Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: J39iKYdWMNqTPW5Ri9UxLB/MqluqApL7Acg0ff7gjzc=
Subject key identifier: BA:A2:35:EE:23:EA:42:73:DC:DB:4B:48:BF:2F:7D:B5:89:6F:63:A9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1271BD7E455259E55B06118D3402E59F9B88CA1B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
Signing time: Fri 24 Oct 2025 15:24:26 +0000
ROA not before: Fri 24 Oct 2025 15:19:26 +0000
ROA not after: Fri 23 Oct 2026 15:24:26 +0000
asID: 5650
IP address blocks: 82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.192.0/22 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:71:bd:7e:45:52:59:e5:5b:06:11:8d:34:02:e5:9f:9b:88:ca:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 24 15:19:26 2025 GMT
Not After : Oct 23 15:24:26 2026 GMT
Subject: CN=BAA235EE23EA4273DCDB4B48BF2F7DB5896F63A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c6:9e:a5:82:d6:ce:34:82:b4:4c:3e:15:ea:
6e:e0:7f:2f:35:77:d3:79:ba:36:c7:ce:1c:91:fc:
0e:b2:c3:e4:ef:fa:89:72:3b:e3:c1:bb:a5:58:ae:
67:ec:13:a8:37:e9:32:9d:22:4d:cb:89:d5:3a:0e:
0b:e8:5b:17:98:4c:71:07:35:39:f1:d2:41:f7:ac:
ab:24:75:7e:24:ce:4d:49:1d:6f:64:77:28:9c:7e:
50:f2:39:74:5d:82:f8:59:af:48:86:2f:e0:83:8d:
03:14:da:6b:e1:a2:ff:6f:0d:9c:36:99:0a:96:dc:
97:5c:e5:50:fd:75:02:67:66:69:e9:c0:84:b5:df:
df:cd:70:52:69:df:67:c0:4c:f0:d3:87:09:c8:1d:
d0:7b:d9:cc:87:6b:a7:28:75:d4:3c:52:89:96:72:
b0:fd:0d:66:c8:67:bc:6b:e1:7d:a5:20:f8:a1:26:
15:5f:11:7e:e0:e4:c4:64:58:23:79:b8:b8:12:c2:
9a:d8:2e:74:02:b8:65:63:aa:f1:94:87:60:1e:2d:
37:49:f4:e8:49:4a:3f:77:28:96:05:bb:82:46:a1:
d1:fc:96:8b:99:c6:5d:e4:a0:ef:06:64:4b:22:2d:
ae:6a:31:e9:ac:d2:bc:91:f0:8c:ea:f0:c9:16:6b:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A2:35:EE:23:EA:42:73:DC:DB:4B:48:BF:2F:7D:B5:89:6F:63:A9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.80.0/21
82.27.112.0/22
82.27.192.0/22
82.39.112.0/23
82.41.192.0/23
Signature Algorithm: sha256WithRSAEncryption
76:28:08:c0:23:34:14:25:bd:57:a9:f3:5a:97:15:dc:38:af:
ac:89:f2:52:94:42:9c:64:d9:ed:65:a3:e3:2a:1a:61:7a:82:
5d:be:19:df:08:c6:d3:2c:b1:04:c7:7d:f9:a8:46:7a:fa:75:
45:0c:48:90:c6:14:89:4d:df:67:21:ce:a8:9d:a8:91:45:97:
8f:09:92:ed:9e:72:09:5c:b4:b7:1d:78:9a:02:56:0d:43:46:
6d:42:76:b6:5c:a4:bb:07:87:59:6f:36:60:95:49:7d:9d:c2:
0c:93:b6:bb:d8:63:b9:24:c1:84:75:9a:53:7a:5f:75:05:63:
3c:5f:d6:3e:f7:0d:b4:ad:47:3c:ec:c4:1b:14:04:b5:8b:e1:
eb:8a:59:a4:ac:58:d5:e9:63:81:01:d5:c1:64:94:29:8a:ef:
08:ef:21:df:84:9b:cd:e3:64:f7:9c:57:ce:96:36:8c:d0:e1:
a6:29:24:9a:27:a5:9e:7e:bd:3f:72:fd:98:31:3c:c5:f2:45:
a4:69:11:b2:88:38:9e:7a:b2:96:0d:41:f5:28:32:13:54:55:
04:9c:cc:b9:eb:e7:87:e9:dd:ec:b2:df:8d:07:7d:98:fa:6f:
df:c4:c5:58:f3:c2:c2:9d:fa:61:3e:c2:11:87:f1:6f:4e:8a:
80:bb:7f:31
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUEnG9fkVSWeVbBhGNNALln5uIyhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjQxNTE5MjZaFw0yNjEwMjMxNTI0MjZaMDMxMTAvBgNV
BAMTKEJBQTIzNUVFMjNFQTQyNzNEQ0RCNEI0OEJGMkY3REI1ODk2RjYzQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xp6lgtbONIK0TD4V6m7gfy81
d9N5ujbHzhyR/A6yw+Tv+olyO+PBu6VYrmfsE6g36TKdIk3LidU6DgvoWxeYTHEH
NTnx0kH3rKskdX4kzk1JHW9kdyicflDyOXRdgvhZr0iGL+CDjQMU2mvhov9vDZw2
mQqW3Jdc5VD9dQJnZmnpwIS139/NcFJp32fATPDThwnIHdB72cyHa6coddQ8UomW
crD9DWbIZ7xr4X2lIPihJhVfEX7g5MRkWCN5uLgSwprYLnQCuGVjqvGUh2AeLTdJ
9OhJSj93KJYFu4JGodH8louZxl3koO8GZEsiLa5qMems0ryR8Izq8MkWa/FvAgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQUuqI17iPqQnPc20tIvy99tYlvY6kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBzBggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAVIYCgME
AVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAVIZEgMEAlIZgAMEAVIZzgME
AVIaZgMEA1IbUAMEAlIbcAMEAlIbwAMEAVIncAMEAVIpwDANBgkqhkiG9w0BAQsF
AAOCAQEAdigIwCM0FCW9V6nzWpcV3DivrInyUpRCnGTZ7WWj4yoaYXqCXb4Z3wjG
0yyxBMd9+ahGevp1RQxIkMYUiU3fZyHOqJ2okUWXjwmS7Z5yCVy0tx14mgJWDUNG
bUJ2tlykuweHWW82YJVJfZ3CDJO2u9hjuSTBhHWaU3pfdQVjPF/WPvcNtK1HPOzE
GxQEtYvh64pZpKxY1eljgQHVwWSUKYrvCO8h34SbzeNk95xXzpY2jNDhpikkmiel
nn69P3L9mDE8xfJFpGkRsog4nnqylg1B9SgyE1RVBJzMuevnh+nd7LLfjQd9mPpv
38TFWPPCwp36YT7CEYfxb06KgLt/MQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:21:21 2025 by rpki-client