 maxlen: 24
82.23.15.0/24 maxlen: 24
82.23.44.0/24 maxlen: 24
82.23.45.0/24 maxlen: 24
82.23.46.0/24 maxlen: 24
82.23.47.0/24 maxlen: 24
82.23.48.0/24 maxlen: 24
82.23.50.0/24 maxlen: 24
82.23.51.0/24 maxlen: 24
82.23.52.0/24 maxlen: 24
82.23.53.0/24 maxlen: 24
82.23.55.0/24 maxlen: 24
82.23.56.0/24 maxlen: 24
82.23.57.0/24 maxlen: 24
82.23.58.0/24 maxlen: 24
82.23.61.0/24 maxlen: 24
82.23.62.0/24 maxlen: 24
82.23.63.0/24 maxlen: 24
82.23.64.0/24 maxlen: 24
82.23.69.0/24 maxlen: 24
82.23.74.0/24 maxlen: 24
82.23.79.0/24 maxlen: 24
82.23.123.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.26.0/24 maxlen: 24
82.24.63.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.244.0/24 maxlen: 24
82.24.246.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.25.244.0/24 maxlen: 24
82.25.246.0/24 maxlen: 24
82.26.83.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
82.26.244.0/24 maxlen: 24
82.27.20.0/24 maxlen: 24
82.27.101.0/24 maxlen: 24
82.27.103.0/24 maxlen: 24
84.75.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b3:19:99:4f:59:de:22:76:ec:32:d1:7b:ff:04:31:6e:70:7b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 14:37:05 2026 GMT
Not After : Mar 24 14:42:05 2027 GMT
Subject: CN=DF0E6ABFF7CFA8E680A8C98B6FFB9DE16931D2C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:37:5d:e0:a8:4d:4f:e8:93:18:61:b7:cb:41:
b3:7c:5e:e2:31:61:84:72:60:31:ab:a3:7d:59:76:
da:0e:ae:24:e4:1f:c4:f5:90:42:da:48:ce:7d:3b:
99:9a:c0:88:b6:7c:81:c7:0a:36:c3:c1:84:64:eb:
47:de:3a:8f:e5:aa:e1:15:07:8d:45:07:37:75:ee:
49:31:82:e3:2d:61:aa:b0:80:e3:9e:0a:8c:aa:e0:
38:b4:23:7b:fc:ad:4a:bf:bf:33:cc:65:e9:a8:61:
79:83:86:be:d8:7b:4b:f8:94:b6:2a:11:30:c7:8d:
53:be:c5:dc:e1:d2:03:f1:73:c0:2f:c0:9b:15:e1:
d3:32:41:f7:ef:69:dc:70:34:47:b9:3d:ad:64:6a:
9c:dc:c9:b6:76:a4:ca:2d:7c:88:1d:4c:09:db:ec:
96:c5:55:fa:8e:26:26:e4:65:0e:29:3e:67:9f:79:
ef:f3:40:45:45:b1:94:b5:c9:a0:13:4a:3d:53:c4:
1f:51:e8:de:05:89:3f:91:d8:0b:ec:45:cd:a1:03:
79:4b:ab:09:64:ab:53:f8:59:bf:db:00:d0:d1:83:
f1:9e:bc:44:ca:0d:d9:12:b5:0b:b1:b8:5a:11:d1:
fb:b4:ed:ca:af:d7:e1:e6:04:85:49:ab:37:58:7e:
2c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0E:6A:BF:F7:CF:A8:E6:80:A8:C9:8B:6F:FB:9D:E1:69:31:D2:C9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.22.86.0/24
82.22.96.0/24
82.22.111.0/24
82.22.114.0/24
82.22.120.0/22
82.22.141.0/24
82.22.144.0/24
82.22.197.0/24
82.23.3.0-82.23.6.255
82.23.15.0/24
82.23.44.0-82.23.48.255
82.23.50.0-82.23.53.255
82.23.55.0-82.23.58.255
82.23.61.0-82.23.64.255
82.23.69.0/24
82.23.74.0/24
82.23.79.0/24
82.23.123.0/24
82.24.17.0/24
82.24.26.0/24
82.24.63.0/24
82.24.90.0/24
82.24.175.0/24
82.24.244.0/24
82.24.246.0/24
82.25.134.0/24
82.25.244.0/24
82.25.246.0/24
82.26.83.0/24
82.26.204.0/24
82.26.244.0/24
82.27.20.0/24
82.27.101.0/24
82.27.103.0/24
84.75.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:d7:c9:41:c8:c3:45:54:c4:f9:78:f8:90:a3:5c:e1:b5:9d:
4c:1a:19:60:58:87:60:d9:82:82:a3:3c:55:c3:b8:51:46:d4:
8a:87:79:09:f7:25:76:d6:58:46:4c:df:b7:ab:75:c5:63:0d:
b0:2a:f5:6c:18:fb:7c:73:e0:73:d7:49:14:87:0c:a4:61:6b:
ce:28:de:62:b2:2e:c0:20:2f:84:68:23:73:4a:df:4c:a7:b9:
de:dc:10:75:51:fb:01:40:78:24:a6:39:8f:c1:4c:b2:0d:3a:
37:52:bc:f6:11:13:ba:5c:1b:42:f6:de:c9:8e:52:41:80:56:
13:f7:5b:d7:14:44:06:37:2b:6b:95:1b:80:fb:a0:2b:5a:2f:
fe:03:1a:21:48:82:a1:1c:58:ed:06:31:1e:5f:4b:e9:3f:a3:
7c:ff:ac:4d:c0:8a:3a:88:d1:8d:f6:26:50:d6:36:22:26:13:
9c:37:ac:ec:54:9a:10:c7:34:ce:d3:08:8c:e5:7d:5c:eb:68:
d7:e0:73:0d:15:83:be:da:ff:70:56:dc:9c:81:40:79:dd:67:
bd:ca:e3:36:62:8a:bb:42:4b:38:66:8d:67:23:b1:6e:5a:db:
d2:ab:3b:8d:91:74:7b:57:3c:26:d9:b6:e6:05:4f:0f:24:9e:
3a:63:55:d5
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgIUU7MZmU9Z3iJ27DLRe/8EMW5we70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjUxNDM3MDVaFw0yNzAzMjQxNDQyMDVaMDMxMTAvBgNV
BAMTKERGMEU2QUJGRjdDRkE4RTY4MEE4Qzk4QjZGRkI5REUxNjkzMUQyQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTN13gqE1P6JMYYbfLQbN8XuIx
YYRyYDGro31ZdtoOriTkH8T1kELaSM59O5mawIi2fIHHCjbDwYRk60feOo/lquEV
B41FBzd17kkxguMtYaqwgOOeCoyq4Di0I3v8rUq/vzPMZemoYXmDhr7Ye0v4lLYq
ETDHjVO+xdzh0gPxc8AvwJsV4dMyQffvadxwNEe5Pa1kapzcybZ2pMotfIgdTAnb
7JbFVfqOJibkZQ4pPmefee/zQEVFsZS1yaATSj1TxB9R6N4FiT+R2AvsRc2hA3lL
qwlkq1P4Wb/bANDRg/GevETKDdkStQuxuFoR0fu07cqv1+HmBIVJqzdYfiznAgMB
AAGjggMMMIIDCDAdBgNVHQ4EFgQU3w5qv/fPqOaAqMmLb/ud4Wkx0skwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASEGCCsGAQUFBwEHAQH/BIIBEDCCAQwwggEIBAIAATCC
AQADBABSFV4DBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJSFngDBABSFo0DBABS
FpADBABSFsUwDAMEAFIXAwMEAFIXBgMEAFIXDzAMAwQCUhcsAwQAUhcwMAwDBAFS
FzIDBAFSFzQwDAMEAFIXNwMEAFIXOjAMAwQAUhc9AwQAUhdAAwQAUhdFAwQAUhdK
AwQAUhdPAwQAUhd7AwQAUhgRAwQAUhgaAwQAUhg/AwQAUhhaAwQAUhivAwQAUhj0
AwQAUhj2AwQAUhmGAwQAUhn0AwQAUhn2AwQAUhpTAwQAUhrMAwQAUhr0AwQAUhsU
AwQAUhtlAwQAUhtnAwQAVEsAMA0GCSqGSIb3DQEBCwUAA4IBAQCm18lByMNFVMT5
ePiQo1zhtZ1MGhlgWIdg2YKCozxVw7hRRtSKh3kJ9yV21lhGTN+3q3XFYw2wKvVs
GPt8c+Bz10kUhwykYWvOKN5isi7AIC+EaCNzSt9Mp7ne3BB1UfsBQHgkpjmPwUyy
DTo3Urz2ERO6XBtC9t7JjlJBgFYT91vXFEQGNytrlRuA+6ArWi/+AxohSIKhHFjt
BjEeX0vpP6N8/6xNwIo6iNGN9iZQ1jYiJhOcN6zsVJoQxzTO0wiM5X1c62jX4HMN
FYO+2v9wVtycgUB53We9yuM2Yoq7Qks4Zo1nI7FuWtvSqzuNkXR7Vzwm2bbmBU8P
JJ46Y1XV
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:33:48 2026 by rpki-client