Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File:                     AS5511.roa (raw, json)
Hash identifier:          niazrRzOJd4m58a6Gm7TgJ6JQiFi/rvATID4BMJJ0Yc=
Subject key identifier:   C9:68:AE:B3:93:2A:3D:7B:6D:BE:53:23:09:7E:D9:B5:1F:CA:DA:9A
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       2FA0E64E76E30A4E7FA23C85CA624E2A364E2AFF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time:             Sun 28 Jun 2026 09:05:28 +0000
ROA not before:           Sun 28 Jun 2026 09:00:28 +0000
ROA not after:            Sun 27 Jun 2027 09:05:28 +0000
asID:                     5511
IP address blocks:        82.21.94.0/24 maxlen: 24
                          82.22.86.0/24 maxlen: 24
                          82.22.96.0/24 maxlen: 24
                          82.22.111.0/24 maxlen: 24
                          82.22.114.0/24 maxlen: 24
                          82.22.120.0/24 maxlen: 24
                          82.22.121.0/24 maxlen: 24
                          82.22.122.0/24 maxlen: 24
                          82.22.123.0/24 maxlen: 24
                          82.22.141.0/24 maxlen: 24
                          82.22.144.0/24 maxlen: 24
                          82.22.197.0/24 maxlen: 24
                          82.23.3.0/24 maxlen: 24
                          82.23.4.0/24 maxlen: 24
                          82.23.5.0/24 maxlen: 24
                          82.23.6.0/24 maxlen: 24
                          82.23.15.0/24 maxlen: 24
                          82.23.44.0/24 maxlen: 24
                          82.23.45.0/24 maxlen: 24
                          82.23.46.0/24 maxlen: 24
                          82.23.47.0/24 maxlen: 24
                          82.23.48.0/24 maxlen: 24
                          82.23.50.0/24 maxlen: 24
                          82.23.51.0/24 maxlen: 24
                          82.23.52.0/24 maxlen: 24
                          82.23.53.0/24 maxlen: 24
                          82.23.55.0/24 maxlen: 24
                          82.23.56.0/24 maxlen: 24
                          82.23.57.0/24 maxlen: 24
                          82.23.58.0/24 maxlen: 24
                          82.23.61.0/24 maxlen: 24
                          82.23.62.0/24 maxlen: 24
                          82.23.63.0/24 maxlen: 24
                          82.23.64.0/24 maxlen: 24
                          82.23.69.0/24 maxlen: 24
                          82.23.74.0/24 maxlen: 24
                          82.23.79.0/24 maxlen: 24
                          82.23.123.0/24 maxlen: 24
                          82.24.17.0/24 maxlen: 24
                          82.24.26.0/24 maxlen: 24
                          82.24.63.0/24 maxlen: 24
                          82.24.90.0/24 maxlen: 24
                          82.24.175.0/24 maxlen: 24
                          82.24.244.0/24 maxlen: 24
                          82.24.246.0/24 maxlen: 24
                          82.25.134.0/24 maxlen: 24
                          82.25.244.0/24 maxlen: 24
                          82.25.246.0/24 maxlen: 24
                          82.26.83.0/24 maxlen: 24
                          82.26.204.0/24 maxlen: 24
                          82.26.244.0/24 maxlen: 24
                          82.27.20.0/24 maxlen: 24
                          82.27.101.0/24 maxlen: 24
                          82.27.103.0/24 maxlen: 24
                          84.75.0.0/24 maxlen: 24
                          84.75.17.0/24 maxlen: 24
                          84.75.26.0/24 maxlen: 24
                          84.75.35.0/24 maxlen: 24
                          84.75.92.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:a0:e6:4e:76:e3:0a:4e:7f:a2:3c:85:ca:62:4e:2a:36:4e:2a:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 28 09:00:28 2026 GMT
            Not After : Jun 27 09:05:28 2027 GMT
        Subject: CN=C968AEB3932A3D7B6DBE5323097ED9B51FCADA9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:0d:fa:0a:b0:d5:df:36:27:93:b0:3a:27:41:
                    35:a6:b9:2c:3a:65:ba:f3:62:b8:14:65:7e:8a:42:
                    aa:a1:ca:be:08:2c:4b:84:c4:0e:cb:3e:0e:03:7c:
                    50:5d:86:b2:57:8b:f2:63:be:52:77:bf:72:51:76:
                    ce:01:eb:4a:2d:4e:e3:73:2e:19:74:17:52:9a:ea:
                    0d:d9:f9:64:14:9a:98:1a:b8:1a:cd:71:e0:5e:1f:
                    17:a3:c6:e0:56:05:c0:b3:83:c1:19:3d:43:db:78:
                    8d:e3:72:07:f7:06:22:75:40:16:08:34:c2:07:13:
                    76:76:b0:7e:9c:ed:72:f7:f9:62:03:d2:fc:9d:ca:
                    2c:29:7f:da:01:99:27:df:01:0b:a6:a2:36:6d:9b:
                    75:49:c0:b0:9c:8b:02:bd:6e:d4:4f:01:e3:3e:0b:
                    86:22:0f:59:d8:b7:85:e4:04:54:c0:b7:58:47:1d:
                    f1:a6:7a:46:e2:91:22:7d:07:6e:f3:70:24:1d:78:
                    5c:06:83:de:e6:b4:98:b4:3a:f8:05:53:18:28:77:
                    49:d5:73:92:61:de:6c:f8:ea:49:3c:cf:6d:a4:6a:
                    6a:19:71:cb:51:d7:f1:0a:30:48:ef:a3:64:6d:96:
                    41:fb:91:3f:f1:2c:d4:f4:ac:1a:da:f8:72:b4:33:
                    01:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:68:AE:B3:93:2A:3D:7B:6D:BE:53:23:09:7E:D9:B5:1F:CA:DA:9A
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.94.0/24
                  82.22.86.0/24
                  82.22.96.0/24
                  82.22.111.0/24
                  82.22.114.0/24
                  82.22.120.0/22
                  82.22.141.0/24
                  82.22.144.0/24
                  82.22.197.0/24
                  82.23.3.0-82.23.6.255
                  82.23.15.0/24
                  82.23.44.0-82.23.48.255
                  82.23.50.0-82.23.53.255
                  82.23.55.0-82.23.58.255
                  82.23.61.0-82.23.64.255
                  82.23.69.0/24
                  82.23.74.0/24
                  82.23.79.0/24
                  82.23.123.0/24
                  82.24.17.0/24
                  82.24.26.0/24
                  82.24.63.0/24
                  82.24.90.0/24
                  82.24.175.0/24
                  82.24.244.0/24
                  82.24.246.0/24
                  82.25.134.0/24
                  82.25.244.0/24
                  82.25.246.0/24
                  82.26.83.0/24
                  82.26.204.0/24
                  82.26.244.0/24
                  82.27.20.0/24
                  82.27.101.0/24
                  82.27.103.0/24
                  84.75.0.0/24
                  84.75.17.0/24
                  84.75.26.0/24
                  84.75.35.0/24
                  84.75.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:f0:84:e6:11:e1:1b:3a:d6:31:72:6c:d6:c8:e9:92:39:41:
         ff:bc:4d:56:b5:eb:65:26:cf:4a:e7:be:7d:0e:09:0d:81:3e:
         03:17:e4:33:e3:1c:d8:bd:a5:02:d9:46:b5:1c:8d:4c:93:64:
         6d:f7:41:96:d9:8d:ef:43:d5:86:14:12:ce:e2:be:a3:d1:ab:
         5f:60:0e:b2:f2:69:61:f1:88:78:b6:fa:f3:ac:60:2a:2e:c1:
         da:9a:38:e3:67:b6:b9:fc:62:3b:ca:44:62:6a:37:c6:27:d5:
         64:0e:98:40:d7:b7:ad:8e:8c:60:20:4d:f1:b4:b7:7a:04:50:
         80:77:67:65:8a:a9:8f:e5:c9:7f:51:ff:bc:a1:a1:c5:7b:bf:
         48:d1:6b:bd:57:e3:8c:e9:5a:a4:ab:29:d4:48:15:3b:9a:ed:
         2a:51:50:fa:5b:26:6e:22:16:1d:60:35:d9:ec:c3:cb:71:55:
         c5:e9:b1:0c:83:db:68:32:3f:35:10:3d:92:6c:f6:b0:db:bb:
         36:f5:a6:cd:03:5a:8a:8d:f6:98:4a:03:55:a9:84:d0:1a:0e:
         2f:43:aa:d2:9a:d7:db:51:ca:71:0f:e1:ff:12:ea:41:c9:db:
         6b:c2:0e:ca:23:61:0d:16:62:07:8c:2f:a6:e3:bb:0b:5d:92:
         b0:b5:c7:5b
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIUL6DmTnbjCk5/ojyFymJOKjZOKv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjgwOTAwMjhaFw0yNzA2MjcwOTA1MjhaMDMxMTAvBgNV
BAMTKEM5NjhBRUIzOTMyQTNEN0I2REJFNTMyMzA5N0VEOUI1MUZDQURBOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKDfoKsNXfNieTsDonQTWmuSw6
ZbrzYrgUZX6KQqqhyr4ILEuExA7LPg4DfFBdhrJXi/JjvlJ3v3JRds4B60otTuNz
Lhl0F1Ka6g3Z+WQUmpgauBrNceBeHxejxuBWBcCzg8EZPUPbeI3jcgf3BiJ1QBYI
NMIHE3Z2sH6c7XL3+WID0vydyiwpf9oBmSffAQumojZtm3VJwLCciwK9btRPAeM+
C4YiD1nYt4XkBFTAt1hHHfGmekbikSJ9B27zcCQdeFwGg97mtJi0OvgFUxgod0nV
c5Jh3mz46kk8z22kamoZcctR1/EKMEjvo2RtlkH7kT/xLNT0rBra+HK0MwHXAgMB
AAGjggMkMIIDIDAdBgNVHQ4EFgQUyWius5MqPXttvlMjCX7ZtR/K2powHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATkGCCsGAQUFBwEHAQH/BIIBKDCCASQwggEgBAIAATCC
ARgDBABSFV4DBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJSFngDBABSFo0DBABS
FpADBABSFsUwDAMEAFIXAwMEAFIXBgMEAFIXDzAMAwQCUhcsAwQAUhcwMAwDBAFS
FzIDBAFSFzQwDAMEAFIXNwMEAFIXOjAMAwQAUhc9AwQAUhdAAwQAUhdFAwQAUhdK
AwQAUhdPAwQAUhd7AwQAUhgRAwQAUhgaAwQAUhg/AwQAUhhaAwQAUhivAwQAUhj0
AwQAUhj2AwQAUhmGAwQAUhn0AwQAUhn2AwQAUhpTAwQAUhrMAwQAUhr0AwQAUhsU
AwQAUhtlAwQAUhtnAwQAVEsAAwQAVEsRAwQAVEsaAwQAVEsjAwQAVEtcMA0GCSqG
SIb3DQEBCwUAA4IBAQAm8ITmEeEbOtYxcmzWyOmSOUH/vE1WtetlJs9K5759DgkN
gT4DF+Qz4xzYvaUC2Ua1HI1Mk2Rt90GW2Y3vQ9WGFBLO4r6j0atfYA6y8mlh8Yh4
tvrzrGAqLsHamjjjZ7a5/GI7ykRiajfGJ9VkDphA17etjoxgIE3xtLd6BFCAd2dl
iqmP5cl/Uf+8oaHFe79I0Wu9V+OM6VqkqynUSBU7mu0qUVD6WyZuIhYdYDXZ7MPL
cVXF6bEMg9toMj81ED2SbPaw27s29abNA1qKjfaYSgNVqYTQGg4vQ6rSmtfbUcpx
D+H/EupBydtrwg7KI2ENFmIHjC+m47sLXZKwtcdb
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:06:32 2026 by rpki-client