Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: YQVLgHE/cgeDiYRxOw5mm+QFUcI77isdHfBduExwtmw=
Subject key identifier: 06:29:CF:2E:BA:B5:4B:74:4A:63:9D:83:84:8C:60:47:38:69:2B:60
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4F538724420E373E48A3996DA401D53A64605768
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
Signing time: Wed 08 Apr 2026 11:25:02 +0000
ROA not before: Wed 08 Apr 2026 11:20:02 +0000
ROA not after: Wed 07 Apr 2027 11:25:02 +0000
asID: 5650
IP address blocks: 82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.192.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:53:87:24:42:0e:37:3e:48:a3:99:6d:a4:01:d5:3a:64:60:57:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 11:20:02 2026 GMT
Not After : Apr 7 11:25:02 2027 GMT
Subject: CN=0629CF2EBAB54B744A639D83848C604738692B60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9a:aa:0e:25:04:e5:cb:d1:90:11:4d:9c:f7:
3b:8f:ff:f9:3c:36:ba:3c:a1:2a:68:c8:ba:c6:8f:
1f:b1:ca:20:bd:f7:0d:f9:65:6d:e1:cd:20:fd:d7:
35:a9:80:0b:c6:25:9f:7c:88:dc:25:17:9a:52:c5:
03:84:eb:2e:a7:f1:e8:23:4f:82:ba:0a:55:76:04:
78:27:c9:43:71:39:a4:f7:b6:9b:53:b8:89:33:0d:
96:56:6a:3b:c3:18:2d:01:7b:9f:98:7b:1d:3c:84:
07:2a:b9:bc:57:e3:ab:5a:f2:38:78:57:b7:c9:7e:
32:11:cc:50:9e:d4:28:a3:52:47:0f:b6:5c:95:41:
dc:9e:69:57:fa:11:9d:1e:ab:60:03:3e:db:10:60:
46:7e:d9:5d:87:da:ac:61:ce:c6:00:1a:93:97:41:
d3:c3:61:25:b9:f4:d0:76:64:dc:7b:e4:47:ac:cd:
1a:b4:15:07:2f:25:b2:21:4f:f7:64:c2:7f:73:a1:
d5:b4:57:90:05:98:64:e5:52:4e:c0:2e:d5:41:38:
24:b3:b2:3f:0b:46:2d:cb:e0:c7:09:32:33:00:49:
96:34:e1:a4:3b:e0:ec:bd:af:d1:b3:2b:e2:98:94:
c1:b0:0e:3b:03:1a:62:28:d0:9e:ce:aa:1b:1c:1f:
95:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:29:CF:2E:BA:B5:4B:74:4A:63:9D:83:84:8C:60:47:38:69:2B:60
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.80.0/21
82.27.112.0/22
82.27.192.0/22
82.38.36.0/23
82.39.112.0/23
82.41.192.0/23
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
178.83.0.0/22
178.83.128.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:d2:41:34:12:b6:94:69:8f:a4:9d:61:12:60:63:85:09:db:
87:f9:34:e7:31:65:20:1f:54:4d:97:65:50:a5:d7:29:96:76:
9a:6f:5d:93:8d:2b:1d:e9:1d:3c:4f:89:e5:90:b5:53:19:4f:
97:10:a6:dd:22:9d:ab:a8:5b:92:3e:03:4c:ba:c1:cc:f2:a3:
6d:92:ba:7d:2d:e4:6f:fd:bb:b5:ce:42:44:cd:15:30:91:58:
2c:1d:81:ea:83:21:10:d3:28:b9:fa:51:e0:41:6a:33:b6:be:
cd:c3:13:e2:50:44:50:23:b1:7e:85:49:91:de:0e:2a:4c:a1:
1f:95:6a:3f:85:da:28:5b:7f:2c:40:00:36:74:b9:70:77:eb:
25:79:33:e0:93:68:78:61:ce:b5:a4:c3:88:c3:74:a1:8f:eb:
a1:bb:54:69:f9:1e:c7:93:e4:2f:c9:70:77:81:cd:ff:0c:cb:
03:94:0b:e3:c1:47:6b:20:4e:78:ff:33:8c:35:f1:94:7b:46:
cc:6a:e8:0c:f7:2c:36:c1:ad:dc:f4:4e:0c:9f:df:8b:84:d5:
85:de:fc:a5:e7:1d:63:54:de:f2:31:b4:3a:a4:85:3b:5d:6e:
45:14:5e:2a:9f:2a:41:f5:bb:fe:4d:ef:df:a0:b0:27:3a:c5:
f2:5b:75:9a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIUT1OHJEIONz5Io5ltpAHVOmRgV2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgxMTIwMDJaFw0yNzA0MDcxMTI1MDJaMDMxMTAvBgNV
BAMTKDA2MjlDRjJFQkFCNTRCNzQ0QTYzOUQ4Mzg0OEM2MDQ3Mzg2OTJCNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxmqoOJQTly9GQEU2c9zuP//k8
Nro8oSpoyLrGjx+xyiC99w35ZW3hzSD91zWpgAvGJZ98iNwlF5pSxQOE6y6n8egj
T4K6ClV2BHgnyUNxOaT3tptTuIkzDZZWajvDGC0Be5+Yex08hAcqubxX46ta8jh4
V7fJfjIRzFCe1CijUkcPtlyVQdyeaVf6EZ0eq2ADPtsQYEZ+2V2H2qxhzsYAGpOX
QdPDYSW59NB2ZNx75EeszRq0FQcvJbIhT/dkwn9zodW0V5AFmGTlUk7ALtVBOCSz
sj8LRi3L4McJMjMASZY04aQ74Oy9r9GzK+KYlMGwDjsDGmIo0J7OqhscH5WfAgMB
AAGjggKRMIICjTAdBgNVHQ4EFgQUBinPLrq1S3RKY52DhIxgRzhpK2AwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgABMIGKAwQD
UheYAwQBUhgKAwQBUhgsAwQBUhgyAwQBUhhmAwQCUhi4AwQBUhjMAwQBUhkSAwQC
UhmAAwQBUhnOAwQBUhpmAwQDUhtQAwQCUhtwAwQCUhvAAwQBUiYkAwQBUidwAwQB
UinAAwQCVEsEAwQCVEscAwQCVEtIAwQCslMAAwQCslOAAwQCslPYMA0GCSqGSIb3
DQEBCwUAA4IBAQAs0kE0EraUaY+knWESYGOFCduH+TTnMWUgH1RNl2VQpdcplnaa
b12TjSsd6R08T4nlkLVTGU+XEKbdIp2rqFuSPgNMusHM8qNtkrp9LeRv/bu1zkJE
zRUwkVgsHYHqgyEQ0yi5+lHgQWoztr7NwxPiUERQI7F+hUmR3g4qTKEflWo/hdoo
W38sQAA2dLlwd+sleTPgk2h4Yc61pMOIw3Shj+uhu1Rp+R7Hk+QvyXB3gc3/DMsD
lAvjwUdrIE54/zOMNfGUe0bMaugM9yw2wa3c9E4Mn9+LhNWF3vyl5x1jVN7yMbQ6
pIU7XW5FFF4qnypB9bv+Te/foLAnOsXyW3Wa
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:56:11 2026 by rpki-client