This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa File: AS48678.roa (raw, json) Hash identifier: 4SzwlDITBqxEHBwfVoubEIv0PnWnP4URXBdsHjb5OyI= Subject key identifier: 23:D4:39:CE:6D:FA:40:86:8A:C0:F2:1B:A9:19:82:D3:C3:0E:43:14 Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Certificate serial: 0272810BC799533CF9780F41AEAF162523C2E6EF Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa Signing time: Fri 21 Nov 2025 20:42:28 +0000 ROA not before: Fri 21 Nov 2025 20:37:28 +0000 ROA not after: Fri 20 Nov 2026 20:42:28 +0000 asID: 48678 IP address blocks: 5.133.101.0/24 maxlen: 24 31.40.197.0/24 maxlen: 24 31.40.199.0/24 maxlen: 24 31.40.205.0/24 maxlen: 24 31.40.207.0/24 maxlen: 24 85.235.74.0/24 maxlen: 24 92.249.63.0/24 maxlen: 24 176.96.128.0/24 maxlen: 24 176.96.130.0/24 maxlen: 24 193.111.79.0/24 maxlen: 24 217.18.208.0/24 maxlen: 24 217.18.209.0/24 maxlen: 24 217.18.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:72:81:0b:c7:99:53:3c:f9:78:0f:41:ae:af:16:25:23:c2:e6:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Validity Not Before: Nov 21 20:37:28 2025 GMT Not After : Nov 20 20:42:28 2026 GMT Subject: CN=23D439CE6DFA40868AC0F21BA91982D3C30E4314 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:96:11:8a:57:6f:8c:f3:7d:18:b6:47:96:30: ee:e0:e6:c1:b1:83:53:7c:0c:ed:00:28:e5:c8:fd: 43:4b:05:ab:1a:5e:33:15:0d:45:9d:2a:3f:64:6a: 34:3e:d3:bc:2c:71:f3:a6:95:ce:e7:20:93:5c:1e: 69:9d:2c:d4:15:93:60:59:11:58:eb:de:8a:bf:c2: 53:2c:c3:6b:e2:43:79:f6:a9:34:fb:03:46:40:3d: 91:3c:b2:22:e0:7a:09:30:15:f1:ba:a7:39:b2:3c: 59:69:c1:65:8f:a5:bd:ef:81:81:d5:52:c4:72:9b: 84:7a:8e:e0:6d:44:26:1f:bc:48:32:62:4b:31:bd: ef:41:6f:dc:0c:9e:f7:6a:07:6b:eb:8c:0e:ab:79: dd:1c:04:a4:ff:42:b6:e6:05:5f:0e:b4:b5:7d:82: ed:72:5e:a1:e9:dc:2f:b4:b0:6d:23:5d:0e:3f:25: ea:66:5d:10:91:74:41:26:1e:4d:04:1c:67:50:88: 9a:7c:5e:96:db:90:6e:06:d9:f4:b7:33:77:03:13: 93:11:15:b7:f2:16:ea:4d:d3:0c:6d:46:32:dd:ba: 9b:91:b0:30:a9:89:5a:08:69:6d:41:2b:7f:2d:4d: 38:d0:69:ad:56:a5:59:39:ae:ae:0c:a3:48:d4:49: 80:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D4:39:CE:6D:FA:40:86:8A:C0:F2:1B:A9:19:82:D3:C3:0E:43:14 X509v3 Authority Key Identifier: keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.101.0/24 31.40.197.0/24 31.40.199.0/24 31.40.205.0/24 31.40.207.0/24 85.235.74.0/24 92.249.63.0/24 176.96.128.0/24 176.96.130.0/24 193.111.79.0/24 217.18.208.0/23 217.18.211.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:9b:2f:a9:34:84:1f:d3:3e:83:e0:09:aa:9f:a2:32:b0:20: 60:78:cc:6f:2e:b5:d8:fc:27:2d:7e:e1:17:79:da:7c:30:dd: c0:2d:25:8c:9c:97:b6:b5:c1:a9:73:5a:0f:cf:2d:63:7f:e6: 98:b2:c6:b9:d0:1a:6a:ed:10:b8:19:16:3f:75:2c:e3:ee:5b: d0:d7:6a:aa:16:34:77:44:87:fb:85:87:19:07:50:91:0d:3b: 38:5b:ed:43:e0:0b:4d:1e:af:2a:cf:43:e7:e7:98:e1:46:a0: 8b:75:d8:ad:27:ed:be:aa:9a:e5:54:ca:07:92:b8:fe:42:48: 9b:4d:1c:91:29:fc:a3:de:36:ee:bb:24:10:32:b2:49:47:c9: 9e:a7:a7:27:a6:b1:b8:d6:cf:4b:4d:98:cc:07:61:47:5e:a2: 96:cd:b0:4c:31:16:49:6d:5f:1e:a4:b6:85:28:24:71:27:7d: 30:4a:b6:70:bf:51:7f:fa:01:d5:fc:3b:0a:a2:52:b2:f1:6a: 1d:e8:3e:4b:45:50:0f:04:e6:30:a6:66:e4:f2:5e:23:d2:1f: 45:5f:d6:1a:e8:dd:58:3d:74:d2:5c:a8:2d:d5:03:5d:c1:30: de:af:72:fa:82:b1:94:37:d6:fd:94:bb:04:30:c3:7c:41:bc: 91:67:08:8f -----BEGIN CERTIFICATE----- MIIFQTCCBCmgAwIBAgIUAnKBC8eZUzz5eA9Brq8WJSPC5u8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy ZjJmNDE1YjAeFw0yNTExMjEyMDM3MjhaFw0yNjExMjAyMDQyMjhaMDMxMTAvBgNV BAMTKDIzRDQzOUNFNkRGQTQwODY4QUMwRjIxQkE5MTk4MkQzQzMwRTQzMTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6lhGKV2+M830YtkeWMO7g5sGx g1N8DO0AKOXI/UNLBasaXjMVDUWdKj9kajQ+07wscfOmlc7nIJNcHmmdLNQVk2BZ EVjr3oq/wlMsw2viQ3n2qTT7A0ZAPZE8siLgegkwFfG6pzmyPFlpwWWPpb3vgYHV UsRym4R6juBtRCYfvEgyYksxve9Bb9wMnvdqB2vrjA6red0cBKT/QrbmBV8OtLV9 gu1yXqHp3C+0sG0jXQ4/JepmXRCRdEEmHk0EHGdQiJp8XpbbkG4G2fS3M3cDE5MR FbfyFupN0wxtRjLdupuRsDCpiVoIaW1BK38tTTjQaa1WpVk5rq4Mo0jUSYA5AgMB AAGjggJLMIICRzAdBgNVHQ4EFgQUI9Q5zm36QIaKwPIbqRmC08MOQxQwHwYDVR0j BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0 ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4 dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBAAFhWUD BAAfKMUDBAAfKMcDBAAfKM0DBAAfKM8DBABV60oDBABc+T8DBACwYIADBACwYIID BADBb08DBAHZEtADBADZEtMwDQYJKoZIhvcNAQELBQADggEBAH+bL6k0hB/TPoPg CaqfojKwIGB4zG8utdj8Jy1+4Rd52nww3cAtJYycl7a1walzWg/PLWN/5piyxrnQ GmrtELgZFj91LOPuW9DXaqoWNHdEh/uFhxkHUJENOzhb7UPgC00eryrPQ+fnmOFG oIt12K0n7b6qmuVUygeSuP5CSJtNHJEp/KPeNu67JBAysklHyZ6npyemsbjWz0tN mMwHYUdeopbNsEwxFkltXx6ktoUoJHEnfTBKtnC/UX/6AdX8OwqiUrLxah3oPktF UA8E5jCmZuTyXiPSH0Vf1hro3Vg9dNJcqC3VA13BMN6vcvqCsZQ31v2UuwQww3xB vJFnCI8= -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:50 2025 by rpki-client