Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: RTKmG8BHYxmE8rXKupk7euNDXZzg0PJ4Ft926p/KviM=
Subject key identifier: 40:B0:8A:22:33:E5:EE:47:A3:71:DC:6E:8B:C2:B1:B6:21:E7:B7:83
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 41ECFBE992F2F012AAA95BADDBF2BA6A9F3EF78B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
Signing time: Wed 18 Feb 2026 10:33:21 +0000
ROA not before: Wed 18 Feb 2026 10:28:21 +0000
ROA not after: Wed 17 Feb 2027 10:33:21 +0000
asID: 5650
IP address blocks: 150.241.255.0/24 maxlen: 24
162.141.124.0/22 maxlen: 24
162.141.208.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.216.0/22 maxlen: 24
168.222.1.0/24 maxlen: 24
168.222.6.0/24 maxlen: 24
168.222.11.0/24 maxlen: 24
168.222.63.0/24 maxlen: 24
168.222.112.0/22 maxlen: 22
168.222.123.0/24 maxlen: 24
168.222.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ec:fb:e9:92:f2:f0:12:aa:a9:5b:ad:db:f2:ba:6a:9f:3e:f7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 18 10:28:21 2026 GMT
Not After : Feb 17 10:33:21 2027 GMT
Subject: CN=40B08A2233E5EE47A371DC6E8BC2B1B621E7B783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4b:20:1b:aa:2e:4a:ed:19:42:d5:8d:0c:f3:
11:60:28:c1:cd:fb:78:04:09:0b:b8:84:3a:fc:89:
13:ab:de:67:5a:1f:2f:af:de:75:48:06:f1:21:6c:
03:ee:a6:6c:4e:19:69:f9:9f:5d:e9:79:62:2f:eb:
90:d7:ab:a9:2a:eb:f0:db:7a:15:4a:85:e4:f0:0c:
75:ce:a6:0f:85:a7:b8:6f:e6:47:3b:96:8d:a1:9c:
a6:76:5d:be:c4:64:82:cd:09:e3:3b:30:ef:43:4a:
55:78:43:04:65:a2:db:d9:a0:ae:98:95:23:d9:fc:
0b:0c:9d:59:3f:6d:4e:6a:3b:d1:2a:b3:94:d9:2e:
01:35:f0:bf:37:69:9c:4c:b1:69:22:6b:7b:b9:56:
0e:25:4f:2f:0e:0a:c9:e6:36:97:02:8b:76:17:c4:
b6:bc:33:b5:d7:d5:d8:03:1e:95:d7:a2:fa:cf:e0:
5a:b4:e8:50:1b:6d:2e:bb:45:20:53:ba:80:ae:4b:
70:49:0d:bc:93:45:93:c9:65:30:89:c4:3a:7c:e2:
21:7c:e6:b4:04:80:6e:90:3f:86:fd:91:3a:3b:a6:
16:47:fb:bf:9f:29:aa:6d:b2:1b:53:83:b4:a1:df:
d1:00:c3:8a:8b:ca:09:b8:78:19:48:26:c0:f1:e4:
6a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B0:8A:22:33:E5:EE:47:A3:71:DC:6E:8B:C2:B1:B6:21:E7:B7:83
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.255.0/24
162.141.124.0/22
162.141.208.0/21
167.148.24.0/22
167.148.216.0/22
168.222.1.0/24
168.222.6.0/24
168.222.11.0/24
168.222.63.0/24
168.222.112.0/22
168.222.123.0-168.222.124.255
Signature Algorithm: sha256WithRSAEncryption
39:44:4e:a7:1c:b2:91:14:4a:91:bc:77:d0:79:fc:36:34:88:
2c:b6:c2:38:56:58:bd:76:b1:6b:d8:53:da:b1:87:d1:b7:23:
e7:53:a3:da:34:49:49:6c:ce:dc:07:84:26:a2:5e:55:9a:a6:
b5:4a:1a:f7:75:a1:cc:da:f9:52:77:da:af:e0:1a:94:9b:84:
6e:51:50:3c:14:d9:35:2f:3e:0c:c8:50:42:63:ff:7f:16:4d:
48:cd:26:98:53:3f:9f:40:a8:4c:82:91:1c:25:e8:09:d0:4a:
d9:c8:44:de:d6:ab:03:15:83:e0:4a:a4:5e:83:28:02:34:1f:
62:cd:f9:28:62:a6:4d:c1:b1:f0:5a:c7:47:3a:b4:26:95:b8:
07:f8:46:16:18:05:11:16:ad:24:bf:fd:a8:19:58:60:f3:9e:
86:b6:8f:65:93:a5:1f:c6:4c:1a:6c:b3:e7:d6:01:58:86:9b:
3e:22:54:6e:27:6d:f5:2b:c4:92:ec:fe:53:5e:80:78:ea:7a:
c1:1e:9b:e5:a5:cc:ec:61:bf:13:56:40:70:f3:a8:1a:5f:39:
a3:3c:0e:bc:ab:7e:9f:ae:68:b5:d9:2f:49:d7:3d:77:ea:a0:
11:b5:df:4d:2d:75:64:ce:fc:47:56:c8:dd:2a:f9:da:24:be:
66:77:00:b2
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUQez76ZLy8BKqqVut2/K6ap8+94swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTgxMDI4MjFaFw0yNzAyMTcxMDMzMjFaMDMxMTAvBgNV
BAMTKDQwQjA4QTIyMzNFNUVFNDdBMzcxREM2RThCQzJCMUI2MjFFN0I3ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxSyAbqi5K7RlC1Y0M8xFgKMHN
+3gECQu4hDr8iROr3mdaHy+v3nVIBvEhbAPupmxOGWn5n13peWIv65DXq6kq6/Db
ehVKheTwDHXOpg+Fp7hv5kc7lo2hnKZ2Xb7EZILNCeM7MO9DSlV4QwRlotvZoK6Y
lSPZ/AsMnVk/bU5qO9Eqs5TZLgE18L83aZxMsWkia3u5Vg4lTy8OCsnmNpcCi3YX
xLa8M7XX1dgDHpXXovrP4Fq06FAbbS67RSBTuoCuS3BJDbyTRZPJZTCJxDp84iF8
5rQEgG6QP4b9kTo7phZH+7+fKaptshtTg7Sh39EAw4qLygm4eBlIJsDx5GofAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUQLCKIjPl7kejcdxui8KxtiHnt4MwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAJbx/wME
AqKNfAMEA6KN0AMEAqeUGAMEAqeU2AMEAKjeAQMEAKjeBgMEAKjeCwMEAKjePwME
AqjecDAMAwQAqN57AwQAqN58MA0GCSqGSIb3DQEBCwUAA4IBAQA5RE6nHLKRFEqR
vHfQefw2NIgstsI4Vli9drFr2FPasYfRtyPnU6PaNElJbM7cB4Qmol5Vmqa1Shr3
daHM2vlSd9qv4BqUm4RuUVA8FNk1Lz4MyFBCY/9/Fk1IzSaYUz+fQKhMgpEcJegJ
0ErZyETe1qsDFYPgSqRegygCNB9izfkoYqZNwbHwWsdHOrQmlbgH+EYWGAURFq0k
v/2oGVhg856Gto9lk6UfxkwabLPn1gFYhps+IlRuJ231K8SS7P5TXoB46nrBHpvl
pczsYb8TVkBw86gaXzmjPA68q36frmi12S9J1z136qARtd9NLXVkzvxHVsjdKvna
JL5mdwCy
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:03 2026 by rpki-client