Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: xF/0kdk6KsPLOPcSQEy0O1N3Ki9eenfnRHTglLTtlgg=
Subject key identifier: 00:EC:F9:E3:05:01:7F:EE:30:C8:DE:05:18:03:CA:26:1C:0B:76:B5
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 53B2643DFA73F48DF97E4FF58A193EAD60C02C08
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS5650.roa
Signing time: Wed 04 Mar 2026 08:30:27 +0000
ROA not before: Wed 04 Mar 2026 08:25:27 +0000
ROA not after: Wed 03 Mar 2027 08:30:27 +0000
asID: 5650
IP address blocks: 147.125.152.0/22 maxlen: 22
147.125.216.0/21 maxlen: 21
147.125.224.0/22 maxlen: 22
147.125.232.0/21 maxlen: 21
147.125.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 14:20:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b2:64:3d:fa:73:f4:8d:f9:7e:4f:f5:8a:19:3e:ad:60:c0:2c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Mar 4 08:25:27 2026 GMT
Not After : Mar 3 08:30:27 2027 GMT
Subject: CN=00ECF9E305017FEE30C8DE051803CA261C0B76B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ce:da:f8:a5:43:46:6b:71:3a:aa:43:bf:9a:
d1:88:b5:c7:b8:0c:06:9f:eb:a6:e8:40:26:8d:ed:
73:6a:57:38:7f:2b:d1:e5:54:ba:f4:5e:2e:80:cf:
75:e9:06:b0:b7:c2:e5:7e:4c:52:5d:36:cd:08:90:
b6:4c:ad:6d:25:ff:02:14:68:44:cb:43:02:6a:c1:
c5:32:4d:5b:b8:7a:a7:79:bf:5f:ce:60:b8:04:65:
a5:76:45:96:b9:18:07:51:4f:21:46:f8:ef:60:2d:
20:53:2a:d2:77:98:94:e3:f9:d6:f4:8e:df:96:93:
d2:f4:8d:76:95:04:86:26:05:44:c2:b5:42:95:0a:
70:3d:e5:99:a6:a5:eb:d1:6c:af:6d:d6:9d:d4:61:
d9:00:96:b1:3d:43:b9:af:39:fd:da:29:7a:d0:5e:
8d:5e:87:6c:06:78:e9:58:6f:dc:16:37:fa:36:42:
28:ec:ef:ee:d6:63:72:3b:4d:39:b2:6a:cc:6d:25:
fb:f9:15:c3:0d:3d:e3:4f:0b:0e:dc:dc:c2:9d:3e:
fb:94:ee:87:30:56:3c:fb:e5:14:67:73:f3:ad:e4:
5f:83:b4:53:c7:32:14:59:25:ef:97:de:82:55:0c:
61:0c:d2:8e:3a:1f:b7:92:0a:c4:e7:48:8c:e2:12:
e8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EC:F9:E3:05:01:7F:EE:30:C8:DE:05:18:03:CA:26:1C:0B:76:B5
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.152.0/22
147.125.216.0-147.125.227.255
147.125.232.0/21
147.125.250.0/24
Signature Algorithm: sha256WithRSAEncryption
61:49:f7:03:81:93:13:3d:0d:72:d3:19:d0:d2:62:a7:90:5a:
81:a2:84:9e:be:e4:f7:fa:c7:60:e9:b1:9a:24:c7:f1:a2:0d:
74:5f:1f:1b:b6:e0:95:d3:94:b9:48:52:bc:7b:43:dc:c5:f9:
69:c3:c4:a3:38:a8:65:e6:e2:1b:3e:53:7a:63:cd:da:37:b0:
1b:97:ac:58:29:12:d0:45:17:11:77:7a:f1:ee:7b:12:2d:84:
28:24:00:d2:08:c5:9c:2f:61:5c:a1:66:d9:0f:3b:d6:b0:65:
c7:49:22:e2:84:0f:83:e8:fc:3b:01:63:da:ac:25:4a:6e:c6:
0a:9b:c6:ff:04:cb:4e:0f:8e:db:e2:98:94:67:5e:80:12:84:
6c:a9:e2:84:df:1e:bc:8f:a6:50:1e:e3:63:39:5d:12:a0:70:
ba:91:32:4a:17:b7:a3:b5:f7:8a:85:88:07:35:09:3a:00:82:
34:f4:c8:bd:92:c7:60:6a:85:2e:e2:8d:76:6b:e1:6c:b1:c9:
cb:16:ff:33:9b:42:19:c8:89:17:b1:30:af:1f:b0:1c:83:b3:
14:e3:9c:11:ca:f3:56:fa:4c:4b:d2:ef:d5:40:c3:ac:7f:d2:
8f:1f:6d:7b:45:25:98:41:81:d5:a5:8f:0e:83:13:53:c7:bc:
50:5d:6b:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUU7JkPfpz9I35fk/1ihk+rWDALAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAzMDQwODI1MjdaFw0yNzAzMDMwODMwMjdaMDMxMTAvBgNV
BAMTKDAwRUNGOUUzMDUwMTdGRUUzMEM4REUwNTE4MDNDQTI2MUMwQjc2QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdztr4pUNGa3E6qkO/mtGItce4
DAaf66boQCaN7XNqVzh/K9HlVLr0Xi6Az3XpBrC3wuV+TFJdNs0IkLZMrW0l/wIU
aETLQwJqwcUyTVu4eqd5v1/OYLgEZaV2RZa5GAdRTyFG+O9gLSBTKtJ3mJTj+db0
jt+Wk9L0jXaVBIYmBUTCtUKVCnA95ZmmpevRbK9t1p3UYdkAlrE9Q7mvOf3aKXrQ
Xo1eh2wGeOlYb9wWN/o2Qijs7+7WY3I7TTmyasxtJfv5FcMNPeNPCw7c3MKdPvuU
7ocwVjz75RRnc/Ot5F+DtFPHMhRZJe+X3oJVDGEM0o46H7eSCsTnSIziEugfAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUAOz54wUBf+4wyN4FGAPKJhwLdrUwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NjZDM4ODRhLWMzODUt
NGI2NS05ODY2LTRmNjM4MzE3MjY3Mi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEApN9mDAM
AwQDk33YAwQCk33gAwQDk33oAwQAk336MA0GCSqGSIb3DQEBCwUAA4IBAQBhSfcD
gZMTPQ1y0xnQ0mKnkFqBooSevuT3+sdg6bGaJMfxog10Xx8btuCV05S5SFK8e0Pc
xflpw8SjOKhl5uIbPlN6Y83aN7Abl6xYKRLQRRcRd3rx7nsSLYQoJADSCMWcL2Fc
oWbZDzvWsGXHSSLihA+D6Pw7AWParCVKbsYKm8b/BMtOD47b4piUZ16AEoRsqeKE
3x68j6ZQHuNjOV0SoHC6kTJKF7ejtfeKhYgHNQk6AII09Mi9ksdgaoUu4o12a+Fs
scnLFv8zm0IZyIkXsTCvH7Acg7MU45wRyvNW+kxL0u/VQMOsf9KPH217RSWYQYHV
pY8OgxNTx7xQXWs9
-----END CERTIFICATE-----
Generated at Wed Mar 4 19:14:09 2026 by rpki-client