Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: TMKPK+Xv28S18G0DDlE3E0CpKTdnFi9UMUTzmY6UNBs=
Subject key identifier: 30:4F:30:24:7C:A1:A3:61:F0:A7:94:C1:C9:FB:7F:C0:65:57:F0:90
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 03221CCE6F5F85ABEE96E8D5DAF1479B2D4BEADF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
Signing time: Fri 26 Sep 2025 04:13:31 +0000
ROA not before: Fri 26 Sep 2025 04:08:31 +0000
ROA not after: Fri 25 Sep 2026 04:13:31 +0000
asID: 5650
IP address blocks: 46.203.160.0/24 maxlen: 24
46.203.164.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.90.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.134.203.0/24 maxlen: 24
95.135.38.0/24 maxlen: 24
95.135.85.0/24 maxlen: 24
95.135.127.0/24 maxlen: 24
95.135.138.0/24 maxlen: 24
95.135.180.0/24 maxlen: 24
95.135.219.0/24 maxlen: 24
178.92.220.0/24 maxlen: 24
178.95.190.0/24 maxlen: 24
178.95.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:22:1c:ce:6f:5f:85:ab:ee:96:e8:d5:da:f1:47:9b:2d:4b:ea:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 26 04:08:31 2025 GMT
Not After : Sep 25 04:13:31 2026 GMT
Subject: CN=304F30247CA1A361F0A794C1C9FB7FC06557F090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7e:36:6c:58:fc:4c:ef:3f:b7:e5:c3:10:7e:
08:f6:2e:a1:cf:54:fb:cc:2a:c6:9c:87:c5:06:89:
2e:75:b5:8e:43:e2:f4:4c:e1:51:dd:4c:84:66:00:
a0:3e:87:7e:cc:c2:09:2b:79:58:e9:4a:4f:65:91:
c8:4e:48:cc:e6:f6:fc:f3:31:2e:47:3d:81:e4:80:
95:34:aa:fd:08:e6:ab:c7:1a:7e:a2:05:7c:c7:fc:
bb:a9:8f:3b:94:a0:7e:8e:88:38:a6:76:d6:76:f3:
18:1e:4c:da:46:8e:ce:9d:8b:5b:09:1f:bb:8a:8f:
1e:d2:7e:c0:b6:27:6c:95:69:8a:18:bb:a8:35:03:
43:71:f8:21:11:23:b5:ea:c9:14:24:49:73:4f:e9:
b3:81:3e:b1:ae:1d:bf:8b:60:f0:ba:52:9d:4e:ab:
44:5a:4d:13:e9:aa:06:6b:8f:af:2b:d4:de:2b:fd:
d8:72:89:08:8a:e7:53:6e:ed:b2:8c:02:06:a9:1a:
a4:3f:47:92:f7:ba:59:ee:03:5a:15:4d:49:22:a8:
92:0b:bb:bd:9e:45:86:97:a9:aa:cc:e5:fb:11:89:
b3:31:d4:9f:9f:f7:4c:0b:fe:88:be:8a:6c:59:44:
a1:dc:61:0a:11:6b:8f:3d:4f:68:d4:9e:e7:0d:b9:
b9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4F:30:24:7C:A1:A3:61:F0:A7:94:C1:C9:FB:7F:C0:65:57:F0:90
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.160.0/24
46.203.164.0/24
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.215.0/24
95.134.76.0/24
95.134.90.0/24
95.134.120.0/24
95.134.203.0/24
95.135.38.0/24
95.135.85.0/24
95.135.127.0/24
95.135.138.0/24
95.135.180.0/24
95.135.219.0/24
178.92.220.0/24
178.95.190.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:be:62:fe:10:d5:cd:49:a6:e2:e5:8e:67:04:eb:1e:97:e8:
91:ac:48:db:99:d9:e8:f6:3a:99:ab:32:73:6f:fa:8b:b1:5b:
38:d9:96:8e:84:6d:34:05:53:6b:41:2f:b0:e4:34:4a:ca:5d:
3b:47:00:f1:bf:0a:f9:78:ea:2e:c9:d7:43:27:c7:b6:d1:f6:
2d:e9:7d:92:d9:6d:ed:f0:d2:6e:3e:cd:25:26:68:7a:01:6e:
a9:fd:b4:c6:b5:4a:7c:04:c6:e4:7f:90:ef:f5:36:32:87:17:
0a:e9:5c:b9:4a:0b:a2:7c:06:92:0a:d9:74:cc:82:79:32:f7:
b2:d6:ea:d4:a7:bc:d7:64:68:06:a3:e0:c9:6e:d1:fe:b2:cf:
1a:97:f1:56:71:5b:1b:54:81:00:17:6a:ac:b0:52:bd:bc:63:
5f:66:fa:ab:27:cb:83:01:62:d8:85:4d:a2:8d:72:dd:88:42:
97:6f:d1:27:a4:c1:55:62:cd:b8:75:54:b2:e6:1c:6c:a2:39:
bc:ce:5f:94:ad:2a:cd:a0:e2:ab:d8:d5:ef:ba:96:75:be:1b:
af:61:d1:22:f2:56:6b:b1:9a:ce:28:eb:94:c6:33:d7:1d:85:
ef:18:2d:5a:d2:25:20:15:e5:8c:48:3c:db:40:2f:c0:74:b7:
69:a8:16:11
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUAyIczm9fhavulujV2vFHmy1L6t8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MjYwNDA4MzFaFw0yNjA5MjUwNDEzMzFaMDMxMTAvBgNV
BAMTKDMwNEYzMDI0N0NBMUEzNjFGMEE3OTRDMUM5RkI3RkMwNjU1N0YwOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDfjZsWPxM7z+35cMQfgj2LqHP
VPvMKsach8UGiS51tY5D4vRM4VHdTIRmAKA+h37MwgkreVjpSk9lkchOSMzm9vzz
MS5HPYHkgJU0qv0I5qvHGn6iBXzH/LupjzuUoH6OiDimdtZ28xgeTNpGjs6di1sJ
H7uKjx7SfsC2J2yVaYoYu6g1A0Nx+CERI7XqyRQkSXNP6bOBPrGuHb+LYPC6Up1O
q0RaTRPpqgZrj68r1N4r/dhyiQiK51Nu7bKMAgapGqQ/R5L3ulnuA1oVTUkiqJIL
u72eRYaXqarM5fsRibMx1J+f90wL/oi+imxZRKHcYQoRa489T2jUnucNubl/AgMB
AAGjggJvMIICazAdBgNVHQ4EFgQUME8wJHyho2Hwp5TByft/wGVX8JAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBAAuy6AD
BAAuy6QDBAJccCADBANccCgDBABccJ0DBABccdcDBABfhkwDBABfhloDBABfhngD
BABfhssDBABfhyYDBABfh1UDBABfh38DBABfh4oDBABfh7QDBABfh9sDBACyXNwD
BAGyX74wDQYJKoZIhvcNAQELBQADggEBAFu+Yv4Q1c1JpuLljmcE6x6X6JGsSNuZ
2ej2OpmrMnNv+ouxWzjZlo6EbTQFU2tBL7DkNErKXTtHAPG/Cvl46i7J10Mnx7bR
9i3pfZLZbe3w0m4+zSUmaHoBbqn9tMa1SnwExuR/kO/1NjKHFwrpXLlKC6J8BpIK
2XTMgnky97LW6tSnvNdkaAaj4Mlu0f6yzxqX8VZxWxtUgQAXaqywUr28Y19m+qsn
y4MBYtiFTaKNct2IQpdv0SekwVVizbh1VLLmHGyiObzOX5StKs2g4qvY1e+6lnW+
G69h0SLyVmuxms4o65TGM9cdhe8YLVrSJSAV5YxIPNtAL8B0t2moFhE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:35:37 2025 by rpki-client