Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: 4ajcAb6QDrqoqEwRNgRFtf7myXGXlXsklv/BzVGTBXQ=
Subject key identifier: C7:5B:64:0B:3F:CB:45:3F:FF:DD:22:4F:8E:15:3C:6F:1C:84:77:44
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5CFB4EB3D6B999C979CC60FE67682242E68E5685
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
Signing time: Wed 08 Apr 2026 11:25:03 +0000
ROA not before: Wed 08 Apr 2026 11:20:03 +0000
ROA not after: Wed 07 Apr 2027 11:25:03 +0000
asID: 5650
IP address blocks: 150.241.255.0/24 maxlen: 24
162.141.2.0/23 maxlen: 24
162.141.6.0/23 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.76.0/23 maxlen: 24
162.141.134.0/23 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.75.0/24 maxlen: 24
167.148.145.0/24 maxlen: 24
167.148.185.0/24 maxlen: 24
168.222.6.0/24 maxlen: 24
168.222.11.0/24 maxlen: 24
168.222.63.0/24 maxlen: 24
168.222.112.0/22 maxlen: 22
168.222.123.0/24 maxlen: 24
168.222.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:fb:4e:b3:d6:b9:99:c9:79:cc:60:fe:67:68:22:42:e6:8e:56:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 8 11:20:03 2026 GMT
Not After : Apr 7 11:25:03 2027 GMT
Subject: CN=C75B640B3FCB453FFFDD224F8E153C6F1C847744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:97:e3:b7:b9:24:3a:85:d6:28:90:7a:64:dc:
25:d2:7b:2d:22:4a:83:ca:d3:78:a8:0c:78:22:e7:
89:1f:90:21:82:5f:ee:52:bc:fd:ee:8e:b7:c0:2b:
18:6f:4d:95:6f:fd:5b:ad:78:5e:d0:56:9f:34:74:
0f:d7:0d:4b:a0:7f:56:b8:f2:6e:5d:ea:ce:64:c0:
be:01:19:18:9b:8d:c1:f1:55:e1:39:e3:7d:94:fe:
ac:cc:f4:49:1c:70:28:6c:49:c1:80:2e:88:6f:2b:
1a:23:42:e4:a2:00:43:28:fc:92:bb:88:cb:ad:15:
32:a5:7f:40:0b:58:82:53:ea:a2:86:b0:d8:f5:8e:
96:9e:8c:f3:23:ac:b5:73:3c:af:de:9c:15:56:42:
1e:3f:2c:44:6a:30:f8:20:92:96:72:e0:f7:17:95:
f1:e9:2b:19:1f:d8:e3:f6:4c:50:94:e7:75:c4:b7:
f9:21:a5:26:96:f5:ac:0e:a1:27:56:1b:5c:17:df:
ed:d0:3f:8f:0b:16:b4:8a:6b:3d:ff:32:e2:08:ec:
ef:9c:c8:0c:9a:2c:94:a3:74:43:91:c3:dc:43:59:
65:4b:36:f6:54:70:e2:88:1c:17:8f:3d:04:47:17:
17:fc:40:41:7d:23:9a:13:6d:37:c5:55:7a:e3:45:
eb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5B:64:0B:3F:CB:45:3F:FF:DD:22:4F:8E:15:3C:6F:1C:84:77:44
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.255.0/24
162.141.2.0/23
162.141.6.0/23
162.141.60.0/22
162.141.76.0/23
162.141.134.0/23
162.141.192.0-162.141.215.255
167.148.24.0/22
167.148.43.0/24
167.148.75.0/24
167.148.145.0/24
167.148.185.0/24
168.222.6.0/24
168.222.11.0/24
168.222.63.0/24
168.222.112.0/22
168.222.123.0-168.222.124.255
Signature Algorithm: sha256WithRSAEncryption
70:5b:d8:94:65:d1:3b:e6:ef:00:ce:68:4f:cd:f3:2e:16:23:
fc:2a:b8:1e:43:ba:2d:01:e3:a4:89:f3:a6:dd:69:22:64:fe:
e4:78:9d:4d:ff:1f:cc:2a:f4:f1:3b:ea:62:20:a1:9f:bc:4e:
1d:6e:9c:96:a5:ac:97:93:28:3c:83:3a:ce:ed:83:61:71:46:
bc:bb:35:8e:b8:6b:07:ad:74:ff:6f:05:42:18:88:5a:1f:bd:
68:8b:48:df:1b:c4:cb:2b:dc:8e:d0:82:6e:50:41:91:80:64:
78:85:82:35:bb:04:f7:e6:27:0e:ec:a4:33:02:c8:d8:c4:fe:
44:6b:7b:86:59:2d:f9:ea:e2:b8:57:79:b9:a2:92:42:fb:ad:
98:7d:4b:cd:17:3d:2d:ce:22:54:9f:f9:f7:dd:ba:df:df:bf:
21:03:c6:ba:fa:ae:ab:7c:82:f4:51:90:9d:dc:9d:81:c8:f2:
f5:3b:2d:a0:35:ec:48:05:c4:e5:9b:8f:1a:3a:88:88:21:db:
60:da:5b:bf:35:60:bb:dc:4d:54:a9:4f:29:19:ec:ad:02:69:
74:0b:93:07:8a:de:24:61:f5:5c:1b:35:20:dc:45:2e:22:1a:
17:c6:3c:10:36:68:f8:d4:a4:e2:cf:c7:60:44:dc:f7:3d:26:
17:d4:83:13
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUXPtOs9a5mcl5zGD+Z2giQuaOVoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDgxMTIwMDNaFw0yNzA0MDcxMTI1MDNaMDMxMTAvBgNV
BAMTKEM3NUI2NDBCM0ZDQjQ1M0ZGRkREMjI0RjhFMTUzQzZGMUM4NDc3NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjl+O3uSQ6hdYokHpk3CXSey0i
SoPK03ioDHgi54kfkCGCX+5SvP3ujrfAKxhvTZVv/VuteF7QVp80dA/XDUugf1a4
8m5d6s5kwL4BGRibjcHxVeE5432U/qzM9EkccChsScGALohvKxojQuSiAEMo/JK7
iMutFTKlf0ALWIJT6qKGsNj1jpaejPMjrLVzPK/enBVWQh4/LERqMPggkpZy4PcX
lfHpKxkf2OP2TFCU53XEt/khpSaW9awOoSdWG1wX3+3QP48LFrSKaz3/MuII7O+c
yAyaLJSjdEORw9xDWWVLNvZUcOKIHBePPQRHFxf8QEF9I5oTbTfFVXrjRevzAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUx1tkCz/LRT//3SJPjhU8bxyEd0QwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkAYIKwYBBQUHAQcBAf8EgYAwfjB8BAIAATB2AwQAlvH/
AwQBoo0CAwQBoo0GAwQCoo08AwQBoo1MAwQBoo2GMAwDBAaijcADBAOijdADBAKn
lBgDBACnlCsDBACnlEsDBACnlJEDBACnlLkDBACo3gYDBACo3gsDBACo3j8DBAKo
3nAwDAMEAKjeewMEAKjefDANBgkqhkiG9w0BAQsFAAOCAQEAcFvYlGXRO+bvAM5o
T83zLhYj/Cq4HkO6LQHjpInzpt1pImT+5HidTf8fzCr08TvqYiChn7xOHW6clqWs
l5MoPIM6zu2DYXFGvLs1jrhrB610/28FQhiIWh+9aItI3xvEyyvcjtCCblBBkYBk
eIWCNbsE9+YnDuykMwLI2MT+RGt7hlkt+eriuFd5uaKSQvutmH1LzRc9Lc4iVJ/5
992639+/IQPGuvquq3yC9FGQndydgcjy9TstoDXsSAXE5ZuPGjqIiCHbYNpbvzVg
u9xNVKlPKRnsrQJpdAuTB4reJGH1XBs1INxFLiIaF8Y8EDZo+NSk4s/HYETc9z0m
F9SDEw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:51:59 2026 by rpki-client