Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: xqq/09ZT2oC2E9nf4DQjhMFeAXfd22whhBk4xIyAIOI=
Subject key identifier: 7B:C3:ED:45:0D:D1:F6:84:4E:DB:51:B3:0F:CD:1A:62:49:A6:42:F0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0AC8D0CDAD3FCBEA779D50E170A625426560F73D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
Signing time: Sat 21 Feb 2026 17:08:58 +0000
ROA not before: Sat 21 Feb 2026 17:03:58 +0000
ROA not after: Sat 20 Feb 2027 17:08:58 +0000
asID: 5650
IP address blocks: 82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.192.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
178.83.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:c8:d0:cd:ad:3f:cb:ea:77:9d:50:e1:70:a6:25:42:65:60:f7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 21 17:03:58 2026 GMT
Not After : Feb 20 17:08:58 2027 GMT
Subject: CN=7BC3ED450DD1F6844EDB51B30FCD1A6249A642F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:32:1e:9b:99:b2:bf:bc:8a:8e:35:b2:15:
14:02:af:80:c4:82:ec:45:f5:41:88:8e:80:b0:66:
68:3f:ab:15:50:d9:d3:73:b8:8d:e1:b1:42:d2:46:
c2:e8:37:04:d4:8f:39:06:5f:54:39:30:81:83:f8:
8f:87:ab:21:24:c1:dc:98:21:6e:4e:b1:ac:0d:06:
64:76:5f:65:77:e9:a6:59:62:23:af:e9:7e:71:e8:
32:96:c4:b0:12:30:93:7b:8a:e4:e9:2d:c1:26:1c:
4d:de:f2:05:dd:ef:f8:5c:c8:8b:66:22:6f:18:be:
53:98:30:c9:12:56:50:05:f0:9e:c1:4d:c5:b6:03:
d6:03:33:b7:76:ea:f0:bd:22:d7:16:52:26:8f:d3:
55:84:e4:d8:01:b2:cc:a3:f4:d5:3e:f5:4d:0d:61:
d3:9a:35:1f:49:e2:ae:1d:57:2e:b8:86:ce:01:fc:
a5:ba:ba:3d:7a:66:35:aa:2f:7c:dd:3f:0c:8a:1d:
e3:69:28:bd:a2:57:86:e1:ba:a7:ba:3f:7f:ca:28:
89:43:1d:77:c3:df:8b:96:08:b2:78:6e:71:5c:58:
34:2d:71:48:76:29:da:7a:66:28:43:95:bf:26:6d:
3c:09:56:d4:a9:53:45:12:5c:43:30:b8:47:5e:80:
be:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C3:ED:45:0D:D1:F6:84:4E:DB:51:B3:0F:CD:1A:62:49:A6:42:F0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.80.0/21
82.27.112.0/22
82.27.192.0/22
82.38.36.0/23
82.39.112.0/23
82.41.192.0/23
178.83.128.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:a8:8c:9b:81:77:91:29:4a:07:a0:aa:a3:aa:5b:14:ff:c2:
7c:87:c0:71:78:d0:da:d5:a5:e9:54:d7:54:51:84:7a:4e:7c:
1b:ba:b0:98:b5:0c:2e:e4:b2:28:e4:61:55:40:97:f1:7c:8c:
c7:75:b1:c1:0f:b9:31:3f:0a:2f:70:67:64:14:40:19:89:f6:
f8:6a:cb:b3:c8:a5:12:8f:14:8b:ae:5f:58:57:05:e0:e3:6a:
7e:18:a0:9f:71:87:48:e2:49:83:56:a7:8f:f7:7c:bb:d8:74:
d2:00:0a:c4:80:11:2a:fb:fa:6f:a1:1f:f0:79:f0:58:8f:c5:
6f:42:72:1b:12:9d:c4:74:5a:d2:1b:db:79:1e:ee:8b:45:47:
d8:1a:82:ee:04:4c:a0:d0:c8:b7:1e:13:8d:da:09:c2:76:35:
b6:b2:f2:ad:bd:34:e8:97:be:b5:a9:9d:d2:0f:88:4b:c8:9f:
be:a8:4e:21:bf:2a:4b:ac:0e:c3:f6:c3:9e:18:7b:ec:a9:70:
ad:06:55:80:4d:81:82:d3:2b:c8:77:94:ff:fa:c6:b2:cd:65:
f9:cb:16:0d:85:b9:4e:92:dc:eb:b2:8e:dd:c8:a2:04:77:96:
cf:78:04:c8:75:fb:72:7c:06:e8:8f:30:19:88:a7:a6:93:bd:
3f:ad:d9:21
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCsjQza0/y+p3nVDhcKYlQmVg9z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMjExNzAzNThaFw0yNzAyMjAxNzA4NThaMDMxMTAvBgNV
BAMTKDdCQzNFRDQ1MEREMUY2ODQ0RURCNTFCMzBGQ0QxQTYyNDlBNjQyRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhODIem5myv7yKjjWyFRQCr4DE
guxF9UGIjoCwZmg/qxVQ2dNzuI3hsULSRsLoNwTUjzkGX1Q5MIGD+I+HqyEkwdyY
IW5OsawNBmR2X2V36aZZYiOv6X5x6DKWxLASMJN7iuTpLcEmHE3e8gXd7/hcyItm
Im8YvlOYMMkSVlAF8J7BTcW2A9YDM7d26vC9ItcWUiaP01WE5NgBssyj9NU+9U0N
YdOaNR9J4q4dVy64hs4B/KW6uj16ZjWqL3zdPwyKHeNpKL2iV4bhuqe6P3/KKIlD
HXfD34uWCLJ4bnFcWDQtcUh2Kdp6ZihDlb8mbTwJVtSpU0USXEMwuEdegL43AgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUe8PtRQ3R9oRO21GzD80aYkmmQvAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAVIYCgME
AVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAVIZEgMEAlIZgAMEAVIZzgME
AVIaZgMEA1IbUAMEAlIbcAMEAlIbwAMEAVImJAMEAVIncAMEAVIpwAMEArJTgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPqiMm4F3kSlKB6Cqo6pbFP/CfIfAcXjQ2tWl6VTX
VFGEek58G7qwmLUMLuSyKORhVUCX8XyMx3WxwQ+5MT8KL3BnZBRAGYn2+GrLs8il
Eo8Ui65fWFcF4ONqfhign3GHSOJJg1anj/d8u9h00gAKxIARKvv6b6Ef8HnwWI/F
b0JyGxKdxHRa0hvbeR7ui0VH2BqC7gRMoNDItx4TjdoJwnY1trLyrb006Je+tamd
0g+IS8ifvqhOIb8qS6wOw/bDnhh77KlwrQZVgE2BgtMryHeU//rGss1l+csWDYW5
TpLc67KO3ciiBHeWz3gEyHX7cnwG6I8wGYinppO9P63ZIQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:44 2026 by rpki-client