Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: B2OCDCjv1K1QfqH33TJYH6HpmkjomGlemJXbPgTv1Hg=
Subject key identifier: 7F:52:CB:39:38:73:C2:79:D5:D2:29:62:9C:FF:F7:8A:D3:5F:CC:78
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 3359718763E3384131E7F98473168766C2328615
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
Signing time: Fri 24 Apr 2026 06:44:23 +0000
ROA not before: Fri 24 Apr 2026 06:39:23 +0000
ROA not after: Fri 23 Apr 2027 06:44:23 +0000
asID: 48678
IP address blocks: 31.40.199.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
141.98.48.0/24 maxlen: 24
141.98.112.0/24 maxlen: 24
141.98.113.0/24 maxlen: 24
141.98.114.0/24 maxlen: 24
141.98.115.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:59:71:87:63:e3:38:41:31:e7:f9:84:73:16:87:66:c2:32:86:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Apr 24 06:39:23 2026 GMT
Not After : Apr 23 06:44:23 2027 GMT
Subject: CN=7F52CB393873C279D5D229629CFFF78AD35FCC78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0e:91:f8:ec:89:ce:2d:30:5a:53:8f:26:81:
39:46:88:e2:82:d7:0e:36:28:5b:a8:c4:f2:ff:bd:
c9:2b:11:e1:29:7c:bb:4c:84:b5:eb:c3:ce:1a:9a:
b4:d6:24:bf:71:f6:a6:77:b2:73:69:2f:4a:b9:cf:
54:a5:a1:9b:5a:34:09:27:83:ec:76:95:b2:13:4b:
f0:93:40:e2:65:2e:2d:c3:e7:51:b5:e7:f4:1f:e1:
a5:d4:a1:9f:1f:5d:08:d4:cb:32:88:55:31:b2:0c:
9a:d0:ad:4e:04:d5:94:98:a4:35:59:2e:43:8e:8b:
97:8d:de:94:8f:de:b4:fc:ac:14:30:9e:a8:64:01:
5c:0d:f6:2c:8b:fb:f6:32:97:7d:33:ec:bd:f2:3e:
25:85:7f:9f:c6:75:53:08:5d:74:36:7e:eb:d0:31:
6e:04:d2:df:2a:14:07:d1:c7:67:31:73:3f:80:ec:
6c:c4:98:62:53:23:b8:c1:d3:ec:78:ef:00:43:b5:
3c:b0:34:2b:c5:72:27:94:71:28:34:c3:b6:82:d3:
46:d6:05:5c:7e:2d:f4:23:2e:63:55:8b:7a:e3:85:
8e:65:52:78:77:da:9e:77:2c:a9:90:74:f4:85:bb:
e8:b3:cd:8e:25:08:0c:c5:fd:01:2f:4c:1e:79:25:
31:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:52:CB:39:38:73:C2:79:D5:D2:29:62:9C:FF:F7:8A:D3:5F:CC:78
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.199.0/24
31.40.205.0/24
85.235.72.0-85.235.74.255
141.98.48.0/24
141.98.112.0/22
176.96.128.0/24
176.96.130.0/24
193.111.79.0/24
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:06:00:41:56:25:cb:bc:f6:9e:31:0d:07:76:25:06:8d:6d:
be:ea:d0:05:4b:f0:c1:97:e6:12:87:92:b6:4a:bf:82:bd:d8:
40:fc:3a:67:52:e6:94:b0:77:6a:df:f6:60:05:50:17:4f:a9:
5c:8a:79:c6:c2:f9:ed:70:3b:93:9f:ac:8a:75:11:20:b9:17:
ba:ad:fb:4a:ae:38:8c:a9:d0:e1:d7:18:8c:4e:84:08:66:4b:
00:8b:bf:33:98:e6:03:e4:b0:90:8d:a2:8c:51:c7:16:61:8d:
bd:f7:41:dc:e1:cb:e9:be:1d:ca:db:73:44:7c:db:12:5f:15:
a9:36:d8:43:e1:82:f1:9a:ac:df:db:48:29:bc:d6:69:56:56:
51:4d:ce:2e:d3:49:85:96:a7:01:2f:d1:08:60:c5:bf:fd:20:
37:f0:aa:51:7b:67:93:41:b3:f4:f1:2f:75:35:3f:7a:37:9e:
88:b2:e7:5c:45:9a:e5:bc:32:f8:7c:2e:5e:f2:3e:50:01:36:
f1:1e:60:0a:40:2f:cc:b4:59:00:87:5b:66:f8:b5:a9:7a:cb:
31:ad:01:5c:87:c9:7e:25:23:94:c6:e5:f6:14:d1:8a:3e:81:
ec:33:4b:3d:7c:f2:e3:a7:7a:5a:2b:30:d1:cc:a9:3d:4b:a1:
80:2d:cd:e8
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUM1lxh2PjOEEx5/mEcxaHZsIyhhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA0MjQwNjM5MjNaFw0yNzA0MjMwNjQ0MjNaMDMxMTAvBgNV
BAMTKDdGNTJDQjM5Mzg3M0MyNzlENUQyMjk2MjlDRkZGNzhBRDM1RkNDNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChDpH47InOLTBaU48mgTlGiOKC
1w42KFuoxPL/vckrEeEpfLtMhLXrw84amrTWJL9x9qZ3snNpL0q5z1SloZtaNAkn
g+x2lbITS/CTQOJlLi3D51G15/Qf4aXUoZ8fXQjUyzKIVTGyDJrQrU4E1ZSYpDVZ
LkOOi5eN3pSP3rT8rBQwnqhkAVwN9iyL+/Yyl30z7L3yPiWFf5/GdVMIXXQ2fuvQ
MW4E0t8qFAfRx2cxcz+A7GzEmGJTI7jB0+x47wBDtTywNCvFcieUcSg0w7aC00bW
BVx+LfQjLmNVi3rjhY5lUnh32p53LKmQdPSFu+izzY4lCAzF/QEvTB55JTEXAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUf1LLOThzwnnV0ilinP/3itNfzHgwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBAAfKMcD
BAAfKM0wDAMEA1XrSAMEAFXrSgMEAI1iMAMEAo1icAMEALBggAMEALBgggMEAMFv
TwMEAdkS0AMEANkS0zANBgkqhkiG9w0BAQsFAAOCAQEAoQYAQVYly7z2njENB3Yl
Bo1tvurQBUvwwZfmEoeStkq/gr3YQPw6Z1LmlLB3at/2YAVQF0+pXIp5xsL57XA7
k5+sinURILkXuq37Sq44jKnQ4dcYjE6ECGZLAIu/M5jmA+SwkI2ijFHHFmGNvfdB
3OHL6b4dyttzRHzbEl8VqTbYQ+GC8Zqs39tIKbzWaVZWUU3OLtNJhZanAS/RCGDF
v/0gN/CqUXtnk0Gz9PEvdTU/ejeeiLLnXEWa5bwy+HwuXvI+UAE28R5gCkAvzLRZ
AIdbZvi1qXrLMa0BXIfJfiUjlMbl9hTRij6B7DNLPXzy46d6Wisw0cypPUuhgC3N
6A==
-----END CERTIFICATE-----
Generated at Tue May 12 22:35:06 2026 by rpki-client