Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
File:                     AS5650.roa (raw, json)
Hash identifier:          YjwVFRBg95v2NhuNLc8iVlQ2Ym4Y8wkobFLKygF/Upo=
Subject key identifier:   BF:AA:EB:80:E2:23:A9:F5:F4:52:61:2C:DF:7D:49:9C:39:2C:B2:09
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       5E378BA41C06C8ABEB35298923A8CC16BC4D692B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
Signing time:             Wed 08 Jul 2026 00:04:43 +0000
ROA not before:           Tue 07 Jul 2026 23:59:43 +0000
ROA not after:            Wed 07 Jul 2027 00:04:43 +0000
asID:                     5650
IP address blocks:        82.23.152.0/21 maxlen: 24
                          82.24.10.0/23 maxlen: 24
                          82.24.44.0/23 maxlen: 24
                          82.24.50.0/23 maxlen: 24
                          82.24.102.0/23 maxlen: 24
                          82.24.184.0/22 maxlen: 24
                          82.24.204.0/23 maxlen: 24
                          82.25.18.0/23 maxlen: 24
                          82.25.128.0/22 maxlen: 24
                          82.25.206.0/23 maxlen: 24
                          82.26.102.0/23 maxlen: 24
                          82.27.80.0/21 maxlen: 24
                          82.27.112.0/22 maxlen: 24
                          82.27.192.0/22 maxlen: 24
                          82.38.36.0/23 maxlen: 24
                          82.39.112.0/23 maxlen: 24
                          82.41.192.0/23 maxlen: 24
                          84.75.4.0/22 maxlen: 24
                          84.75.28.0/22 maxlen: 24
                          84.75.72.0/22 maxlen: 24
                          178.83.0.0/22 maxlen: 24
                          178.83.216.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:37:8b:a4:1c:06:c8:ab:eb:35:29:89:23:a8:cc:16:bc:4d:69:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul  7 23:59:43 2026 GMT
            Not After : Jul  7 00:04:43 2027 GMT
        Subject: CN=BFAAEB80E223A9F5F452612CDF7D499C392CB209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9a:5e:f8:58:da:3c:ac:3a:0a:1a:6e:57:c2:
                    6a:0c:f1:d2:1b:36:0a:51:f9:e0:23:74:7e:02:ab:
                    ee:b0:1f:d7:76:a2:c0:c5:e2:6a:a3:65:e7:93:40:
                    b6:e1:73:69:66:22:91:46:55:47:9d:0d:66:25:ed:
                    90:05:7d:57:6f:7f:76:06:40:61:5f:51:9e:b7:16:
                    4b:26:ca:17:5f:10:81:a8:a0:1c:33:ef:1e:9d:b1:
                    94:ee:72:c0:d2:18:62:34:98:c0:28:6c:1d:31:99:
                    a5:d5:8e:09:f5:26:1e:1e:f7:88:65:cb:3d:3b:f8:
                    88:a4:85:43:06:fa:63:ad:e3:59:c8:78:82:87:1f:
                    3b:83:44:66:6c:05:42:50:1c:5f:c6:a7:1a:97:eb:
                    df:58:ad:ad:a0:84:56:04:cd:e9:f7:5e:20:05:18:
                    94:5f:ad:6f:db:cd:48:ed:ab:3a:5f:36:82:9d:0a:
                    cf:3f:5f:93:ca:60:15:6b:6d:4c:cf:ee:5b:c4:6a:
                    93:ac:e3:c8:40:1e:f2:19:20:6e:10:6f:f8:ee:2c:
                    b8:92:36:6c:13:93:f5:bd:e2:d6:1c:0a:82:64:77:
                    dc:f2:a1:a7:03:dd:6d:fb:9c:48:73:f6:8f:8e:66:
                    80:b7:bf:af:91:a5:3e:30:4c:1d:c9:59:d5:f3:b8:
                    96:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:AA:EB:80:E2:23:A9:F5:F4:52:61:2C:DF:7D:49:9C:39:2C:B2:09
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.23.152.0/21
                  82.24.10.0/23
                  82.24.44.0/23
                  82.24.50.0/23
                  82.24.102.0/23
                  82.24.184.0/22
                  82.24.204.0/23
                  82.25.18.0/23
                  82.25.128.0/22
                  82.25.206.0/23
                  82.26.102.0/23
                  82.27.80.0/21
                  82.27.112.0/22
                  82.27.192.0/22
                  82.38.36.0/23
                  82.39.112.0/23
                  82.41.192.0/23
                  84.75.4.0/22
                  84.75.28.0/22
                  84.75.72.0/22
                  178.83.0.0/22
                  178.83.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:d9:a1:e5:7e:e0:4d:50:2c:9f:05:96:2e:fe:05:7e:05:29:
         53:72:e9:70:d4:1d:9f:40:28:2d:14:b4:dc:e1:c2:28:b5:df:
         51:ed:e7:08:e4:21:51:e2:fb:e7:e1:42:a8:47:f9:9a:f2:9c:
         70:74:92:e2:f9:1c:87:57:62:6d:6b:a4:12:cf:e8:d6:14:00:
         91:ff:08:fe:75:b3:5c:98:82:4a:84:3e:7d:47:85:00:5d:36:
         1f:ee:38:52:90:e6:cb:c8:22:53:3c:c5:74:ac:12:88:7c:06:
         71:c7:ae:ba:12:b3:ff:0f:6b:58:33:3e:34:a6:04:c9:00:52:
         05:02:c8:ba:a3:ec:f2:7d:0e:73:ca:63:41:1a:41:55:1e:28:
         1d:8e:f3:a7:dd:18:ba:cd:dd:5e:1a:9d:2d:1a:18:40:fc:c9:
         9e:e8:85:8c:c0:86:bd:14:98:7c:9c:43:64:3a:b8:b2:0e:d5:
         c3:11:e9:44:05:c7:e3:f3:f8:4e:2d:bf:e8:85:6e:16:6c:63:
         5f:e9:32:01:7c:27:af:98:50:e6:60:24:b7:a6:3d:14:43:75:
         d5:d5:85:10:82:a2:09:1a:19:6b:a6:c4:f1:2e:08:e0:39:03:
         51:6e:4e:af:5b:a7:91:6f:b0:c7:e7:02:d4:18:2d:5c:56:88:
         a5:da:9e:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIUXjeLpBwGyKvrNSmJI6jMFrxNaSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDcyMzU5NDNaFw0yNzA3MDcwMDA0NDNaMDMxMTAvBgNV
BAMTKEJGQUFFQjgwRTIyM0E5RjVGNDUyNjEyQ0RGN0Q0OTlDMzkyQ0IyMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ml74WNo8rDoKGm5XwmoM8dIb
NgpR+eAjdH4Cq+6wH9d2osDF4mqjZeeTQLbhc2lmIpFGVUedDWYl7ZAFfVdvf3YG
QGFfUZ63FksmyhdfEIGooBwz7x6dsZTucsDSGGI0mMAobB0xmaXVjgn1Jh4e94hl
yz07+IikhUMG+mOt41nIeIKHHzuDRGZsBUJQHF/GpxqX699Yra2ghFYEzen3XiAF
GJRfrW/bzUjtqzpfNoKdCs8/X5PKYBVrbUzP7lvEapOs48hAHvIZIG4Qb/juLLiS
NmwTk/W94tYcCoJkd9zyoacD3W37nEhz9o+OZoC3v6+RpT4wTB3JWdXzuJbxAgMB
AAGjggKLMIIChzAdBgNVHQ4EFgQUv6rrgOIjqfX0UmEs331JnDkssgkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBoQYIKwYBBQUHAQcBAf8EgZEwgY4wgYsEAgABMIGEAwQD
UheYAwQBUhgKAwQBUhgsAwQBUhgyAwQBUhhmAwQCUhi4AwQBUhjMAwQBUhkSAwQC
UhmAAwQBUhnOAwQBUhpmAwQDUhtQAwQCUhtwAwQCUhvAAwQBUiYkAwQBUidwAwQB
UinAAwQCVEsEAwQCVEscAwQCVEtIAwQCslMAAwQCslPYMA0GCSqGSIb3DQEBCwUA
A4IBAQAe2aHlfuBNUCyfBZYu/gV+BSlTculw1B2fQCgtFLTc4cIotd9R7ecI5CFR
4vvn4UKoR/ma8pxwdJLi+RyHV2Jta6QSz+jWFACR/wj+dbNcmIJKhD59R4UAXTYf
7jhSkObLyCJTPMV0rBKIfAZxx666ErP/D2tYMz40pgTJAFIFAsi6o+zyfQ5zymNB
GkFVHigdjvOn3Ri6zd1eGp0tGhhA/Mme6IWMwIa9FJh8nENkOriyDtXDEelEBcfj
8/hOLb/ohW4WbGNf6TIBfCevmFDmYCS3pj0UQ3XV1YUQgqIJGhlrpsTxLgjgOQNR
bk6vW6eRb7DH5wLUGC1cVoil2p5k
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:06:36 2026 by rpki-client