Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: jayt31u5AgO+CjbTomG3KcHT0fE+dAKFE0ehv62Y2yY=
Subject key identifier: AA:D1:CF:12:9F:D5:2D:6A:55:B2:B3:75:5C:21:DF:04:75:31:24:10
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 2A85E2D1EB777D89FD2F1D52F0704A3FA3DD66FE
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Thu 21 Aug 2025 12:59:03 +0000
ROA not before: Thu 21 Aug 2025 12:54:03 +0000
ROA not after: Thu 20 Aug 2026 12:59:03 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:85:e2:d1:eb:77:7d:89:fd:2f:1d:52:f0:70:4a:3f:a3:dd:66:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 21 12:54:03 2025 GMT
Not After : Aug 20 12:59:03 2026 GMT
Subject: CN=AAD1CF129FD52D6A55B2B3755C21DF0475312410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2f:af:3d:c1:e3:a3:c0:27:04:25:f9:f8:23:
e8:f8:ab:1a:94:e0:89:be:34:ae:aa:23:79:4d:57:
67:38:98:6c:86:f7:e2:34:cf:ab:ad:ec:b7:4a:ad:
34:f3:42:70:fb:01:c6:a4:20:52:88:59:7c:96:b5:
73:82:24:05:9d:7a:0d:50:61:26:42:c7:ce:a1:94:
96:2d:39:ba:3d:32:34:cb:e9:05:85:fc:be:46:00:
ea:1e:c7:7b:e4:8a:0e:88:65:c2:b4:ff:25:0d:e9:
4a:40:4d:69:e1:94:c9:66:e8:92:c9:1c:7d:64:40:
78:58:e9:b0:67:c0:cf:44:07:73:dd:e4:01:49:70:
8b:c4:a6:e7:23:cd:61:07:77:71:71:57:f6:3d:d7:
ae:21:8d:35:48:7f:ff:51:87:ce:11:89:35:f6:41:
a4:66:fd:6e:5b:86:a9:5e:92:1d:2a:c5:89:4b:81:
d4:e2:bd:e4:3a:72:0e:7e:07:ae:c4:c0:4a:25:92:
3b:25:2d:ca:5c:cc:86:58:df:ab:2f:db:6e:6d:35:
74:6e:02:32:a4:a0:50:d5:9f:77:bf:d4:ac:46:70:
ff:fb:94:93:d7:2e:d7:97:a9:35:ee:89:d2:b2:59:
29:da:05:c3:1c:3b:d5:a9:b3:e9:40:bd:d8:04:18:
64:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D1:CF:12:9F:D5:2D:6A:55:B2:B3:75:5C:21:DF:04:75:31:24:10
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.199.0/24
31.40.205.0/24
31.40.207.0/24
37.221.76.0/23
37.221.79.0/24
85.235.72.0/24
85.235.74.0/24
92.249.63.0/24
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:50:0a:1e:86:b4:61:83:e4:e2:78:b9:d0:df:6c:c7:0d:45:
04:5a:1c:1c:e8:19:28:5b:80:ec:bb:0d:31:01:6b:0c:bf:c6:
d6:88:db:1d:fd:ac:2e:46:dc:2a:c8:b1:39:aa:db:a0:f3:b1:
3f:80:a9:3c:d9:5d:5c:cf:39:f9:ee:30:4b:25:ee:8f:51:bc:
e9:aa:9b:3b:43:10:4a:7b:d7:1d:de:1f:39:f2:4e:44:4a:eb:
65:d5:4b:fd:82:9e:fe:fc:e0:45:f9:35:4b:fe:d7:be:ad:d9:
d3:ab:15:61:a9:9d:bf:78:f8:12:37:08:30:38:7a:3d:8e:43:
82:19:42:15:d3:ad:04:ca:94:0e:f2:10:64:7f:83:5e:24:ff:
bc:93:f2:d3:ec:9f:02:ab:f6:1c:11:dd:02:5f:55:8c:a6:54:
44:44:63:f3:05:52:02:29:1f:15:58:88:ed:31:ca:00:cf:e8:
11:35:f8:e9:e9:1c:5c:13:61:6e:6e:ae:73:55:52:63:c7:3e:
4b:43:65:b1:ed:0c:82:0a:84:37:5f:ab:25:2e:e3:43:1c:70:
0e:df:3b:1e:e8:b2:8e:31:8a:b6:5b:0c:8a:cd:e7:75:fa:d3:
af:14:ea:05:39:4a:19:1c:1b:80:28:a2:f9:a1:e0:74:4b:3a:
02:06:b0:17
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIUKoXi0et3fYn9Lx1S8HBKP6PdZv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MjExMjU0MDNaFw0yNjA4MjAxMjU5MDNaMDMxMTAvBgNV
BAMTKEFBRDFDRjEyOUZENTJENkE1NUIyQjM3NTVDMjFERjA0NzUzMTI0MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVL689weOjwCcEJfn4I+j4qxqU
4Im+NK6qI3lNV2c4mGyG9+I0z6ut7LdKrTTzQnD7AcakIFKIWXyWtXOCJAWdeg1Q
YSZCx86hlJYtObo9MjTL6QWF/L5GAOoex3vkig6IZcK0/yUN6UpATWnhlMlm6JLJ
HH1kQHhY6bBnwM9EB3Pd5AFJcIvEpucjzWEHd3FxV/Y9164hjTVIf/9Rh84RiTX2
QaRm/W5bhqlekh0qxYlLgdTiveQ6cg5+B67EwEolkjslLcpczIZY36sv225tNXRu
AjKkoFDVn3e/1KxGcP/7lJPXLteXqTXuidKyWSnaBcMcO9Wps+lAvdgEGGQXAgMB
AAGjggJ0MIICcDAdBgNVHQ4EFgQUqtHPEp/VLWpVsrN1XCHfBHUxJBAwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYkGCCsGAQUFBwEHAQH/BHoweDB2BAIAATBwAwQABYVl
AwQAHyjFAwQAHyjHAwQAHyjNAwQAHyjPAwQBJd1MAwQAJd1PAwQAVetIAwQAVetK
AwQAXPk/MAwDBAewYIADBACwYIIDBAC55+EDBADBb08wDAMEANRXxQMEA9RXwAME
AdkS0AMEANkS0zANBgkqhkiG9w0BAQsFAAOCAQEAbVAKHoa0YYPk4ni50N9sxw1F
BFocHOgZKFuA7LsNMQFrDL/G1ojbHf2sLkbcKsixOarboPOxP4CpPNldXM85+e4w
SyXuj1G86aqbO0MQSnvXHd4fOfJORErrZdVL/YKe/vzgRfk1S/7Xvq3Z06sVYamd
v3j4EjcIMDh6PY5DghlCFdOtBMqUDvIQZH+DXiT/vJPy0+yfAqv2HBHdAl9VjKZU
RERj8wVSAikfFViI7THKAM/oETX46ekcXBNhbm6uc1VSY8c+S0Nlse0MggqEN1+r
JS7jQxxwDt87HuiyjjGKtlsMis3ndfrTrxTqBTlKGRwbgCii+aHgdEs6AgawFw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:52:19 2025 by rpki-client