Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File: AS5511.roa (raw, json)
Hash identifier: rvvulr6xoCaj7tPiUiZNq+j5/p0N8bcVnW1vuYwnKt4=
Subject key identifier: 5D:E9:17:84:29:F7:BD:A5:74:F1:92:A5:2A:C7:33:92:98:6C:93:B7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 508DD4D75FB6E89E9A1D97492BC978FF693D36D3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time: Wed 13 May 2026 14:43:58 +0000
ROA not before: Wed 13 May 2026 14:38:58 +0000
ROA not after: Wed 12 May 2027 14:43:58 +0000
asID: 5511
IP address blocks: 82.21.94.0/24 maxlen: 24
82.22.86.0/24 maxlen: 24
82.22.96.0/24 maxlen: 24
82.22.111.0/24 maxlen: 24
82.22.114.0/24 maxlen: 24
82.22.120.0/24 maxlen: 24
82.22.121.0/24 maxlen: 24
82.22.122.0/24 maxlen: 24
82.22.123.0/24 maxlen: 24
82.22.141.0/24 maxlen: 24
82.22.144.0/24 maxlen: 24
82.22.197.0/24 maxlen: 24
82.23.3.0/24 maxlen: 24
82.23.4.0/24 maxlen: 24
82.23.5.0/24 maxlen: 24
82.23.6.0/24 maxlen: 24
82.23.15.0/24 maxlen: 24
82.23.44.0/24 maxlen: 24
82.23.45.0/24 maxlen: 24
82.23.46.0/24 maxlen: 24
82.23.47.0/24 maxlen: 24
82.23.48.0/24 maxlen: 24
82.23.50.0/24 maxlen: 24
82.23.51.0/24 maxlen: 24
82.23.52.0/24 maxlen: 24
82.23.53.0/24 maxlen: 24
82.23.55.0/24 maxlen: 24
82.23.56.0/24 maxlen: 24
82.23.57.0/24 maxlen: 24
82.23.58.0/24 maxlen: 24
82.23.61.0/24 maxlen: 24
82.23.62.0/24 maxlen: 24
82.23.63.0/24 maxlen: 24
82.23.64.0/24 maxlen: 24
82.23.69.0/24 maxlen: 24
82.23.74.0/24 maxlen: 24
82.23.79.0/24 maxlen: 24
82.23.123.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.26.0/24 maxlen: 24
82.24.63.0/24 maxlen: 24
82.24.90.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.244.0/24 maxlen: 24
82.24.246.0/24 maxlen: 24
82.25.134.0/24 maxlen: 24
82.25.244.0/24 maxlen: 24
82.25.246.0/24 maxlen: 24
82.26.83.0/24 maxlen: 24
82.26.204.0/24 maxlen: 24
82.26.244.0/24 maxlen: 24
82.27.20.0/24 maxlen: 24
82.27.101.0/24 maxlen: 24
82.27.103.0/24 maxlen: 24
84.75.0.0/24 maxlen: 24
84.75.17.0/24 maxlen: 24
84.75.26.0/24 maxlen: 24
84.75.35.0/24 maxlen: 24
84.75.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8d:d4:d7:5f:b6:e8:9e:9a:1d:97:49:2b:c9:78:ff:69:3d:36:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 13 14:38:58 2026 GMT
Not After : May 12 14:43:58 2027 GMT
Subject: CN=5DE9178429F7BDA574F192A52AC73392986C93B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d0:a2:ee:16:bf:ba:33:71:72:41:c4:ef:77:
e7:8d:f1:9c:3f:bf:c6:72:7c:8d:b6:28:57:7f:e5:
ca:c9:a9:c1:3d:35:b1:c8:43:c0:5c:25:b1:a3:4f:
f2:94:d6:aa:a5:88:09:ec:e4:0e:54:e6:0a:e2:ca:
9f:dd:cc:e1:13:6f:4a:69:b5:73:3d:7f:d6:7a:f4:
b8:bd:6f:44:ec:57:a4:51:c6:ef:a6:28:f1:86:a9:
1a:f3:23:26:12:bd:b5:0c:c5:c4:ab:9b:6b:28:d1:
59:30:1b:77:5d:88:31:7e:f2:8e:f7:45:0a:ca:e9:
1c:00:a4:38:5b:72:39:10:2e:27:cd:78:9f:8e:59:
80:e7:ae:4e:79:a2:71:a3:11:39:8e:5f:0c:35:6b:
5d:43:43:77:16:5f:64:fa:49:ff:be:e4:5b:98:79:
03:62:9a:03:f6:de:95:f8:c6:1f:8c:ab:3e:bf:83:
18:40:75:9d:b4:4e:01:06:59:b6:88:bf:2e:89:18:
ce:ee:21:ee:fa:fa:82:b0:30:08:82:76:51:95:4a:
ce:4c:95:8c:f4:96:2a:1c:03:36:9b:b8:b0:c6:7a:
1b:55:88:cc:c0:e5:9d:51:0d:c8:cd:26:ed:09:c3:
dc:b0:de:64:56:46:aa:b8:c4:65:46:ab:90:2e:c9:
ea:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:17:84:29:F7:BD:A5:74:F1:92:A5:2A:C7:33:92:98:6C:93:B7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.94.0/24
82.22.86.0/24
82.22.96.0/24
82.22.111.0/24
82.22.114.0/24
82.22.120.0/22
82.22.141.0/24
82.22.144.0/24
82.22.197.0/24
82.23.3.0-82.23.6.255
82.23.15.0/24
82.23.44.0-82.23.48.255
82.23.50.0-82.23.53.255
82.23.55.0-82.23.58.255
82.23.61.0-82.23.64.255
82.23.69.0/24
82.23.74.0/24
82.23.79.0/24
82.23.123.0/24
82.24.17.0/24
82.24.26.0/24
82.24.63.0/24
82.24.90.0/24
82.24.175.0/24
82.24.244.0/24
82.24.246.0/24
82.25.134.0/24
82.25.244.0/24
82.25.246.0/24
82.26.83.0/24
82.26.204.0/24
82.26.244.0/24
82.27.20.0/24
82.27.101.0/24
82.27.103.0/24
84.75.0.0/24
84.75.17.0/24
84.75.26.0/24
84.75.35.0/24
84.75.92.0/24
Signature Algorithm: sha256WithRSAEncryption
19:45:29:fa:dc:5e:2c:11:78:8c:da:0d:ca:e8:a2:c2:02:0a:
12:22:4d:0b:b3:a8:2e:47:3c:19:1a:0e:ad:87:49:71:7c:22:
40:75:8f:d7:ca:e9:15:fb:1e:88:0f:ab:a3:20:69:75:b6:a9:
e3:5e:6e:ca:93:6e:b6:73:4f:46:6a:c4:31:ee:26:c1:8f:6c:
d7:e3:2c:1e:e0:7e:44:56:22:9c:fc:a5:48:4a:49:94:9d:16:
4c:af:78:a7:40:6a:ac:5e:72:4b:3a:00:6e:0a:d9:69:3c:07:
6f:dd:59:6a:f5:c0:24:c7:9d:d0:84:7b:38:97:64:45:5e:6d:
37:e4:fe:6f:52:6d:05:28:4c:88:aa:86:bf:ad:6c:3a:3a:a4:
ba:b4:5b:c2:f7:30:ef:c9:8e:d1:06:fc:69:e8:81:0e:2e:13:
68:99:35:49:96:56:29:0c:62:1d:cf:5a:2e:ae:0f:cd:f5:66:
01:5a:1f:24:2b:de:32:a7:e5:e1:89:ab:81:93:16:58:58:23:
47:25:d5:a2:80:d4:fe:73:b1:d3:3e:a6:5c:e4:d7:1c:57:29:
d0:0d:d3:57:da:c2:da:e3:8f:78:c6:43:1d:d3:ad:99:96:8a:
a1:50:2a:aa:74:8d:43:5b:68:50:20:d0:6e:a7:60:47:cc:06:
c0:28:b3:47
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIUUI3U11+26J6aHZdJK8l4/2k9NtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTMxNDM4NThaFw0yNzA1MTIxNDQzNThaMDMxMTAvBgNV
BAMTKDVERTkxNzg0MjlGN0JEQTU3NEYxOTJBNTJBQzczMzkyOTg2QzkzQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20KLuFr+6M3FyQcTvd+eN8Zw/
v8ZyfI22KFd/5crJqcE9NbHIQ8BcJbGjT/KU1qqliAns5A5U5griyp/dzOETb0pp
tXM9f9Z69Li9b0TsV6RRxu+mKPGGqRrzIyYSvbUMxcSrm2so0VkwG3ddiDF+8o73
RQrK6RwApDhbcjkQLifNeJ+OWYDnrk55onGjETmOXww1a11DQ3cWX2T6Sf++5FuY
eQNimgP23pX4xh+Mqz6/gxhAdZ20TgEGWbaIvy6JGM7uIe76+oKwMAiCdlGVSs5M
lYz0liocAzabuLDGehtViMzA5Z1RDcjNJu0Jw9yw3mRWRqq4xGVGq5Auyep3AgMB
AAGjggMkMIIDIDAdBgNVHQ4EFgQUXekXhCn3vaV08ZKlKsczkphsk7cwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATkGCCsGAQUFBwEHAQH/BIIBKDCCASQwggEgBAIAATCC
ARgDBABSFV4DBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJSFngDBABSFo0DBABS
FpADBABSFsUwDAMEAFIXAwMEAFIXBgMEAFIXDzAMAwQCUhcsAwQAUhcwMAwDBAFS
FzIDBAFSFzQwDAMEAFIXNwMEAFIXOjAMAwQAUhc9AwQAUhdAAwQAUhdFAwQAUhdK
AwQAUhdPAwQAUhd7AwQAUhgRAwQAUhgaAwQAUhg/AwQAUhhaAwQAUhivAwQAUhj0
AwQAUhj2AwQAUhmGAwQAUhn0AwQAUhn2AwQAUhpTAwQAUhrMAwQAUhr0AwQAUhsU
AwQAUhtlAwQAUhtnAwQAVEsAAwQAVEsRAwQAVEsaAwQAVEsjAwQAVEtcMA0GCSqG
SIb3DQEBCwUAA4IBAQAZRSn63F4sEXiM2g3K6KLCAgoSIk0Ls6guRzwZGg6th0lx
fCJAdY/XyukV+x6ID6ujIGl1tqnjXm7Kk262c09GasQx7ibBj2zX4ywe4H5EViKc
/KVISkmUnRZMr3inQGqsXnJLOgBuCtlpPAdv3Vlq9cAkx53QhHs4l2RFXm035P5v
Um0FKEyIqoa/rWw6OqS6tFvC9zDvyY7RBvxp6IEOLhNomTVJllYpDGIdz1ourg/N
9WYBWh8kK94yp+XhiauBkxZYWCNHJdWigNT+c7HTPqZc5NccVynQDdNX2sLa4494
xkMd062ZloqhUCqqdI1DW2hQINBup2BHzAbAKLNH
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:18:28 2026 by rpki-client