Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: Ko2QY0igddlcnpVuhYUkGR9xnRJ5JWS/EEOuVAC0bzI=
Subject key identifier: 56:F4:9A:6A:F0:39:89:8B:14:50:DC:5B:88:BE:66:D4:E7:6D:7E:15
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0678094B1237BD5EF0528104F55C05AF038BB89A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
Signing time: Tue 10 Jun 2025 16:45:05 +0000
ROA not before: Tue 10 Jun 2025 16:40:05 +0000
ROA not after: Tue 09 Jun 2026 16:45:05 +0000
asID: 5650
IP address blocks: 46.203.160.0/24 maxlen: 24
46.203.164.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.90.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.134.203.0/24 maxlen: 24
95.135.38.0/24 maxlen: 24
95.135.85.0/24 maxlen: 24
95.135.127.0/24 maxlen: 24
95.135.138.0/24 maxlen: 24
95.135.180.0/24 maxlen: 24
95.135.219.0/24 maxlen: 24
178.92.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:78:09:4b:12:37:bd:5e:f0:52:81:04:f5:5c:05:af:03:8b:b8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 10 16:40:05 2025 GMT
Not After : Jun 9 16:45:05 2026 GMT
Subject: CN=56F49A6AF039898B1450DC5B88BE66D4E76D7E15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:44:fd:73:02:95:20:6f:14:db:db:4d:92:7d:
67:c0:45:61:f6:00:98:24:76:47:67:5c:3e:35:3e:
e8:23:8a:d3:38:9f:3c:1b:d9:44:d8:a8:1f:16:c4:
d1:a0:ef:f4:a0:96:c4:75:ec:f5:db:ee:b0:90:b8:
7e:6b:c1:08:af:3b:07:8a:0c:be:bd:6e:7f:8a:8d:
69:5a:f0:e9:a0:6b:92:9e:d5:5c:48:4d:fd:5c:17:
5b:77:16:cf:e6:b0:71:b0:11:fa:75:08:18:2c:6e:
06:f2:93:98:84:6f:c9:77:4a:01:f3:7a:82:01:cb:
ab:29:a3:7b:e0:a8:58:44:83:b2:05:86:d7:a6:32:
cd:04:a6:3b:c2:8b:26:f1:ea:71:fe:d7:57:f5:00:
74:95:46:64:d2:4e:67:b0:8d:60:64:db:cc:92:cc:
ae:19:88:8a:29:85:75:b8:cb:a4:23:bd:7c:89:bc:
17:63:58:48:d6:5f:e7:5b:25:d9:86:26:19:d4:1f:
db:57:9b:74:1e:24:f4:57:35:5b:8c:1c:00:05:5f:
0d:f2:02:f4:e2:23:df:8b:83:15:b7:b2:16:47:5e:
8d:a1:cb:b3:c9:4f:9c:a5:8d:7b:1e:2d:b6:34:04:
6a:cb:8f:91:94:2b:49:5a:73:a9:b2:50:a6:be:9d:
dc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F4:9A:6A:F0:39:89:8B:14:50:DC:5B:88:BE:66:D4:E7:6D:7E:15
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.160.0/24
46.203.164.0/24
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.215.0/24
95.134.76.0/24
95.134.90.0/24
95.134.120.0/24
95.134.203.0/24
95.135.38.0/24
95.135.85.0/24
95.135.127.0/24
95.135.138.0/24
95.135.180.0/24
95.135.219.0/24
178.92.220.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a3:b3:e9:08:61:0a:d2:a5:21:81:15:21:c0:fc:82:bd:f4:
a7:ae:f9:0a:be:1f:3b:a5:b5:5c:80:fe:42:b1:0f:1e:25:7a:
72:d2:43:0f:8c:bd:a3:b4:5b:1e:9b:3b:ed:dc:03:7b:3b:37:
c7:92:b4:99:16:79:be:4c:53:63:fb:fc:ed:2d:58:38:7d:c6:
7e:da:94:f7:c3:15:10:d4:04:06:12:c5:f9:a6:67:39:78:e8:
ee:73:d1:cb:fb:26:e3:9b:46:90:24:0d:3e:b7:8b:ad:66:07:
14:dd:c5:95:f2:75:af:78:d8:31:f2:72:22:b7:35:b1:d1:5b:
bf:f0:b3:29:e7:05:ed:dd:0b:1c:3f:f3:72:ec:90:c4:61:74:
0f:5e:70:e2:36:4e:1e:7b:37:13:0f:0d:5b:73:f5:c1:82:10:
87:88:29:63:54:fc:a2:72:c4:c7:0f:bf:1e:9b:74:b9:0b:a3:
c1:df:e4:6c:57:f5:8a:45:e9:02:1e:d7:89:60:26:2e:4d:50:
29:65:9e:5d:2c:19:be:89:f6:a2:45:cd:ff:ff:cd:71:f2:fc:
6a:30:c9:01:7c:e5:a6:a3:1f:21:06:be:19:99:53:ec:2f:9f:
54:74:16:84:4e:22:39:05:49:83:3e:0b:80:bc:c9:38:7a:89:
1d:47:97:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBngJSxI3vV7wUoEE9VwFrwOLuJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTAxNjQwMDVaFw0yNjA2MDkxNjQ1MDVaMDMxMTAvBgNV
BAMTKDU2RjQ5QTZBRjAzOTg5OEIxNDUwREM1Qjg4QkU2NkQ0RTc2RDdFMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKRP1zApUgbxTb202SfWfARWH2
AJgkdkdnXD41PugjitM4nzwb2UTYqB8WxNGg7/SglsR17PXb7rCQuH5rwQivOweK
DL69bn+KjWla8Omga5Ke1VxITf1cF1t3Fs/msHGwEfp1CBgsbgbyk5iEb8l3SgHz
eoIBy6spo3vgqFhEg7IFhtemMs0EpjvCiybx6nH+11f1AHSVRmTSTmewjWBk28yS
zK4ZiIophXW4y6QjvXyJvBdjWEjWX+dbJdmGJhnUH9tXm3QeJPRXNVuMHAAFXw3y
AvTiI9+LgxW3shZHXo2hy7PJT5yljXseLbY0BGrLj5GUK0lac6myUKa+ndy1AgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUVvSaavA5iYsUUNxbiL5m1OdtfhUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAC7LoAME
AC7LpAMEAlxwIAMEA1xwKAMEAFxwnQMEAFxx1wMEAF+GTAMEAF+GWgMEAF+GeAME
AF+GywMEAF+HJgMEAF+HVQMEAF+HfwMEAF+HigMEAF+HtAMEAF+H2wMEALJc3DAN
BgkqhkiG9w0BAQsFAAOCAQEAKKOz6QhhCtKlIYEVIcD8gr30p675Cr4fO6W1XID+
QrEPHiV6ctJDD4y9o7RbHps77dwDezs3x5K0mRZ5vkxTY/v87S1YOH3GftqU98MV
ENQEBhLF+aZnOXjo7nPRy/sm45tGkCQNPreLrWYHFN3FlfJ1r3jYMfJyIrc1sdFb
v/CzKecF7d0LHD/zcuyQxGF0D15w4jZOHns3Ew8NW3P1wYIQh4gpY1T8onLExw+/
Hpt0uQujwd/kbFf1ikXpAh7XiWAmLk1QKWWeXSwZvon2okXN///NcfL8ajDJAXzl
pqMfIQa+GZlT7C+fVHQWhE4iOQVJgz4LgLzJOHqJHUeXoA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:51 2025 by rpki-client