Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: Lw+4c4CKiLgTVjbg373S+VFIYZleEaXR6MtJcmjXo9o=
Subject key identifier: 30:18:BA:51:04:AD:7B:E8:5B:EA:D7:81:48:49:A9:4E:C0:2A:F9:8D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 24E6D00E7A9743A57E7B6166FDD468D0B22BF8FE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
Signing time: Thu 26 Jun 2025 14:01:47 +0000
ROA not before: Thu 26 Jun 2025 13:56:47 +0000
ROA not after: Thu 25 Jun 2026 14:01:47 +0000
asID: 5650
IP address blocks: 46.203.160.0/24 maxlen: 24
46.203.164.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.170.0/24 maxlen: 24
92.113.171.0/24 maxlen: 24
92.113.175.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
92.113.224.0/24 maxlen: 24
92.113.230.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.90.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.134.203.0/24 maxlen: 24
95.135.38.0/24 maxlen: 24
95.135.85.0/24 maxlen: 24
95.135.127.0/24 maxlen: 24
95.135.138.0/24 maxlen: 24
95.135.180.0/24 maxlen: 24
95.135.219.0/24 maxlen: 24
178.92.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e6:d0:0e:7a:97:43:a5:7e:7b:61:66:fd:d4:68:d0:b2:2b:f8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 26 13:56:47 2025 GMT
Not After : Jun 25 14:01:47 2026 GMT
Subject: CN=3018BA5104AD7BE85BEAD7814849A94EC02AF98D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7c:20:4b:09:0a:75:4a:f5:38:8d:3b:bd:78:
8c:6c:a9:e9:f7:d0:cc:ea:f6:58:2c:13:0e:6c:a6:
f6:78:a2:0c:9a:5b:4e:5b:cd:e6:97:7a:8b:98:31:
32:ae:3f:89:2f:ba:31:88:de:e5:85:3c:de:ed:88:
02:c5:2d:20:8b:ef:34:6a:07:6c:27:5e:bc:01:55:
1e:57:24:15:0d:c6:eb:05:7c:83:0f:4f:0d:0f:e9:
d0:e8:d1:2e:96:c1:e6:28:16:72:cc:af:41:4b:ca:
71:61:2c:ec:76:00:95:2f:6f:34:93:3f:56:e6:7a:
e6:2e:ab:d6:ac:f7:1f:7d:dc:c0:79:33:e6:ff:a2:
ab:3c:48:a1:8d:1b:15:7f:ef:0a:ae:f6:10:8b:38:
28:ed:dd:43:00:88:3b:96:d2:62:9a:c4:2d:26:ad:
8f:70:58:16:67:22:b5:c0:71:f7:07:94:55:ad:28:
5f:59:60:d2:bd:8a:a7:ea:51:60:69:9c:2e:05:7f:
a2:d9:46:38:da:ad:4f:7e:f9:e3:13:f6:8d:85:41:
8d:46:e2:8c:d3:e9:6b:45:f0:25:a2:a4:3f:23:49:
32:1d:c8:6f:14:7f:92:40:cf:e9:3a:43:36:00:25:
63:f1:74:51:1e:dc:02:2a:fa:6d:9d:ae:18:3e:39:
88:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:18:BA:51:04:AD:7B:E8:5B:EA:D7:81:48:49:A9:4E:C0:2A:F9:8D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.160.0/24
46.203.164.0/24
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.170.0/23
92.113.175.0/24
92.113.215.0/24
92.113.224.0/24
92.113.230.0/24
95.134.76.0/24
95.134.90.0/24
95.134.120.0/24
95.134.203.0/24
95.135.38.0/24
95.135.85.0/24
95.135.127.0/24
95.135.138.0/24
95.135.180.0/24
95.135.219.0/24
178.92.220.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:c3:ac:26:66:e6:3c:c4:ea:76:88:fd:28:7a:74:1a:c6:35:
86:e5:9d:ee:1b:a8:89:74:b3:d0:22:4c:f6:23:3d:59:9e:5f:
f0:92:eb:c8:62:ed:aa:75:10:9b:0e:76:87:4a:c2:36:91:5e:
b2:1f:67:f0:97:62:b5:0a:ae:5e:a5:93:ee:41:7a:b9:a5:f6:
a3:e5:ed:fa:1d:93:17:8d:1b:60:36:56:06:1f:6b:bf:a0:ef:
1b:52:46:9e:87:6e:dc:98:eb:77:96:58:07:d4:4f:b9:82:2d:
80:42:19:95:37:0d:aa:3e:a2:d9:5d:e6:93:76:0b:7e:6b:d3:
e2:c8:5c:31:ec:98:a0:e9:43:1e:b9:6c:da:d7:84:e7:22:14:
57:e9:00:dd:50:d3:04:6f:64:ab:4b:9f:b7:e0:40:10:5c:2c:
95:c4:26:cc:14:ee:38:e7:36:14:11:8b:43:e8:df:85:9e:2e:
2a:e7:50:b3:a1:af:db:a7:61:ca:00:d7:5b:a3:d6:f4:51:40:
4f:31:3b:5f:04:31:56:69:98:01:4a:0b:36:d9:34:5e:f8:79:
be:d7:a1:63:c6:96:48:1c:60:9e:69:b3:0b:65:54:d0:83:16:
f4:9b:d8:b8:68:2b:ab:5a:71:27:8f:dd:17:01:7c:85:04:77:
1a:ff:03:aa
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUJObQDnqXQ6V+e2Fm/dRo0LIr+P4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjYxMzU2NDdaFw0yNjA2MjUxNDAxNDdaMDMxMTAvBgNV
BAMTKDMwMThCQTUxMDRBRDdCRTg1QkVBRDc4MTQ4NDlBOTRFQzAyQUY5OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1fCBLCQp1SvU4jTu9eIxsqen3
0Mzq9lgsEw5spvZ4ogyaW05bzeaXeouYMTKuP4kvujGI3uWFPN7tiALFLSCL7zRq
B2wnXrwBVR5XJBUNxusFfIMPTw0P6dDo0S6WweYoFnLMr0FLynFhLOx2AJUvbzST
P1bmeuYuq9as9x993MB5M+b/oqs8SKGNGxV/7wqu9hCLOCjt3UMAiDuW0mKaxC0m
rY9wWBZnIrXAcfcHlFWtKF9ZYNK9iqfqUWBpnC4Ff6LZRjjarU9++eMT9o2FQY1G
4ozT6WtF8CWipD8jSTIdyG8Uf5JAz+k6QzYAJWPxdFEe3AIq+m2drhg+OYj7AgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUMBi6UQSte+hb6teBSEmpTsAq+Y0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBmgYIKwYBBQUHAQcBAf8EgYowgYcwgYQEAgABMH4DBAAu
y6ADBAAuy6QDBAJccCADBANccCgDBABccJ0DBAFccaoDBABcca8DBABccdcDBABc
ceADBABcceYDBABfhkwDBABfhloDBABfhngDBABfhssDBABfhyYDBABfh1UDBABf
h38DBABfh4oDBABfh7QDBABfh9sDBACyXNwwDQYJKoZIhvcNAQELBQADggEBAA7D
rCZm5jzE6naI/Sh6dBrGNYblne4bqIl0s9AiTPYjPVmeX/CS68hi7ap1EJsOdodK
wjaRXrIfZ/CXYrUKrl6lk+5Berml9qPl7fodkxeNG2A2VgYfa7+g7xtSRp6HbtyY
63eWWAfUT7mCLYBCGZU3Dao+otld5pN2C35r0+LIXDHsmKDpQx65bNrXhOciFFfp
AN1Q0wRvZKtLn7fgQBBcLJXEJswU7jjnNhQRi0Po34WeLirnULOhr9unYcoA11uj
1vRRQE8xO18EMVZpmAFKCzbZNF74eb7XoWPGlkgcYJ5pswtlVNCDFvSb2LhoK6ta
cSeP3RcBfIUEdxr/A6o=
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:07 2025 by rpki-client