Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: VD+DEkToG8cwgPDjYrEZlaAKmdBv2UNjHkHERs4hGVQ=
Subject key identifier: C9:3D:0A:EA:D3:9E:46:41:6C:B6:8F:9D:36:F2:C2:9A:84:93:D5:DD
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 035F37F2C156B645D5E414BCC6E6B17F24874217
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Wed 30 Apr 2025 09:19:52 +0000
ROA not before: Wed 30 Apr 2025 09:14:52 +0000
ROA not after: Wed 29 Apr 2026 09:19:52 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 09:41:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:5f:37:f2:c1:56:b6:45:d5:e4:14:bc:c6:e6:b1:7f:24:87:42:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Apr 30 09:14:52 2025 GMT
Not After : Apr 29 09:19:52 2026 GMT
Subject: CN=C93D0AEAD39E46416CB68F9D36F2C29A8493D5DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8d:1f:52:ef:94:78:95:7c:0d:53:26:37:ca:
8f:a7:b6:1d:0e:50:7f:75:29:42:e2:07:92:e6:4d:
cb:04:1e:57:71:10:1f:c5:be:1f:b5:97:e3:d2:e0:
19:f0:1d:e6:cf:58:f9:4c:1a:cf:29:ce:56:b6:68:
e2:99:80:d0:9a:7e:71:40:a7:aa:b7:c7:f4:d0:9f:
a7:bf:c9:93:99:2c:f3:19:4b:c7:a3:77:9a:7e:82:
93:52:1d:c1:1c:ce:cf:bd:61:53:39:35:22:68:cc:
5f:d9:1c:64:f2:58:26:4b:34:88:f5:e0:91:89:a5:
a3:e3:3d:2a:b9:7b:de:08:03:9b:b4:1f:37:35:c1:
45:1a:c5:08:df:62:9c:bb:f2:3b:cf:aa:37:d0:e5:
39:d1:a9:8c:7e:89:7c:48:24:ff:91:b9:3a:95:dc:
77:a9:f5:38:fe:93:e7:01:62:26:47:c6:ca:8b:cb:
69:04:5f:d1:f3:c0:ac:3f:e1:47:1f:99:77:36:be:
f5:cb:35:c6:0b:9c:e4:75:d0:09:e6:1d:a1:c9:bd:
e5:71:69:cf:e9:b0:5a:fd:da:00:2c:0b:f4:e7:4b:
2f:e4:c9:16:c3:45:31:33:94:4f:f6:8a:b5:9a:4a:
b8:f3:02:e4:64:6f:78:ee:c5:70:64:7c:34:be:b3:
46:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3D:0A:EA:D3:9E:46:41:6C:B6:8F:9D:36:F2:C2:9A:84:93:D5:DD
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.199.0/24
31.40.204.0/23
31.40.207.0/24
37.221.77.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0-176.96.130.255
193.111.76.0/24
193.111.79.0/24
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
17:db:54:3a:f0:8c:52:da:aa:eb:2a:c0:b7:9d:47:a3:f5:78:
90:65:52:0b:9d:08:15:eb:5e:70:41:29:45:fc:30:67:a3:09:
16:8c:c0:e9:0d:a2:65:fb:74:c6:b5:11:a2:da:34:2d:b4:01:
fa:cc:05:2a:89:f4:28:3e:bb:af:23:a0:1b:0c:3e:65:82:7f:
67:17:6d:45:6c:a2:da:9b:84:76:b7:72:91:34:89:1d:c8:fc:
cd:54:da:f3:91:6c:e1:04:a8:da:d7:83:e4:ef:02:de:d0:1f:
61:12:a7:12:d9:78:7c:c2:de:36:29:0f:6c:46:6e:6f:be:05:
63:07:a2:fe:78:2c:22:78:c5:5d:11:00:be:ab:2d:d5:aa:97:
fb:21:d6:33:9f:60:25:c8:1a:7e:11:71:b7:a1:d6:29:8a:16:
03:de:87:c6:a7:78:3c:7f:91:5f:fb:3b:57:d4:37:25:1a:55:
81:ad:69:7f:a2:1b:4a:fc:35:ee:7a:2a:00:d4:1a:0b:3d:6e:
76:ab:22:b7:a1:ac:89:e9:e6:ee:1f:40:ea:05:a8:ff:0b:a2:
0b:e2:ae:2f:ed:ba:f5:de:f2:d3:f7:7f:1e:11:69:d4:75:3e:
9f:53:fb:f6:5f:df:73:16:cb:df:b9:a7:2a:77:4e:26:4c:64:
4b:bb:29:22
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIUA1838sFWtkXV5BS8xuaxfySHQhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA0MzAwOTE0NTJaFw0yNjA0MjkwOTE5NTJaMDMxMTAvBgNV
BAMTKEM5M0QwQUVBRDM5RTQ2NDE2Q0I2OEY5RDM2RjJDMjlBODQ5M0Q1REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZjR9S75R4lXwNUyY3yo+nth0O
UH91KULiB5LmTcsEHldxEB/Fvh+1l+PS4BnwHebPWPlMGs8pzla2aOKZgNCafnFA
p6q3x/TQn6e/yZOZLPMZS8ejd5p+gpNSHcEczs+9YVM5NSJozF/ZHGTyWCZLNIj1
4JGJpaPjPSq5e94IA5u0Hzc1wUUaxQjfYpy78jvPqjfQ5TnRqYx+iXxIJP+RuTqV
3Hep9Tj+k+cBYiZHxsqLy2kEX9HzwKw/4UcfmXc2vvXLNcYLnOR10AnmHaHJveVx
ac/psFr92gAsC/TnSy/kyRbDRTEzlE/2irWaSrjzAuRkb3juxXBkfDS+s0bbAgMB
AAGjggJhMIICXTAdBgNVHQ4EFgQUyT0K6tOeRkFsto+dNvLCmoST1d0wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdwYIKwYBBQUHAQcBAf8EaDBmMGQEAgABMF4DBAAFhWUD
BAEfKMQDBAAfKMcDBAEfKMwDBAAfKM8DBAAl3U0wDAMEA1XrSAMEAFXrSgMEAVz5
PjAMAwQHsGCAAwQAsGCCAwQAwW9MAwQAwW9PAwQB2RLQAwQA2RLTMA0GCSqGSIb3
DQEBCwUAA4IBAQAX21Q68IxS2qrrKsC3nUej9XiQZVILnQgV615wQSlF/DBnowkW
jMDpDaJl+3TGtRGi2jQttAH6zAUqifQoPruvI6AbDD5lgn9nF21FbKLam4R2t3KR
NIkdyPzNVNrzkWzhBKja14Pk7wLe0B9hEqcS2Xh8wt42KQ9sRm5vvgVjB6L+eCwi
eMVdEQC+qy3Vqpf7IdYzn2AlyBp+EXG3odYpihYD3ofGp3g8f5Ff+ztX1DclGlWB
rWl/ohtK/DXueioA1BoLPW52qyK3oayJ6ebuH0DqBaj/C6IL4q4v7br13vLT938e
EWnUdT6fU/v2X99zFsvfuacqd04mTGRLuyki
-----END CERTIFICATE-----
Generated at Tue May 6 17:18:52 2025 by rpki-client