Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: 6Gx4Q232yZfaCuahVHeK/9wJodg5YuD2IBxudzqPUiE=
Subject key identifier: 39:6E:0E:7D:F0:A3:55:29:08:87:85:B4:34:25:FA:93:50:15:0B:71
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 74C8013EE1166175BFB05C2B04F828D48D2FF35C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
Signing time: Thu 29 May 2025 21:55:39 +0000
ROA not before: Thu 29 May 2025 21:50:39 +0000
ROA not after: Thu 28 May 2026 21:55:39 +0000
asID: 5650
IP address blocks: 46.203.160.0/24 maxlen: 24
46.203.164.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.90.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.134.203.0/24 maxlen: 24
95.135.38.0/24 maxlen: 24
95.135.85.0/24 maxlen: 24
95.135.127.0/24 maxlen: 24
95.135.138.0/24 maxlen: 24
95.135.180.0/24 maxlen: 24
95.135.219.0/24 maxlen: 24
178.92.28.0/22 maxlen: 24
178.92.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c8:01:3e:e1:16:61:75:bf:b0:5c:2b:04:f8:28:d4:8d:2f:f3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 29 21:50:39 2025 GMT
Not After : May 28 21:55:39 2026 GMT
Subject: CN=396E0E7DF0A35529088785B43425FA9350150B71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:72:bf:a0:78:06:69:93:e5:d2:5c:77:e8:64:
a5:ef:f0:a4:f7:89:22:7c:25:ae:9b:6f:52:b9:a9:
a5:e2:d4:b5:80:d9:13:0f:2d:c5:6a:46:5b:c3:71:
f3:ac:2b:09:38:39:a5:a9:24:af:ab:9c:dc:44:04:
e4:3d:2c:1a:d2:fc:4c:16:55:ca:d2:ac:9e:46:ce:
72:d4:bd:a1:5b:e6:d5:84:be:84:71:05:d5:75:79:
32:0c:73:b1:d5:ff:43:b8:a7:ed:30:1f:e0:f1:c0:
c7:b0:ed:13:2b:83:96:0e:4b:61:7e:43:39:b8:e8:
9b:f1:f5:0a:fb:14:35:60:cf:e4:01:8d:8d:95:34:
a7:2d:6f:a7:43:fb:a9:e5:8a:47:87:78:f9:ee:bf:
f3:38:17:2f:c0:5a:a6:b2:94:43:bd:e1:e2:d0:b7:
2f:69:5c:63:b9:55:2d:4d:bb:56:22:b4:6b:0e:1f:
40:d9:e7:5e:b8:6b:b7:fd:4e:f9:81:48:0a:89:0d:
74:a1:5a:37:01:b8:8c:95:da:4a:26:e2:60:00:eb:
a3:28:48:c6:c6:7e:53:05:f8:ec:63:2f:a5:76:00:
25:89:a5:db:4e:73:6c:25:73:6f:b7:3d:ad:0c:57:
32:41:71:80:6a:ae:9d:15:e3:ac:98:63:b0:8e:1e:
b5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6E:0E:7D:F0:A3:55:29:08:87:85:B4:34:25:FA:93:50:15:0B:71
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.160.0/24
46.203.164.0/24
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.215.0/24
95.134.76.0/24
95.134.90.0/24
95.134.120.0/24
95.134.203.0/24
95.135.38.0/24
95.135.85.0/24
95.135.127.0/24
95.135.138.0/24
95.135.180.0/24
95.135.219.0/24
178.92.28.0/22
178.92.220.0/24
Signature Algorithm: sha256WithRSAEncryption
16:df:ac:17:7b:5c:24:af:19:9a:2b:e3:a0:aa:9f:f4:b6:82:
3e:6f:04:29:12:72:9a:49:7a:74:2e:45:0e:21:89:f8:c5:a0:
35:48:99:e5:41:a5:9e:2c:34:2a:9c:8a:44:ae:04:e3:39:86:
02:e5:7c:94:38:29:ac:35:47:46:09:cb:95:93:88:aa:11:53:
f0:1a:a8:e9:99:e5:08:97:20:3d:e2:a7:ab:f6:62:da:ef:2b:
69:a7:60:ce:6d:4e:85:da:32:a4:8d:9e:63:48:c7:d6:8f:e5:
c9:64:05:64:d3:40:74:d5:9e:49:03:54:46:e8:80:8d:2e:47:
42:58:ef:d3:ed:fc:85:52:b9:fd:d1:5c:54:0b:08:80:6a:52:
bb:45:ad:95:da:1a:b6:d6:13:af:ae:1e:99:c9:4c:4a:92:77:
fe:42:f3:88:19:cd:e4:44:f4:f7:32:c0:d2:11:33:9b:b8:f1:
97:9b:26:8d:38:61:fd:0c:dc:5a:53:84:be:08:6f:55:2b:27:
26:78:d9:b2:03:ca:c2:c6:66:3e:70:36:c1:84:60:94:fc:c6:
5d:89:04:87:89:00:be:57:a0:eb:5f:2b:b1:7f:5d:ce:ab:1b:
9a:d1:48:71:cb:b0:ca:d8:62:1a:95:48:3a:11:69:44:14:57:
4f:48:32:2e
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUdMgBPuEWYXW/sFwrBPgo1I0v81wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjkyMTUwMzlaFw0yNjA1MjgyMTU1MzlaMDMxMTAvBgNV
BAMTKDM5NkUwRTdERjBBMzU1MjkwODg3ODVCNDM0MjVGQTkzNTAxNTBCNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEcr+geAZpk+XSXHfoZKXv8KT3
iSJ8Ja6bb1K5qaXi1LWA2RMPLcVqRlvDcfOsKwk4OaWpJK+rnNxEBOQ9LBrS/EwW
VcrSrJ5GznLUvaFb5tWEvoRxBdV1eTIMc7HV/0O4p+0wH+DxwMew7RMrg5YOS2F+
Qzm46Jvx9Qr7FDVgz+QBjY2VNKctb6dD+6nlikeHePnuv/M4Fy/AWqaylEO94eLQ
ty9pXGO5VS1Nu1YitGsOH0DZ5164a7f9TvmBSAqJDXShWjcBuIyV2kom4mAA66Mo
SMbGflMF+OxjL6V2ACWJpdtOc2wlc2+3Pa0MVzJBcYBqrp0V46yYY7COHrUHAgMB
AAGjggJvMIICazAdBgNVHQ4EFgQUOW4OffCjVSkIh4W0NCX6k1AVC3EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBAAuy6AD
BAAuy6QDBAJccCADBANccCgDBABccJ0DBABccdcDBABfhkwDBABfhloDBABfhngD
BABfhssDBABfhyYDBABfh1UDBABfh38DBABfh4oDBABfh7QDBABfh9sDBAKyXBwD
BACyXNwwDQYJKoZIhvcNAQELBQADggEBABbfrBd7XCSvGZor46Cqn/S2gj5vBCkS
cppJenQuRQ4hifjFoDVImeVBpZ4sNCqcikSuBOM5hgLlfJQ4Kaw1R0YJy5WTiKoR
U/AaqOmZ5QiXID3ip6v2YtrvK2mnYM5tToXaMqSNnmNIx9aP5clkBWTTQHTVnkkD
VEbogI0uR0JY79Pt/IVSuf3RXFQLCIBqUrtFrZXaGrbWE6+uHpnJTEqSd/5C84gZ
zeRE9PcywNIRM5u48ZebJo04Yf0M3FpThL4Ib1UrJyZ42bIDysLGZj5wNsGEYJT8
xl2JBIeJAL5XoOtfK7F/Xc6rG5rRSHHLsMrYYhqVSDoRaUQUV09IMi4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:14:25 2025 by rpki-client