Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: gSXcVhKLPtHS3CNLUOZqfs9yeNKLlF0848TbjP1+188=
Subject key identifier: 5C:4C:11:B3:92:52:F6:3F:70:7E:EF:0D:94:86:33:21:C5:9F:66:83
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2A1BB2098294D940B1157424A3A961D76DE8236F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
Signing time: Tue 16 Sep 2025 16:44:21 +0000
ROA not before: Tue 16 Sep 2025 16:39:21 +0000
ROA not after: Tue 15 Sep 2026 16:44:21 +0000
asID: 5650
IP address blocks: 82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:1b:b2:09:82:94:d9:40:b1:15:74:24:a3:a9:61:d7:6d:e8:23:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 16 16:39:21 2025 GMT
Not After : Sep 15 16:44:21 2026 GMT
Subject: CN=5C4C11B39252F63F707EEF0D94863321C59F6683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:14:8b:d0:d4:b9:14:9f:45:5e:ce:a1:db:0e:
9e:65:75:f9:3c:94:0f:a9:53:bd:a2:f6:2d:8b:ad:
b9:67:c6:8b:ef:88:73:db:ad:f2:05:a7:67:e9:c5:
d1:2a:03:61:f1:75:a3:3a:2b:63:58:29:05:35:ef:
c4:66:d0:df:cd:7f:9b:70:a9:e7:c9:61:3d:3f:7d:
fb:98:da:ed:51:41:90:4f:1c:33:3a:89:6b:fc:58:
4b:be:17:91:10:20:0e:5d:d2:79:58:47:3c:e1:2a:
26:d2:87:9b:ec:d8:6d:0c:fb:e3:95:d1:b2:ea:55:
d4:47:27:00:52:2d:50:35:ee:26:50:d0:13:33:bc:
da:b1:b5:82:a6:e5:02:c5:34:94:f7:e1:2b:04:22:
80:3e:31:b5:84:e7:63:76:9f:b2:15:23:96:e2:a1:
f5:71:a1:9a:ec:30:7a:ab:48:a9:0a:62:1b:f5:7f:
d4:6f:8c:37:8a:a7:75:20:01:0c:fc:dd:3d:15:fc:
87:77:81:86:19:88:a4:58:29:b1:cf:41:67:a5:77:
68:5c:e8:99:c1:15:e1:81:89:a5:40:19:ab:dc:f8:
cf:31:4e:1d:1a:31:73:d6:b1:b5:a8:09:24:2b:4d:
8f:32:29:8f:09:0d:c2:75:9d:39:dc:e4:21:d7:af:
67:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4C:11:B3:92:52:F6:3F:70:7E:EF:0D:94:86:33:21:C5:9F:66:83
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.80.0/21
82.27.112.0/22
82.27.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c3:30:31:e7:3c:fa:ec:5a:02:1c:7b:c1:96:d6:3a:e3:ab:
5a:54:16:c6:32:20:3c:df:55:17:89:56:62:2f:29:ff:83:f4:
69:7a:59:fa:2a:9f:59:16:73:47:0d:f8:9d:17:ae:ec:d0:c4:
59:74:a0:aa:d4:c3:16:36:29:36:47:be:9d:c3:83:92:6f:ea:
71:80:ff:c6:0c:42:0b:5b:5b:1f:9f:64:e8:99:9b:d5:90:f1:
b6:72:e5:d7:8f:cb:d1:ec:47:19:8d:e0:f9:1a:a1:d6:fc:9d:
3f:a6:d0:12:ef:0e:a7:94:54:7f:6d:6e:00:d8:fb:19:21:ed:
05:14:e8:c2:a5:6a:6d:f1:43:56:fe:72:d2:27:fe:65:48:45:
8a:c3:c1:c8:4b:42:15:36:b4:15:1f:21:17:80:1b:46:74:8c:
d7:43:27:30:57:a7:9e:86:49:11:0a:3e:cf:b9:5a:e7:27:ed:
c6:38:79:04:7e:e4:f9:17:49:0c:df:1d:d6:02:60:56:50:ad:
53:a0:0d:cf:3a:dc:18:0a:c3:3e:9f:16:bf:22:d6:0d:d7:bf:
25:be:ab:01:f9:be:d0:fa:43:ae:1a:c4:d8:d6:58:a1:72:4b:
06:12:48:06:c0:73:4e:8f:6c:4a:a3:e1:f9:b1:18:65:00:b4:
54:d6:5d:fa
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUKhuyCYKU2UCxFXQko6lh123oI28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MTYxNjM5MjFaFw0yNjA5MTUxNjQ0MjFaMDMxMTAvBgNV
BAMTKDVDNEMxMUIzOTI1MkY2M0Y3MDdFRUYwRDk0ODYzMzIxQzU5RjY2ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUFIvQ1LkUn0VezqHbDp5ldfk8
lA+pU72i9i2LrblnxovviHPbrfIFp2fpxdEqA2HxdaM6K2NYKQU178Rm0N/Nf5tw
qefJYT0/ffuY2u1RQZBPHDM6iWv8WEu+F5EQIA5d0nlYRzzhKibSh5vs2G0M++OV
0bLqVdRHJwBSLVA17iZQ0BMzvNqxtYKm5QLFNJT34SsEIoA+MbWE52N2n7IVI5bi
ofVxoZrsMHqrSKkKYhv1f9RvjDeKp3UgAQz83T0V/Id3gYYZiKRYKbHPQWeld2hc
6JnBFeGBiaVAGavc+M8xTh0aMXPWsbWoCSQrTY8yKY8JDcJ1nTnc5CHXr2cvAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUXEwRs5JS9j9wfu8NlIYzIcWfZoMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAVIYCgME
AVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAVIZEgMEAlIZgAMEAVIZzgME
AVIaZgMEA1IbUAMEAlIbcAMEAlIbwDANBgkqhkiG9w0BAQsFAAOCAQEAisMwMec8
+uxaAhx7wZbWOuOrWlQWxjIgPN9VF4lWYi8p/4P0aXpZ+iqfWRZzRw34nReu7NDE
WXSgqtTDFjYpNke+ncODkm/qcYD/xgxCC1tbH59k6Jmb1ZDxtnLl14/L0exHGY3g
+Rqh1vydP6bQEu8Op5RUf21uANj7GSHtBRTowqVqbfFDVv5y0if+ZUhFisPByEtC
FTa0FR8hF4AbRnSM10MnMFennoZJEQo+z7la5yftxjh5BH7k+RdJDN8d1gJgVlCt
U6ANzzrcGArDPp8WvyLWDde/Jb6rAfm+0PpDrhrE2NZYoXJLBhJIBsBzTo9sSqPh
+bEYZQC0VNZd+g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:09 2025 by rpki-client