Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: e68fNFjYvDF7CugoF5dbVXuy2P+lKZ2c4uzZ3TUCAfI=
Subject key identifier: 91:A6:AE:C9:25:C1:5A:23:ED:39:59:39:A1:C0:A1:F6:FF:B1:80:73
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 509AF6CF6BC9BB599C6B93E4AB332E6BCD5055AC
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Thu 26 Jun 2025 08:11:46 +0000
ROA not before: Thu 26 Jun 2025 08:06:46 +0000
ROA not after: Thu 25 Jun 2026 08:11:46 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
62.182.32.0/22 maxlen: 22
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
212.115.100.0/22 maxlen: 22
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:9a:f6:cf:6b:c9:bb:59:9c:6b:93:e4:ab:33:2e:6b:cd:50:55:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 26 08:06:46 2025 GMT
Not After : Jun 25 08:11:46 2026 GMT
Subject: CN=91A6AEC925C15A23ED395939A1C0A1F6FFB18073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ad:e8:3e:6b:72:67:30:e3:30:7e:df:e2:0c:
a9:81:59:90:f5:0c:dd:73:0c:28:7d:3c:e8:50:7c:
fc:5a:aa:d5:ad:01:aa:f5:62:c4:51:20:71:5d:61:
97:8c:ee:81:ef:30:fb:1e:08:4c:2b:17:59:24:cc:
fc:f8:69:b8:c0:d5:f9:77:08:25:1a:30:b6:c4:41:
48:f4:7f:87:20:fe:c9:78:f7:c3:1a:02:dd:97:3f:
fe:5a:86:31:75:a0:68:20:e4:79:63:f0:78:1d:05:
e2:9c:3e:5e:30:86:aa:51:c0:82:cb:71:77:f4:2c:
b5:51:e4:ac:7f:4b:d7:ad:55:a8:7f:09:8f:28:6a:
91:23:3b:4e:1c:71:ae:ab:c5:60:83:18:70:26:0b:
27:93:ba:f6:c4:35:a0:22:08:9f:01:a3:b0:84:9e:
3f:01:a2:9c:4b:37:52:87:3a:35:1d:05:a9:59:a6:
23:ff:25:97:c7:0c:16:09:43:c6:14:3e:e7:ad:40:
68:a2:ee:1c:45:e3:ec:c6:7f:77:15:03:13:9e:0b:
26:9c:03:5c:71:bc:ba:c8:fd:f8:57:4a:7a:00:c6:
a9:46:c8:4c:be:2b:5f:68:69:c7:32:36:f3:a1:be:
9a:37:cd:50:f6:51:44:b4:5d:c8:d3:be:d9:13:21:
74:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A6:AE:C9:25:C1:5A:23:ED:39:59:39:A1:C0:A1:F6:FF:B1:80:73
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.199.0/24
31.40.204.0/23
31.40.207.0/24
37.221.76.0/23
62.182.32.0/22
85.235.72.0-85.235.74.255
92.249.62.0/23
139.28.48.0/22
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
212.115.100.0/22
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:ba:a8:bb:ed:0e:24:49:c7:b7:03:d4:32:6c:0c:d8:d0:02:
67:5a:88:67:6d:75:80:ae:6f:72:59:7c:0a:0c:05:23:b2:02:
da:78:2d:34:23:b8:a1:52:d3:a4:a1:a4:16:d4:0c:66:25:85:
31:8e:d2:ed:bd:49:1f:76:16:eb:4f:05:2e:f2:4f:ee:03:b7:
95:23:e0:8d:8e:f2:f6:1d:02:90:74:71:68:c6:d9:7e:ad:a8:
4f:b4:62:d1:91:9b:37:e0:84:7a:36:12:de:00:e9:e5:c9:38:
40:66:50:c7:64:0d:a2:25:88:bd:5c:3e:f1:78:11:11:15:a2:
fb:ba:f9:f7:ae:d9:ea:c1:81:51:97:43:56:0e:36:e0:c0:72:
c1:4b:97:1d:2a:63:90:bc:9e:b9:ce:ee:9d:c7:a7:3c:9f:80:
aa:d5:eb:13:54:15:b8:bb:84:17:d1:56:29:a1:8d:07:35:71:
78:2a:59:bf:e4:2d:54:b9:51:1d:66:98:e6:36:a1:88:0a:56:
ca:10:0c:3e:f8:ab:41:69:12:ce:21:2a:c5:c4:af:0e:c6:49:
a4:c5:e8:46:ec:0a:c4:7a:f5:1e:c0:1d:1b:0d:bc:35:e9:21:
3a:34:05:ac:b3:bd:c0:9d:cd:e6:09:6f:99:47:26:90:65:8b:
92:3b:fa:bb
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUUJr2z2vJu1mca5PkqzMua81QVawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MjYwODA2NDZaFw0yNjA2MjUwODExNDZaMDMxMTAvBgNV
BAMTKDkxQTZBRUM5MjVDMTVBMjNFRDM5NTkzOUExQzBBMUY2RkZCMTgwNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRreg+a3JnMOMwft/iDKmBWZD1
DN1zDCh9POhQfPxaqtWtAar1YsRRIHFdYZeM7oHvMPseCEwrF1kkzPz4abjA1fl3
CCUaMLbEQUj0f4cg/sl498MaAt2XP/5ahjF1oGgg5Hlj8HgdBeKcPl4whqpRwILL
cXf0LLVR5Kx/S9etVah/CY8oapEjO04cca6rxWCDGHAmCyeTuvbENaAiCJ8Bo7CE
nj8BopxLN1KHOjUdBalZpiP/JZfHDBYJQ8YUPuetQGii7hxF4+zGf3cVAxOeCyac
A1xxvLrI/fhXSnoAxqlGyEy+K19oaccyNvOhvpo3zVD2UUS0XcjTvtkTIXSbAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUkaauySXBWiPtOVk5ocCh9v+xgHMwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZoGCCsGAQUFBwEHAQH/BIGKMIGHMIGEBAIAATB+AwQA
BYVlAwQBHyjEAwQAHyjHAwQBHyjMAwQAHyjPAwQBJd1MAwQCPrYgMAwDBANV60gD
BABV60oDBAFc+T4DBAKLHDAwDAMEB7BggAMEALBgggMEALnn4QMEAMFvTzAMAwQA
1FfFAwQD1FfAAwQC1HNkAwQB2RLQAwQA2RLTMA0GCSqGSIb3DQEBCwUAA4IBAQA/
uqi77Q4kSce3A9QybAzY0AJnWohnbXWArm9yWXwKDAUjsgLaeC00I7ihUtOkoaQW
1AxmJYUxjtLtvUkfdhbrTwUu8k/uA7eVI+CNjvL2HQKQdHFoxtl+rahPtGLRkZs3
4IR6NhLeAOnlyThAZlDHZA2iJYi9XD7xeBERFaL7uvn3rtnqwYFRl0NWDjbgwHLB
S5cdKmOQvJ65zu6dx6c8n4Cq1esTVBW4u4QX0VYpoY0HNXF4Klm/5C1UuVEdZpjm
NqGIClbKEAw++KtBaRLOISrFxK8OxkmkxehG7ArEevUewB0bDbw16SE6NAWss73A
nc3mCW+ZRyaQZYuSO/q7
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:12:36 2025 by rpki-client