Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: YN+7rTGHDXTnAdx+T/c+T4tERMLIY0A0gDlpb8ilcJw=
Subject key identifier: 46:FE:C3:73:E7:8F:75:E9:DF:06:DE:A8:7F:46:21:A4:07:6E:6E:91
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5C22C97A7D7172D2BE81397C63E5DF67B1FAA128
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
Signing time: Sat 26 Apr 2025 15:36:24 +0000
ROA not before: Sat 26 Apr 2025 15:31:24 +0000
ROA not after: Sat 25 Apr 2026 15:36:24 +0000
asID: 5650
IP address blocks: 46.203.160.0/24 maxlen: 24
46.203.164.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.36.0/23 maxlen: 24
92.112.38.0/23 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.56.0/21 maxlen: 22
95.134.76.0/24 maxlen: 24
95.134.90.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.134.203.0/24 maxlen: 24
95.135.38.0/24 maxlen: 24
95.135.85.0/24 maxlen: 24
95.135.127.0/24 maxlen: 24
95.135.138.0/24 maxlen: 24
95.135.180.0/24 maxlen: 24
95.135.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:22:c9:7a:7d:71:72:d2:be:81:39:7c:63:e5:df:67:b1:fa:a1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 26 15:31:24 2025 GMT
Not After : Apr 25 15:36:24 2026 GMT
Subject: CN=46FEC373E78F75E9DF06DEA87F4621A4076E6E91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:00:b1:69:ec:4f:35:05:22:5f:6d:89:a9:
95:6e:95:ac:d0:6e:4a:3e:05:51:84:d1:79:45:a1:
95:ff:4a:8b:7a:10:9a:29:9c:0a:f9:c3:83:0e:e7:
26:9f:5a:1a:f0:2d:c3:02:61:eb:e4:3e:ed:f8:a7:
7d:30:3a:b7:2b:ed:08:6a:5a:2f:76:ac:9c:f0:e7:
e7:31:8d:58:34:31:dc:f8:c8:64:25:96:a5:f0:31:
ee:94:87:a8:73:ba:72:25:45:66:3d:29:d1:69:94:
9e:9e:8f:0b:19:3e:4e:a0:a0:ad:80:a7:91:8a:17:
85:c6:23:1f:f1:55:98:18:c3:45:1d:5d:b9:42:79:
8f:6c:8c:af:07:ac:ad:f4:4c:bf:c1:cb:98:c6:73:
57:41:53:0b:65:bb:3f:fd:62:cb:3a:65:72:40:40:
07:06:b7:25:2c:f4:37:35:fa:bd:19:67:95:15:43:
75:02:e7:12:3b:0e:3b:82:57:7a:7b:e2:8f:cb:54:
e5:81:1e:31:21:24:ec:de:a4:cb:88:b6:ed:65:86:
99:60:12:99:e6:43:24:70:4a:1e:32:5c:ea:26:9f:
86:f1:30:cf:4f:34:59:c6:00:3e:91:c9:ed:26:52:
b1:52:66:d9:75:29:bd:b1:57:19:96:ee:57:8e:91:
b3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FE:C3:73:E7:8F:75:E9:DF:06:DE:A8:7F:46:21:A4:07:6E:6E:91
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.160.0/24
46.203.164.0/24
92.112.32.0/20
92.112.157.0/24
92.113.56.0/21
95.134.76.0/24
95.134.90.0/24
95.134.120.0/24
95.134.203.0/24
95.135.38.0/24
95.135.85.0/24
95.135.127.0/24
95.135.138.0/24
95.135.180.0/24
95.135.219.0/24
Signature Algorithm: sha256WithRSAEncryption
48:0c:6c:0e:4f:c3:67:ef:7e:59:c2:85:76:bf:21:f9:3a:85:
03:b7:21:fd:8b:50:4b:38:d4:9f:73:af:63:5b:e1:f7:8c:7d:
b9:3d:cf:8d:6a:c8:86:f2:7b:ef:88:9c:13:ad:34:c3:88:51:
68:97:3e:bd:c6:2d:6a:c4:d7:d5:34:19:78:ff:83:79:7d:fa:
55:d4:b0:30:0f:1d:a6:64:e5:37:4c:81:7c:e3:2f:da:71:f2:
56:84:0c:3a:5e:13:47:7e:b6:a3:7d:eb:0f:83:ff:f4:b4:5c:
82:c5:3a:88:b4:f8:fd:88:e0:45:25:1d:6c:3e:18:36:63:df:
08:e1:e6:b5:3c:8c:92:33:4c:95:18:92:94:a7:2e:f7:9c:79:
6d:a9:ea:85:5d:f8:88:fb:76:22:b5:f7:ea:7e:cb:49:1a:4b:
bb:c9:e1:bc:be:48:4a:6e:8a:39:27:7d:3d:9f:d9:8a:0a:2e:
d7:54:d9:76:84:11:ea:83:a0:cd:b6:4f:b5:bd:a9:7c:18:e0:
f8:90:81:42:87:05:16:a4:66:d6:33:e9:0f:c5:80:2e:b3:92:
67:7e:ec:89:31:67:57:fa:68:32:97:d4:1f:ce:65:56:8e:1a:
c6:c6:26:15:8a:76:be:93:75:b6:dd:76:04:7b:35:46:e5:81:
b0:ee:39:7b
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUXCLJen1xctK+gTl8Y+XfZ7H6oSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjYxNTMxMjRaFw0yNjA0MjUxNTM2MjRaMDMxMTAvBgNV
BAMTKDQ2RkVDMzczRTc4Rjc1RTlERjA2REVBODdGNDYyMUE0MDc2RTZFOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChfACxaexPNQUiX22JqZVulazQ
bko+BVGE0XlFoZX/Sot6EJopnAr5w4MO5yafWhrwLcMCYevkPu34p30wOrcr7Qhq
Wi92rJzw5+cxjVg0Mdz4yGQllqXwMe6Uh6hzunIlRWY9KdFplJ6ejwsZPk6goK2A
p5GKF4XGIx/xVZgYw0UdXblCeY9sjK8HrK30TL/By5jGc1dBUwtluz/9Yss6ZXJA
QAcGtyUs9Dc1+r0ZZ5UVQ3UC5xI7DjuCV3p74o/LVOWBHjEhJOzepMuItu1lhplg
EpnmQyRwSh4yXOomn4bxMM9PNFnGAD6Rye0mUrFSZtl1Kb2xVxmW7leOkbOBAgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQURv7Dc+ePdenfBt6of0YhpAdubpEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBzBggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAC7LoAME
AC7LpAMEBFxwIAMEAFxwnQMEA1xxOAMEAF+GTAMEAF+GWgMEAF+GeAMEAF+GywME
AF+HJgMEAF+HVQMEAF+HfwMEAF+HigMEAF+HtAMEAF+H2zANBgkqhkiG9w0BAQsF
AAOCAQEASAxsDk/DZ+9+WcKFdr8h+TqFA7ch/YtQSzjUn3OvY1vh94x9uT3PjWrI
hvJ774icE600w4hRaJc+vcYtasTX1TQZeP+DeX36VdSwMA8dpmTlN0yBfOMv2nHy
VoQMOl4TR362o33rD4P/9LRcgsU6iLT4/YjgRSUdbD4YNmPfCOHmtTyMkjNMlRiS
lKcu95x5banqhV34iPt2IrX36n7LSRpLu8nhvL5ISm6KOSd9PZ/Zigou11TZdoQR
6oOgzbZPtb2pfBjg+JCBQocFFqRm1jPpD8WALrOSZ37siTFnV/poMpfUH85lVo4a
xsYmFYp2vpN1tt12BHs1RuWBsO45ew==
-----END CERTIFICATE-----
Generated at Tue May 6 01:52:10 2025 by rpki-client