Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
File: AS5089.roa (raw, json)
Hash identifier: 9e4alOMb7wvGUiuPUnKIH2wBece829DPGhVyskqX3l4=
Subject key identifier: 02:72:F8:A3:11:EF:56:E8:9E:E2:7D:5F:21:DB:44:DF:86:14:F4:B0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 78A1284F3A2D0B94E3AEFBE2EE204A830AA3046F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
Signing time: Thu 04 Jun 2026 17:21:44 +0000
ROA not before: Thu 04 Jun 2026 17:16:44 +0000
ROA not after: Thu 03 Jun 2027 17:21:44 +0000
asID: 5089
IP address blocks: 82.21.66.0/24 maxlen: 24
82.21.76.0/24 maxlen: 24
82.21.127.0/24 maxlen: 24
82.21.136.0/24 maxlen: 24
82.23.149.0/24 maxlen: 24
82.23.150.0/24 maxlen: 24
82.25.132.0/24 maxlen: 24
82.26.0.0/18 maxlen: 24
82.26.84.0/24 maxlen: 24
82.26.112.0/24 maxlen: 24
82.26.119.0/24 maxlen: 24
82.27.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:a1:28:4f:3a:2d:0b:94:e3:ae:fb:e2:ee:20:4a:83:0a:a3:04:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 4 17:16:44 2026 GMT
Not After : Jun 3 17:21:44 2027 GMT
Subject: CN=0272F8A311EF56E89EE27D5F21DB44DF8614F4B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a5:a3:ee:78:67:0b:74:dc:60:f1:a1:18:d4:
8d:ae:32:70:4f:43:fd:a5:cc:a2:27:97:c0:21:30:
be:77:6c:fc:90:a5:0b:76:ef:64:6f:65:a7:8c:14:
f4:a5:aa:c8:3c:12:30:a2:7c:08:f2:be:9f:e1:e9:
3c:59:d4:3c:38:ab:7f:d1:ba:24:b6:46:fc:84:17:
53:ee:6d:5d:0f:76:94:3b:10:d0:b0:8a:43:25:54:
f8:70:d0:b2:f8:9e:d0:2c:45:cc:d7:e4:54:78:54:
1a:bd:a7:b8:f0:f2:5a:62:aa:74:8e:3b:51:b9:86:
2e:ba:04:13:b2:2f:f0:47:0f:c5:88:64:a3:85:fc:
16:1d:22:ef:ae:37:58:e5:af:91:97:f5:e0:70:19:
6a:ac:8c:01:7c:da:4b:a3:26:a6:58:bb:ce:2b:6d:
e9:7b:0a:5b:46:07:7c:0c:95:24:3b:9e:3c:4a:0a:
da:4e:3c:c8:92:7c:c2:67:03:fc:4c:f3:dc:92:b2:
ad:46:d7:c2:22:cc:f8:7a:ab:02:8c:dc:84:2b:9d:
a8:05:e8:11:e4:9a:b4:6c:32:eb:f9:c5:9f:66:52:
c0:23:a7:d4:0c:fe:0e:a8:b6:33:1c:0e:ee:fe:92:
9e:3a:51:92:5b:fd:cc:cc:b3:ef:d8:99:42:da:1e:
2f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:72:F8:A3:11:EF:56:E8:9E:E2:7D:5F:21:DB:44:DF:86:14:F4:B0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.66.0/24
82.21.76.0/24
82.21.127.0/24
82.21.136.0/24
82.23.149.0-82.23.150.255
82.25.132.0/24
82.26.0.0/18
82.26.84.0/24
82.26.112.0/24
82.26.119.0/24
82.27.110.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:80:de:e8:a7:59:c3:b0:97:7e:5d:16:56:5d:f8:73:34:06:
4f:04:bb:86:bb:33:2f:ef:e3:00:13:5e:d5:c2:48:42:75:82:
fc:72:e1:29:d9:f2:84:12:e6:2d:6e:9b:02:df:c9:9b:6b:ee:
36:09:f3:c2:96:01:67:c0:5d:92:82:cd:4c:29:b4:75:58:8c:
2b:16:36:40:c7:71:66:a7:af:a0:9d:c6:a1:f9:ef:c3:35:ad:
6e:c5:db:92:2f:10:f9:26:ac:3b:7b:70:7c:da:bd:8c:77:bf:
30:db:16:79:3c:c8:39:f7:90:1f:10:81:3f:5a:a4:be:ca:92:
48:ba:96:2c:b2:3e:ca:fd:94:14:fc:65:cd:a7:22:6b:af:ac:
ec:5c:5c:6e:42:96:8d:1b:09:24:2e:4c:0b:81:70:99:a3:89:
e7:52:5c:cf:7e:82:d5:00:17:d1:f7:a7:d5:be:9d:ab:c2:23:
c8:09:71:3f:b1:19:0d:32:25:fc:3b:9e:af:ae:9e:94:90:7f:
1a:b6:93:d8:29:36:58:3b:67:72:1a:79:b4:5d:d4:ca:4b:a5:
0a:71:52:83:3d:51:ee:95:b3:df:32:3d:8a:e3:dc:1c:40:15:
63:01:7d:35:ac:f4:84:c0:87:8c:3a:a0:79:9e:65:0d:0b:b2:
bc:9a:e7:27
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUeKEoTzotC5Tjrvvi7iBKgwqjBG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDQxNzE2NDRaFw0yNzA2MDMxNzIxNDRaMDMxMTAvBgNV
BAMTKDAyNzJGOEEzMTFFRjU2RTg5RUUyN0Q1RjIxREI0NERGODYxNEY0QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDApaPueGcLdNxg8aEY1I2uMnBP
Q/2lzKInl8AhML53bPyQpQt272RvZaeMFPSlqsg8EjCifAjyvp/h6TxZ1Dw4q3/R
uiS2RvyEF1PubV0PdpQ7ENCwikMlVPhw0LL4ntAsRczX5FR4VBq9p7jw8lpiqnSO
O1G5hi66BBOyL/BHD8WIZKOF/BYdIu+uN1jlr5GX9eBwGWqsjAF82kujJqZYu84r
bel7CltGB3wMlSQ7njxKCtpOPMiSfMJnA/xM89ySsq1G18IizPh6qwKM3IQrnagF
6BHkmrRsMuv5xZ9mUsAjp9QM/g6otjMcDu7+kp46UZJb/czMs+/YmULaHi9VAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUAnL4oxHvVuie4n1fIdtE34YU9LAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA4OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAFIVQgME
AFIVTAMEAFIVfwMEAFIViDAMAwQAUheVAwQAUheWAwQAUhmEAwQGUhoAAwQAUhpU
AwQAUhpwAwQAUhp3AwQAUhtuMA0GCSqGSIb3DQEBCwUAA4IBAQB9gN7op1nDsJd+
XRZWXfhzNAZPBLuGuzMv7+MAE17VwkhCdYL8cuEp2fKEEuYtbpsC38mba+42CfPC
lgFnwF2Sgs1MKbR1WIwrFjZAx3Fmp6+gncah+e/DNa1uxduSLxD5Jqw7e3B82r2M
d78w2xZ5PMg595AfEIE/WqS+ypJIupYssj7K/ZQU/GXNpyJrr6zsXFxuQpaNGwkk
LkwLgXCZo4nnUlzPfoLVABfR96fVvp2rwiPICXE/sRkNMiX8O56vrp6UkH8atpPY
KTZYO2dyGnm0XdTKS6UKcVKDPVHulbPfMj2K49wcQBVjAX01rPSEwIeMOqB5nmUN
C7K8mucn
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:41:18 2026 by rpki-client