Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: HjVXVe+ZIR4RrpHis9Zc48QMbQuGcFaYMGB/Lk/uzeU=
Subject key identifier: 05:DC:37:F9:3F:BB:47:6E:54:80:2F:42:8C:C1:23:E6:DD:24:83:D3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 43149E32D35C3FA10A49EBD8ACDAB7C64FBDBAB8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
Signing time: Thu 12 Mar 2026 15:09:31 +0000
ROA not before: Thu 12 Mar 2026 15:04:31 +0000
ROA not after: Thu 11 Mar 2027 15:09:31 +0000
asID: 5650
IP address blocks: 82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.192.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:14:9e:32:d3:5c:3f:a1:0a:49:eb:d8:ac:da:b7:c6:4f:bd:ba:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 12 15:04:31 2026 GMT
Not After : Mar 11 15:09:31 2027 GMT
Subject: CN=05DC37F93FBB476E54802F428CC123E6DD2483D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:92:4f:22:f0:7f:2c:0f:f9:04:77:3b:45:bd:
04:1e:e7:43:9c:48:c0:36:86:80:6d:7e:b4:09:e4:
f0:98:e0:3d:cf:be:f4:be:3e:6b:56:4a:61:04:63:
76:ab:22:97:77:9b:b3:7b:d5:83:2c:5c:60:34:38:
15:97:8c:54:24:5e:4b:fc:5a:40:22:96:d9:24:69:
c6:7a:d0:89:e8:fc:ed:c3:43:be:93:39:12:6f:ea:
e3:bf:b3:7a:89:4f:43:93:a0:e4:aa:00:eb:7e:74:
e3:96:8e:b9:68:61:a0:f9:26:4f:5f:3b:2e:12:bd:
67:d8:47:02:f7:e9:d5:ab:7d:c4:ea:17:b7:c0:73:
ab:df:c8:82:c8:49:30:c0:c1:57:eb:59:04:8c:c1:
b6:9c:e0:cf:92:42:14:b0:96:71:7b:fb:7d:6e:e5:
97:ed:6d:64:9d:e6:a0:bb:87:d7:7b:19:f5:50:42:
8c:15:5e:38:89:86:47:32:7e:12:40:31:f2:68:c1:
3e:7e:83:a2:06:f1:32:ba:b1:44:8c:3c:f3:e6:d3:
e1:d9:a4:3d:c0:dc:f2:f3:9f:86:cd:68:95:40:cc:
41:9b:be:ca:fa:1a:d6:fc:7b:85:bb:5f:31:b2:8d:
28:b4:a7:fe:e6:57:4c:40:ea:f2:91:97:6b:1e:62:
2d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DC:37:F9:3F:BB:47:6E:54:80:2F:42:8C:C1:23:E6:DD:24:83:D3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.80.0/21
82.27.112.0/22
82.27.192.0/22
82.38.36.0/23
82.39.112.0/23
82.41.192.0/23
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
178.83.128.0/22
Signature Algorithm: sha256WithRSAEncryption
15:6c:f6:18:bd:a6:ea:01:88:7c:db:c8:5b:c5:53:97:99:7f:
c1:de:6f:f5:07:08:0f:bc:b0:49:c7:49:3e:2c:07:52:7c:6b:
5c:90:ce:ae:cb:af:f7:63:86:4e:ee:79:89:2d:1e:6b:20:50:
9a:0d:13:39:23:b6:a1:c4:e3:c3:4e:a7:c8:53:be:e2:17:17:
7b:bb:88:d9:fe:d1:2a:1f:15:93:a2:98:2f:b0:91:2e:97:6a:
f1:4e:37:f0:4c:3f:9a:71:07:f3:70:52:76:bd:e8:ba:f0:ce:
6e:3d:df:87:5e:7b:2a:d6:14:54:15:2a:81:5a:3c:cc:43:1c:
a7:74:7b:dc:05:7b:8a:da:06:2e:6b:90:02:07:22:09:60:6d:
a8:d9:df:79:e5:f9:97:3a:58:99:72:95:4c:98:20:c3:09:7a:
8d:61:c4:76:0d:23:67:59:0a:bc:9f:8d:27:9b:0e:7c:59:ee:
8f:51:4e:0d:e5:f4:f2:3f:df:6b:27:7f:f8:f2:c7:e8:90:b6:
19:9a:c7:75:f6:ac:18:14:44:ab:15:4e:95:a2:6e:ec:d6:3f:
9d:4b:26:a7:c1:04:6a:d7:7a:27:49:58:77:d7:e1:e7:f2:20:
82:78:8c:0c:55:26:88:6f:c0:25:35:eb:38:81:58:d9:e3:58:
f3:61:6f:42
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIUQxSeMtNcP6EKSevYrNq3xk+9urgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTIxNTA0MzFaFw0yNzAzMTExNTA5MzFaMDMxMTAvBgNV
BAMTKDA1REMzN0Y5M0ZCQjQ3NkU1NDgwMkY0MjhDQzEyM0U2REQyNDgzRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnkk8i8H8sD/kEdztFvQQe50Oc
SMA2hoBtfrQJ5PCY4D3PvvS+PmtWSmEEY3arIpd3m7N71YMsXGA0OBWXjFQkXkv8
WkAiltkkacZ60Ino/O3DQ76TORJv6uO/s3qJT0OToOSqAOt+dOOWjrloYaD5Jk9f
Oy4SvWfYRwL36dWrfcTqF7fAc6vfyILISTDAwVfrWQSMwbac4M+SQhSwlnF7+31u
5ZftbWSd5qC7h9d7GfVQQowVXjiJhkcyfhJAMfJowT5+g6IG8TK6sUSMPPPm0+HZ
pD3A3PLzn4bNaJVAzEGbvsr6Gtb8e4W7XzGyjSi0p/7mV0xA6vKRl2seYi2vAgMB
AAGjggJ9MIICeTAdBgNVHQ4EFgQUBdw3+T+7R25UgC9CjMEj5t0kg9MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAVIY
CgMEAVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAVIZEgMEAlIZgAMEAVIZ
zgMEAVIaZgMEA1IbUAMEAlIbcAMEAlIbwAMEAVImJAMEAVIncAMEAVIpwAMEAlRL
BAMEAlRLHAMEAlRLSAMEArJTgDANBgkqhkiG9w0BAQsFAAOCAQEAFWz2GL2m6gGI
fNvIW8VTl5l/wd5v9QcID7ywScdJPiwHUnxrXJDOrsuv92OGTu55iS0eayBQmg0T
OSO2ocTjw06nyFO+4hcXe7uI2f7RKh8Vk6KYL7CRLpdq8U438Ew/mnEH83BSdr3o
uvDObj3fh157KtYUVBUqgVo8zEMcp3R73AV7itoGLmuQAgciCWBtqNnfeeX5lzpY
mXKVTJggwwl6jWHEdg0jZ1kKvJ+NJ5sOfFnuj1FODeX08j/fayd/+PLH6JC2GZrH
dfasGBREqxVOlaJu7NY/nUsmp8EEatd6J0lYd9fh5/IggniMDFUmiG/AJTXrOIFY
2eNY82FvQg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:30:58 2026 by rpki-client